TY - GEN
T1 - Decentralized dynamic broadcast encryption
AU - Phan, Duong Hieu
AU - Pointcheval, David
AU - Strefler, Mario
PY - 2012/10/1
Y1 - 2012/10/1
N2 - A broadcast encryption system generally involves three kinds of entities: the group manager that deals with the membership, the encryptor that encrypts the data to the registered users according to a specific policy (the target set), and the users that decrypt the data if they are authorized by the policy. Public-key broadcast encryption can be seen as removing this special role of encryptor, by allowing anybody to send encrypted data. In this paper, we go a step further in the decentralization process, by removing the group manager: the initial setup of the group, as well as the addition of further members to the system, do not require any central authority. Our construction makes black-box use of well-known primitives and can be considered as an extension to the subset-cover framework. It allows for efficient concrete instantiations, with parameter sizes that match those of the subset-cover constructions, while at the same time achieving the highest security level in the standard model under the DDH assumption.
AB - A broadcast encryption system generally involves three kinds of entities: the group manager that deals with the membership, the encryptor that encrypts the data to the registered users according to a specific policy (the target set), and the users that decrypt the data if they are authorized by the policy. Public-key broadcast encryption can be seen as removing this special role of encryptor, by allowing anybody to send encrypted data. In this paper, we go a step further in the decentralization process, by removing the group manager: the initial setup of the group, as well as the addition of further members to the system, do not require any central authority. Our construction makes black-box use of well-known primitives and can be considered as an extension to the subset-cover framework. It allows for efficient concrete instantiations, with parameter sizes that match those of the subset-cover constructions, while at the same time achieving the highest security level in the standard model under the DDH assumption.
U2 - 10.1007/978-3-642-32928-9_10
DO - 10.1007/978-3-642-32928-9_10
M3 - Conference contribution
AN - SCOPUS:84866654025
SN - 9783642329272
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 166
EP - 183
BT - Security and Cryptography for Networks - 8th International Conference, SCN 2012, Proceedings
T2 - 8th International Conference on Security and Cryptography for Networks, SCN 2012
Y2 - 5 September 2012 through 7 September 2012
ER -