• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.11
• /
• pp.4680-4700
• /
• 2015

Broadcast encryption is an efficient way to distribute confidential information to a set of receivers using broadcast channel. It allows the broadcaster to dynamically choose the receiver set during each encryption. However, most broadcast encryption schemes in the literature haven't taken into consideration the receiver's privacy protection, and the scanty privacy preserving solutions are often less efficient, which are not suitable for practical scenarios. In this paper, we propose an efficient dynamic anonymous broadcast encryption scheme that has the shortest ciphertext length. The scheme is constructed over the composite order bilinear groups, and adopts the Lagrange interpolation polynomial to hide the receivers' identities, which yields efficient decryption algorithm. Security proofs show that, the proposed scheme is both secure and anonymous under the threat of adaptive adversaries in standard model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.3
• /
• pp.1523-1545
• /
• 2019

Cloud computing is now a widespread and economical option when data owners need to outsource or share their data. Designing secure and efficient data access control mechanism is one of the most challenging issues in cloud storage service. Anonymous broadcast encryption is a promising solution for its advantages in the respects of computation cost and communication overload. We bring forward an efficient anonymous identity-based broadcast encryption construction combined its application to the data access control mechanism in cloud storage service. The lengths for public parameters, user private key and ciphertext in the proposed scheme are all constant. Compared with the existing schemes, in terms of encrypting and decrypting computation cost, the construction of our scheme is more efficient. Furthermore, the proposed scheme is proved to achieve adaptive security against chosen-ciphertext attack adversaries in the standard model. Therefore, the proposed scheme is feasible for the system of data access control in cloud storage service.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.49-61
• /
• 2004

In broadcast encryption schemes, traceability is a useful property to trace authorized subscribers, called traitors, who collude for manufacturing a pirate decoder. Unfortunately, this is usually achieved with a sacrifice of a privacy. Most traitor tracing schemes in the literature have been developed without considering a subscriber's anonymity, which is one of important requirements for electronic marketplaces to offer similar privacy as current marketplace. It would be unsatisfactory for the subscriber to reveal his/her identity to purchase multimedia contents. In this paper we propose an anonymous broadcast encryption scheme, where a user can subscribe anonymously and one purchases multimedia contents without giving a lot of information about his lifestyle, habits, and etc, but anonymity control is provided, i.e., a data supplier can date traitors.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.6
• /
• pp.1231-1242
• /
• 2012

Traitor tracing schemes deter traitors from sharing their private keys by tracing at least one of the subscribers who were implicated in the construction of a pirate decoder. In general, it is assumed that the system manager in the scheme generates and distributes the subscribers' private key. But if the system manager knows the subscribers' private keys, he cannot convince a third party of a certain subscriber's piracy. To solve this problem, the system manager should not know the whole parts of subscribers' private keys and this leads to researches of asymmetric schemes. Moreover for the purpose of enhancing subscribers' privacy, there were two proposals of introducing anonymity onto asymmetric traitor tracing schemes, but one of them turned out to be a failure. In this paper, we point out that the other proposal also has flaws. We consider how to introduce anonymity to traitor tracing schemes, as a result, we suggest a new framework which is practical. We also construct a scheme by using an anonymous credential system and an asymmetric traitor tracing scheme. We prove the security of our scheme and consider the typical applications.