Liqing Chen,Jiguo Li,Yang Lu,Yichen Zhang

DOI: https://doi.org/10.1016/j.ins.2020.05.092

IF: 8.1

2020-10-01

Information Sciences

Abstract:<p>The existing public key broadcast encryption schemes are mainly constructed in identity-based cryptosystem, which bears the inherent problems of key escrow and key distribution. The certificate-based encryption mechanism can effectively address the problems in identity-based cryptosystem. Meanwhile, it simplifies the certificate revocation issue for traditional public key cryptosystem. Inspired by the idea of certificate-based encryption, we put forward the new primitive certificate-based broadcast encryption as well as its formal definition and security model. In virtue of prime order bilinear groups, we present an instantiation scheme of certificate-based broadcast encryption. To our best knowledge, the proposed scheme is the first adaptively secure scheme for certificate-based broadcast encryption in the standard model against chosen-ciphertext attack. Compared with the previous work, our scheme has advantages in the respects of computation cost as well as security properties. Furthermore, we present an application scenario of the proposed scheme for data access control in cloud storage service.</p>

computer science, information systems

Jianchang Lai,Yi Mu,Fuchun Guo,Rongmao Chen

DOI: https://doi.org/10.1093/comjnl/bxx060

2017-06-07

The Computer Journal

Abstract:A revocable ID-based broadcast encryption scheme allows an authorized third party to revoke any receiver (decryptor) from the initial receiver set S of the original broadcast ciphertext without the need of decryption. However, the existing revocable ID-based broadcast encryption schemes in the literature cannot fully preserve the receiver privacy and have a large size of ciphertext when the revoked user sets are large. To solve these problems, in this paper, we propose a novel scheme: fully privacy-preserving ID-based broadcast encryption with authorization. Our scheme allows an authorized party to dynamically handle the decryption rights of receivers via an authorized user set L without knowing the message and the identities of the initial receivers. Only those users who are both in S and L can decrypt the ciphertext successfully. The final ciphertext reveals nothing about the identity information of receivers and the authorized users. Our scheme achieves full collusion resistance and is applicable to anonymous data sharing where the receivers are decided by the authorized third party (or multiple authorized third parties) excluding the data owner. We show that our proposed scheme is provably secure under the defined security models in the random oracle model.

Yanli Ren,Zhihua Niu,Xinpeng Zhang

2014-01-01

Abstract:In a broadcast encryption (BE) scheme, a broadcaster can encrypt a message for a set S of users who are listening to a broadcast channel. Most identity-based broadcast encryption (IBBE) schemes are not anonymous, which means the attacker can obtain the identities of all receivers from the ciphertext. Currently, anonymous IBBE schemes are only provably secure in the random oracle model. In this paper, we propose a fully anonymous IBBE scheme based on asymmetric bilinear groups, which is adaptive-ID secure without random oracles. Any attacker cannot get the identities of the receivers from the ciphertext, and each receiver is anonymous for any other receiver, and only the broadcaster knows the identities of all receivers. The scheme can simultaneously realize semantic security and recipient anonymity.

Yao Zhang,Zhiming Zheng,Pawel Szalachowski,Qi Wang

DOI: https://doi.org/10.1002/sec.1570

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:The Internet keeps flourishing and enables unexpected possibilities to all aspects of individuals' life. Such distributed networking systems as wireless sensor networks and Internet of things are widely deployed. Yet, in the meantime secure group communication remains a challenging task in these environments. To address this challenge, this paper aims at lightweight group key establishment with strong security properties. We propose a broadcast encryption scheme based on one-way function trees and specify a dual-evolving approach for dynamic group-membership update. Then we complement the scheme by a content-protection protocol and further optimize the protocol in terms of communication efficiency. As with our analysis, our scheme can successfully prevent a key leakage attack, namely, collusion attack. Through our comprehensive evaluations, we confirm the effectiveness and the adequacy of our solution in distributed networking systems. Copyright © 2016 John Wiley & Sons, Ltd.

Zhengjun Cao,Lihua Liu

DOI: https://doi.org/10.48550/arXiv.1408.6610

2014-08-28

Abstract:The primitive of private broadcast encryption introduced by Barth, Boneh and Waters, is used to encrypt a message to several recipients while hiding the identities of the recipients. In their construction, a recipient has to first decrypt the received ciphertext to extract the verification key for one-time signature. He then uses the verification key to check whether the ciphertext is malformed. The authors did not consider that information delivered over a channel, especially over a broadcast channel, should be authenticated as to its origin. We remark that the conventional public key signature suffices to authenticate data origin and filter out all malformed ciphertexts. We also discuss the disadvantages of the primitive of one-time signature used in their construction.

