Paper 2022/256

Multi-Designated Receiver Signed Public Key Encryption

Ueli Maurer, Christopher Portmann, and Guilherme Rito


This paper introduces a new type of public-key encryption scheme, called Multi-Designated Receiver Signed Public Key Encryption (MDRS-PKE), which allows a sender to select a set of designated receivers and both encrypt and sign a message that only these receivers will be able to read and authenticate (confidentiality and authenticity). An MDRS-PKE scheme provides several additional security properties which allow for a fundamentally new type of communication not considered before. Namely, it satisfies consistency---a dishonest sender cannot make different receivers receive different messages---off-the-record---a dishonest receiver cannot convince a third party of what message was sent (e.g., by selling their secret key), because dishonest receivers have the ability to forge signatures---and anonymity---parties that are not in the set of designated receivers cannot identify who the sender and designated receivers are. We give a construction of an MDRS-PKE scheme from standard assumptions. At the core of our construction lies yet another new type of public-key encryption scheme, which is of independent interest: Public Key Encryption for Broadcast (PKEBC) which provides all the security guarantees of MDRS-PKE schemes, except authenticity. We note that MDRS-PKE schemes give strictly more guarantees than Multi-Designated Verifier Signatures (MDVS) schemes with privacy of identities. This in particular means that our MDRS-PKE construction yields the first MDVS scheme with privacy of identities from standard assumptions. The only prior construction of such schemes was based on Verifiable Functional Encryption for general circuits (Damg\aa rd et al., TCC '20).

Available format(s)
Public-key cryptography
Publication info
A major revision of an IACR publication in EUROCRYPT 2022
ConsistencyOff-The-RecordEncryption SchemesDesignated ReceiverSignatures
Contact author(s)
guilherme teixeira rito @ gmail com
guilherme teixeira @ inf ethz ch
chportma @ gmail com
maurer @ inf ethz ch
2022-03-02: received
Short URL
Creative Commons Attribution


      author = {Ueli Maurer and Christopher Portmann and Guilherme Rito},
      title = {Multi-Designated Receiver Signed Public Key Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2022/256},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.