Paper 2023/874

Distributed Broadcast Encryption from Bilinear Groups

Dimitris Kolonelos, IMDEA Software Institute, Universidad Politécnica de Madrid
Giulio Malavolta, Max Planck Institute for Security and Privacy, Bocconi University
Hoeteck Wee, NTT Research, École Normale Supérieure - PSL
Abstract

Distributed broadcast encryption (DBE) improves on the traditional notion of broadcast encryption by eliminating the key-escrow problem: In a DBE system, users generate their own secret keys non- interactively without the help of a trusted party. Then anyone can broadcast a message for a subset S of the users, in such a way that the resulting ciphertext size is sublinear in (and, ideally, independent of) |S|. Unfortunately, the only known constructions of DBE requires heavy cryptographic machinery, such as general-purpose indistinguishability obfuscation, or come without a security proof. In this work, we formally show that obfuscation is not necessary for DBE, and we present two practical DBE schemes from standard assumptions in prime-order bilinear groups. Our constructions are conceptually simple, satisfy the strong notion of adaptive security, and are concretely efficient. In fact, their performance, in terms of number of group elements and efficiency of the algorithms, is comparable with that of traditional (non distributed) broadcast encryption schemes from bilinear groups.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
A minor revision of an IACR publication in ASIACRYPT 2023
Keywords
Pairing-based CryptographyBroadcast EncryptionKey-Escrow
Contact author(s)
dimitris kolonelos @ imdea org
giulio malavolta @ hotmail it
wee @ di ens fr
History
2023-09-19: last of 2 revisions
2023-06-08: received
See all versions
Short URL
https://ia.cr/2023/874
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/874,
      author = {Dimitris Kolonelos and Giulio Malavolta and Hoeteck Wee},
      title = {Distributed Broadcast Encryption from Bilinear Groups},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/874},
      year = {2023},
      url = {https://eprint.iacr.org/2023/874}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.