Cryptography and Security

Jian Wang,Quan Zhang,Chao-jing Tang

DOI: https://doi.org/10.1088/1009-1963/16/7/011

2006-04-28

Abstract:Broadcast encryption allows the sender to securely distribute his/her secret to a dynamically changing group of users over a broadcast channel. In this paper, we just consider a simple broadcast communication task in quantum scenario, which the central party broadcasts his secret to multi-receiver via quantum channel. We present three quantum broadcast communication schemes. The first scheme utilizes entanglement swapping and Greenberger-Horne-Zeilinger state to realize a task that the central party broadcasts his secret to a group of receivers who share a group key with him. In the second scheme, based on dense coding, the central party broadcasts the secret to multi-receiver who share each of their authentication key with him. The third scheme is a quantum broadcast communication scheme with quantum encryption, which the central party can broadcast the secret to any subset of the legal receivers.

Quantum Physics

Scott C. -H. Huang,Frances Yao,Minming Li,Weili Wu

DOI: https://doi.org/10.1016/j.tcs.2008.08.024

IF: 1.002

2008-01-01

Theoretical Computer Science

Abstract:This paper presents both the theoretical and practical aspects of secure group communication schemes. We pointed out that multiple revocation is a fundamentally time-consuming task in secure group communication, by establishing lower bounds for broadcast encryption and group key distribution schemes. We showed that they are O(n) for BE and O(n/m) for GKD respectively, where m is storage requirement and n is the number of users. Thus, they are clearly far more costly than the ideal log bound. In practice, we designed a new broadcast encryption scheme RBE that actually achieves these lower bounds. RBE is shown to outperform most efficient BE schemes in mass revocation. We discuss the influence of join as well as the feasibility of adding it in BE schemes by means of performing full updating or overprovisioning.

GUAN Guo-chen,XING Wei,LU Dong-ming

DOI: https://doi.org/10.3969/j.issn.1002-8692.2006.02.021

2006-01-01

Abstract:In order to make StreamMedia system to be secure and Real-time, technique of DCT encryption and reliable key distribution is used, also some especial work is done in such aspects as thread creation, memory allocation and procedure′s running mode and sequence.

Hao Wang,Zhihua Zheng,Yilei Wang

DOI: https://doi.org/10.1109/INCoS.2013.61

2013-01-01

Abstract:In this paper, we consider the privacy-preserving problem in the context of broadcast encryption. We provide a security definition for privacy-preserving broadcast encryption, and construct a new scheme. To achieve privacy-preserving, we blind the cipher texts using the random factors. Moreover, we use a pair of orthonormal bases to construct secret key and cipher texts for proper decryption. Our privacy-preserving broadcast encryption scheme can be proven in the adaptive model without random oracle. The key technique used to obtain our result is an elaborate combination of the dual system encryption proposed by Waters and a new approach on bilinear pairings using the notion of dual pairing vector spaces (DPVS) proposed by Okamoto and Takasima.

Chun Yuan,Hongyang Gao,Wenshuo Zhou

DOI: https://doi.org/10.1109/wicom.2011.6040166

2011-01-01

Abstract:Due to wireless ad hoc networks' properties of low bandwidth, high delay, high loss rate, and mobility, the implementation of broadcast encryption over wireless ad hoc networks has been a tough problem. This paper describes a lightweight identity-based broadcast encryption scheme including traitor tracing function, which achieves constant size ciphertexts, constant size private keys, and constant size public key. When adding new users, system doesn't have to change previous setups. In addition, by adjusting symmetric key life cycle, system can make tradeoff between security level and efficiency.

SHAO Bing,LU Dong-ming

2000-01-01

Abstract:Data encryption is one of the key techniques for information security. In the beginning of this paper, the present encryption methods are analyzed. Next, we design one practical system which can transmits data in the Internet and has the capacity of digital signature and authentication. Finally, some technical issues encountered in the system implementation are discussed

