Privacy-preserving multireceiver ID-based encryption with provable security

Multireceiver identity (ID) based encryption and ID-based broadcast encryption allow a sender to use the public identities of multiple receivers to encrypt messages so that only the selected receivers or a privileged set of users can decrypt the messages. It can be used for many practical applications such as digital content distribution, pay-per-view and multicast communication. For protecting the privacy of receivers or providing receiver anonymity, several privacy-preserving (or anonymous) multireceiver ID-based encryption and ID-based broadcast encryption schemes were recently proposed, in which receiver anonymity means that nobody (including any selected receiver), except the sender, knows who the other selected receivers are. However, security incompleteness or flaws were found in these schemes. In this paper, we propose a new privacy-preserving multireceiver ID-based encryption scheme with provable security. We formally prove that the proposed scheme is semantically secure for confidentiality and receiver anonymity. Compared with the previously proposed anonymous multireceiver ID-based encryption and ID-based broadcast encryption schemes, the proposed scheme has better performance and robust security. Copyright © 2012 John Wiley & Sons, Ltd.