Randomness Re-use in Broadcast Encryption
نویسندگان
چکیده
Broadcast encryption provides an efficient way to encrypt a message for a large number of receivers. This paper investigates whether it is possible to further improve efficiency of an existing state-of-the-art broadcast encryption scheme by re-using a subset of the random choices among different encryptions, without compromising the security of the original scheme. We introduce two schemes: the first allows a transmitter to efficiently encrypt several messages to a set of users; the second scheme extends the first by allowing the transmitter to efficiently send independent messages to different groups at once. We illustrate two scenarios where our schemes provide significant advantages compared to existing solutions.
منابع مشابه
Anonymous Broadcast Encryption: Adaptive Security and Efficient Constructions in the Standard Model
In this paper we consider anonymity in the context of Broadcast Encryption (BE). This issue has received very little attention so far and all but one of the currently available BE schemes fail to provide anonymity. Yet, we argue that it is intrinsically desirable to provide anonymity in standard applications of BE and that it can be achieved at a moderate cost. We provide a security definition ...
متن کاملMulti-Recipient Encryption Schemes: Security Notions and Randomness Re-Use
This paper begins by refining Kurosawa’s [Ku] definitions of security for multi-recipient encryption schemes (MRESs). It then considers a subclass of MRESs, that are formed by transforming standard encryption schemes via a natural technique called randomness re-use, and that offer important performance benefits. The main result is a way to avoid ad-hoc analyses of such schemes: we provide a gen...
متن کاملDesign and formal verification of DZMBE+
In this paper, a new broadcast encryption scheme is presented based on threshold secret sharing and secure multiparty computation. This scheme is maintained to be dynamic in that a broadcaster can broadcast a message to any of the dynamic groups of users in the system and it is also fair in the sense that no cheater is able to gain an unfair advantage over other users. Another important feature...
متن کاملRandomness Re-use in Multi-recipient Encryption Schemeas
Kurosawa showed how one could design multi-receiver encryption schemes achieving savings in bandwidth and computation relative to the naive methods. We broaden the investigation. We identify new types of attacks possible in multi-recipient settings, which were overlooked by the previously suggested models, and specify an appropriate model to incorporate these types of attacks. We then identify ...
متن کاملMulti-Recipient Encryption Schemes: Efficient Constructions and their Security
This paper proposes several new schemes which allow a sender to send encrypted messages to multiple recipients more efficiently (in terms of bandwidth and computation) than by using a standard encryption scheme. Most of the proposed schemes explore a new natural technique called randomness re-use. In order to analyze security of our constructions we introduce a new notion of multi-recipient enc...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011