Security Notions for Broadcast Encryption
نویسندگان
چکیده
This paper clarifies the relationships between security notions for broadcast encryption. In the past, each new scheme came with its own definition of security, which makes them hard to compare. We thus define a set of notions, as done for signature and encryption, for which we prove implications and separations, and relate the existing notions to the ones in our framework. We find some interesting relationships between the various notions, especially in the way they define the receiver set of the challenge message. In addition, we define a security notion that is stronger than all previous ones, and give an example of a scheme that fulfills this notion.
منابع مشابه
Design and formal verification of DZMBE+
In this paper, a new broadcast encryption scheme is presented based on threshold secret sharing and secure multiparty computation. This scheme is maintained to be dynamic in that a broadcaster can broadcast a message to any of the dynamic groups of users in the system and it is also fair in the sense that no cheater is able to gain an unfair advantage over other users. Another important feature...
متن کاملLower Bounds for Private Broadcast Encryption
Broadcast encryption is a type of encryption where the sender can choose a subset from a set of designated receivers on the fly and enable them to decrypt a ciphertext while simultaneously preventing any other party from doing so. The notion of private broadcast encryption extends the primitive to a setting where one wishes to thwart an attacker that additionally attempts to extract information...
متن کاملUnderstanding Channel Security for Groups
Secure messaging systems such as TextSecure and Signal aim, among others, at providing authenticated and confidential channels between two or more communicating users. The general understanding seems to be that providing security in the sense of authenticated encryption (AE) for every point-to-point link suffices to make the constructed messaging systems secure, i.e., authentic and confidential...
متن کاملGeneralized Key Delegation for Hierarchical Identity-Based Encryption
In this paper, we introduce a new primitive called identity-based encryption with wildcard key derivation (WKD-IBE, or “wicked IBE”) that enhances the concept of hierarchical identity-based encryption (HIBE) by allowing more general key delegation patterns. A secret key is derived for a vector of identity strings, where entries can be left blank using a wildcard. This key can then be used to de...
متن کاملAnonymity and Time in Public-Key Encryption
In a world that is increasingly relying on digital technologies, the ability to securely communicate and distribute information is of crucial importance. Cryptography plays a key role in this context and the research presented in this thesis focuses on developing cryptographic primitives whose properties address more closely the needs of users. We start by considering the notion of robustness i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011