TY - GEN
T1 - An Anonymous Trace-and-Revoke Broadcast Encryption Scheme
AU - Blazy, Olivier
AU - Mukherjee, Sayantan
AU - Nguyen, Huyen
AU - Phan, Duong Hieu
AU - Stehlé, Damien
N1 - Publisher Copyright:
© 2021, Springer Nature Switzerland AG.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - Broadcast Encryption is a fundamental cryptographic primitive, that gives the ability to send a secure message to any chosen target set among registered users. In this work, we investigate broadcast encryption with anonymous revocation, in which ciphertexts do not reveal any information on which users have been revoked. We provide a scheme whose ciphertext size grows linearly with the number of revoked users. Moreover, our system also achieves traceability in the black-box confirmation model. Technically, our contribution is threefold. First, we develop a generic transformation of linear functional encryption toward trace-and-revoke systems. It is inspired from the transformation by Agrawal et al. (CCS’17) with the novelty of achieving anonymity. Our second contribution is to instantiate the underlying linear functional encryptions from standard assumptions. We propose a DDH -based construction which does no longer require discrete logarithm evaluation during the decryption and thus significantly improves the performance compared to the DDH -based construction of Agrawal et al. In the LWE-based setting, we tried to instantiate our construction by relying on the scheme from Wang et al. (PKC’19) but finally found an attack to this scheme. Our third contribution is to extend the 1-bit encryption from the generic transformation to n-bit encryption. By introducing matrix multiplication functional encryption, which essentially performs a fixed number of parallel calls on functional encryptions with the same randomness, we can prove the security of the final scheme with a tight reduction that does not depend on n, in contrast to employing the hybrid argument.
AB - Broadcast Encryption is a fundamental cryptographic primitive, that gives the ability to send a secure message to any chosen target set among registered users. In this work, we investigate broadcast encryption with anonymous revocation, in which ciphertexts do not reveal any information on which users have been revoked. We provide a scheme whose ciphertext size grows linearly with the number of revoked users. Moreover, our system also achieves traceability in the black-box confirmation model. Technically, our contribution is threefold. First, we develop a generic transformation of linear functional encryption toward trace-and-revoke systems. It is inspired from the transformation by Agrawal et al. (CCS’17) with the novelty of achieving anonymity. Our second contribution is to instantiate the underlying linear functional encryptions from standard assumptions. We propose a DDH -based construction which does no longer require discrete logarithm evaluation during the decryption and thus significantly improves the performance compared to the DDH -based construction of Agrawal et al. In the LWE-based setting, we tried to instantiate our construction by relying on the scheme from Wang et al. (PKC’19) but finally found an attack to this scheme. Our third contribution is to extend the 1-bit encryption from the generic transformation to n-bit encryption. By introducing matrix multiplication functional encryption, which essentially performs a fixed number of parallel calls on functional encryptions with the same randomness, we can prove the security of the final scheme with a tight reduction that does not depend on n, in contrast to employing the hybrid argument.
KW - Anonymity
KW - Functional encryption
KW - Trace and revoke
U2 - 10.1007/978-3-030-90567-5_11
DO - 10.1007/978-3-030-90567-5_11
M3 - Conference contribution
AN - SCOPUS:85120051269
SN - 9783030905668
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 214
EP - 233
BT - Information Security and Privacy - 26th Australasian Conference, ACISP 2021, Proceedings
A2 - Baek, Joonsang
A2 - Ruj, Sushmita
PB - Springer Science and Business Media Deutschland GmbH
T2 - 26th Australasian Conference on Information Security and Privacy, ACISP 2021
Y2 - 1 December 2021 through 3 December 2021
ER -