Zhaoman Liu,Yanbo Chen,Jianting Ning,Yunlei Zhao

DOI: https://doi.org/10.1016/j.tcs.2024.114464

IF: 1.002

2024-01-01

Theoretical Computer Science

Abstract:In the multicast communication scenario, compared with broadcast encryption, broadcast signcryption or multi-receiver signcryption has additional ability to authenticate the source of the message. With the enhanced awareness of privacy preservation, ordinary users pay more attention to the identity leakage in the communication process. The primitive of anonymous broadcast signcryption has been proposed to solve this problem, which provides additional anonymity compared with the existing broadcast signcryption. However, most anonymous broadcast signcryption schemes only ensure the sender's identity concealment but ignore the anonymity of the receiver set. In this paper, we present a fully anonymous identity-based broadcast signcryption scheme, which meets insider unforgeability, outsider confidentiality, identity concealment of sender and full anonymity of the receiver set. In addition, our scheme has two further desirable characteristics. One is public verifiability which means any third party can verify the validity of the message source without knowing the private key provided by the receiver. The other is statelessness which means the user does not need to update the private key due to the join or revocation of other users. Moreover, our scheme has constant-size public parameters and private key as well as constant decryption complexity, which makes the scheme more suitable for deployment in devices with limited storage or low computing power such as IoT devices.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.1007/978-3-642-34129-8_47

2012-01-01

Abstract:A dynamic broadcast encryption (DBE) is a broadcast encryption (BE) scheme where a new user can join the system anytime without modifying preexisting user decryption keys. In this paper, we propose a non-interactive dynamic identity-based broadcast encryption (DIBBE) scheme that is fully secure without random oracles. The PKG does not need to execute any interactive operation with the user during the lifetime of the system. The ciphertext is of constant size, and the public key size is linear in the maximal number of receivers for one encryption. This is the first non-interactive DIBBE scheme which is fully secure without random oracles, and it is collusion resistant for arbitrarily large collusion of users.

HM Sun,SP Shieh

DOI: https://doi.org/10.1016/s0140-3664(97)00187-4

IF: 5.047

1999-01-01

Computer Communications

Abstract:It is common that users or hosts in a large network are partitioned and organized as a hierarchical tree where children of the same parent form a group. Secure broadcasting intends to provide a secure communication channel from a sending principal to a group of legal receiving principals. Only legal receiving principals can decrypt the message, and illegal receiving principals cannot acquire any information from the broadcasted message. In this paper, we propose a secure broadcasting protocol in which only one packet is transmitted for every broadcast, and the size of the broadcasted packet is small.

Shuanggen Liu,Hailun Pan,Xu An Wang,Siyi Zhao,Qing Li

DOI: https://doi.org/10.1016/j.sysarc.2024.103100

IF: 5.836

2024-03-08

Journal of Systems Architecture

Abstract:Medical data sharing is essential for the advancement of medical research, but the existence of malicious encryptors and malicious users poses a major challenge to the seamless sharing of information among healthcare providers. We proposed a traceable and revocable broadcast encryption scheme for preventing malicious encryptors in the Medical Internet of Things (MIoT). In 2023, Wang et al. first proposed the concept of malicious encryptor for broadcast encryption and trator tracing, and they constructed a scheme for preventing this attack. The malicious encryptor is reasonable in real broadcast encryption systems because the encryptor is not always the same as the digital content provider. When digital content providers for medical institutions want to share sensitive medical data, the employees may implement encryption. Then the employees may plant some trapdoors and sell to the black market, which can be used to construct pirated boxes. To resist malicious encryptor attacks, we rely on the uniform distribution of the output of the secure cryptographic hash function to generate the randomness needed for encryption. To prevent malicious users from selling their private keys to attackers, we set up public tracing and revocation mechanisms. Meanwhile, we enable digital content providers to share common encrypted data to different groups of authorized users protected by privacy, while also sharing individual data to designated consumers of those groups. Under the decision q -parallel BDHE assumption without random oracles, our construction is demonstrated to be adaptive IND-CPA secure. Since we have a compact communication bandwidth, a constant user secret key size, and only three bilinear operations are needed for decryption to recover the encrypted broadcast message, our scheme does not add much overhead and is therefore practical.

computer science, software engineering, hardware & architecture

Zhanguo Li

2006-01-01

Abstract:This paper gives a new scheme based on broadcast keys in the network.The protocol structure uses TA(Trusted Authority) as a key distribution center,and users get the keys from TA.Every user is able to decrypt the information in the network through his known keys.Considering the security of the communication we use a simple and efficient method to authenticate the senders and receivers.

