Paper 2022/1192

(Augmented) Broadcast Encryption from Identity Based Encryption with Wildcard

Anaïs Barthoulot, Orange (France), Université de Limoges, XLIM
Olivier Blazy, Computer Science Laboratory of the École Polytechnique
Sébastien Canard, Orange (France)

Several broadcast encryption (BE) constructions have been proposed since Fiat and Naor introduced the concept, some achieving short parameters size while others achieve better security. Since 1994, a lot of alternatives to BE have moreover been additionally proposed, such as the broadcast and trace (BT) primitive which is a combination of broadcast encryption and traitor tracing. Among the other variants of BE, the notion of augmented BE (AugBE), introduced by Boneh and Waters in 2006, corresponds to a BE scheme with the particularity that the encryption algorithm takes an index as an additional parameter. If an AugBE scheme is both message and index hiding, it has been proved that it can generically be used to construct a secure BT scheme. Hence, any new result related to the former gives an improvement to the latter. In this paper, we first show that both BE and AugBE can be obtained by using an identity-based encryption scheme with wildcard (WIBE). We also introduce the new notion of anonymous AugBE, where the used users set is hidden, and prove that it implies index hiding. We then provide two different WIBE constructions. The first one has constant size ciphertext and used to construct a new constant size ciphertext BE scheme with adaptive CPA security, in the standard model (under the $\SXDH{}$ assumption). The second WIBE provides pattern-hiding, a new definition we introduced, and serves as a basis for the first anonymous AugBE scheme (and subsequently a BT scheme since our scheme is also index hiding by nature) in the literature, with adaptive security in the standard model (under the $\XDLin{}$ assumption).

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. CANS 2022
Broadcast Encryption Identity Based Encryption with Wildcard Broadcast and Trace
Contact author(s)
anais barthoulot @ orange com
olivier blazy @ polytechnique edu
sebastien canard @ orange com
2022-09-12: approved
2022-09-09: received
See all versions
Short URL
No rights reserved


      author = {Anaïs Barthoulot and Olivier Blazy and Sébastien Canard},
      title = {(Augmented) Broadcast Encryption from Identity Based Encryption with Wildcard},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1192},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.