We propose a new and efficient scheme for broadcast encryption. A broadcast encryption system allows a broadcaster to send an encrypted message to a dynamically chosen subset RS, |RS| = n, of a given set of users, suc...
详细信息
ISBN:
(纸本)9780769550145;9781479902194
We propose a new and efficient scheme for broadcast encryption. A broadcast encryption system allows a broadcaster to send an encrypted message to a dynamically chosen subset RS, |RS| = n, of a given set of users, such that only users in this subset can decrypt the message. An important component of broadcast encryption schemes is revocation of users by the broadcaster, thereby updating the subset RS. Revocation may be either temporary, for a specific ciphertext, or permanent. We present the first public key broadcast encryption scheme with permanent revocation of users, unlike all previous public key schemes that support temporary revocation. Our approach is especially appealing in applications in which once a user is revoked that user should not be able to decrypt any subsequent messages. Our scheme is fully collusion-resistant. In other words, even if all the revoked users collude, the revoked user cannot encrypt messages without receiving new keys from the broadcaster. The overhead of revocation in our system is constant in all major performance measures including length of private and public keys, computational complexity, user's storage space, and computational complexity of encryption and decryption. The scheme we construct improves on our original scheme in a poster presentation [7] by a factor of O(log n) in all major performance measures.
暂无评论