Jingjin Wu,Guoqiang Long,Canhua Wang,Jianhua Wu

DOI: https://doi.org/10.1088/1402-4896/ad195b

2023-12-28

Physica Scripta

Abstract:Abstract Recent advances in cellular mobile telecommunication field have dramatically facilitated the multi-party collaborative work in social networks. However, the privacy issues exposed by insecure network channels and semi-trusted service providers, such as underlying data analysis and mining, have also gradually aroused public concerns. In this context, a novel Multi-Party Privacy Data Encryption (MP-PDE) scheme built upon the deep learning framework is proposed. In this scheme, a four-dimensional autonomous chaotic system is initially leveraged to configurate the key-controlled cipher streams. Under the guidance of a multi-objective optimization function, the proposed encryption network manipulates the multi party private data into a cipher image with the statistical pseudo-randomness. At the recipient side, distinct participants can decrypt the matching data availing their own licensing key from the identical cipher image. Furthermore, the encryption and decryption networks are equivalent except for their network parameters. Finally, numerous experiments are conducted to verify the effectiveness and security of the proposed scheme.&#xD;

physics, multidisciplinary

Qingyang Zhang,Jie Cui,Hong Zhong,Lu Liu

DOI: https://doi.org/10.1145/3529510

2022-04-19

ACM Transactions on Sensor Networks

Abstract:With the development of IoT, more and more data is offloaded from the cloud to the edge for computing, eventually forming a collaborative computing model at the edge. However, in this model, the problem of secure data transmission has not been solved. In this model, data is transmitted and forwarded in multiple messaging systems, and existing security schemes cannot achieve end-to-end security in a multi-hop, broadcast transmission model. Therefore, in this paper, we propose a new security scheme based on proxy re-encryption and broadcast encryption techniques. Moreover, the performance and security of the scheme are further enhanced by using online-offline techniques and a trusted execution environment when integrating the scheme with edge collaboration. Finally, this paper proves the security of the scheme in theory, compares the functionality of the scheme, analyzes the theoretical performance of the scheme, and finally measures the actual performance of the scheme in the edge collaboration system.

computer science, information systems,telecommunications

Lie Liu,Chun Yuan

DOI: https://doi.org/10.1007/978-3-642-10467-1_39

2009-01-01

Abstract:As P2P technique is broadly used for content distribution today, copyright infringement becomes a big problem. Thus we propose a DRM scheme over P2P network by establishing an access control mechanism for shared digital content. Compared with the traditional PKI, broadcast encryption is considered as more suitable for constructing P2P DRM system. But the existence of a central license server would not only cause single point of failure but also bring bottleneck problem. In this paper, we describe a basic implementation of broadcast encryption-based P2P DRM system first. Then we present a general scheme with focus on how to decentralize the license agency to reserve the flexibility of P2P network. At last we analyze its security, evaluate its efficiency and point out a tradeoff between the two system parameters.

Erica Blum,Elette Boyle,Ran Cohen,Chen-Da Liu-Zhang

DOI: https://doi.org/10.48550/arXiv.2309.01466

2023-09-04

Abstract:Broadcast protocols enable a set of $n$ parties to agree on the input of a designated sender, even facing attacks by malicious parties. In the honest-majority setting, randomization and cryptography were harnessed to achieve low-communication broadcast with sub-quadratic total communication and balanced sub-linear cost per party. However, comparatively little is known in the dishonest-majority setting. Here, the most communication-efficient constructions are based on Dolev and Strong (SICOMP '83), and sub-quadratic broadcast has not been achieved. On the other hand, the only nontrivial $\omega(n)$ communication lower bounds are restricted to deterministic protocols, or against strong adaptive adversaries that can perform "after the fact" removal of messages. We provide new communication lower bounds in this space, which hold against arbitrary cryptography and setup assumptions, as well as a simple protocol showing near tightness of our first bound. 1) We demonstrate a tradeoff between resiliency and communication for protocols secure against $n-o(n)$ static corruptions. For example, $\Omega(n\cdot {\sf polylog}(n))$ messages are needed when the number of honest parties is $n/{\sf polylog}(n)$; $\Omega(n\sqrt{n})$ messages are needed for $O(\sqrt{n})$ honest parties; and $\Omega(n^2)$ messages are needed for $O(1)$ honest parties. Complementarily, we demonstrate broadcast with $O(n\cdot{\sf polylog}(n))$ total communication facing any constant fraction of static corruptions. 2) Our second bound considers $n/2 + k$ corruptions and a weakly adaptive adversary that cannot remove messages "after the fact." We show that any broadcast protocol within this setting can be attacked to force an arbitrary party to send messages to $k$ other parties. This rules out, for example, broadcast facing 51% corruptions in which all non-sender parties have sublinear communication locality.

Cryptography and Security,Distributed, Parallel, and Cluster Computing