An Efficient Identity-Based Broadcast Encryption Scheme Based on SM9

被引：0

作者：

Lai J.-C. ^{[1
]}

Huang X.-Y. ^{[1
]}

He D.-B. ^{[2
]}

机构：

[1] Fujian Provincial Key Lab of Network Security and Cryptology, Center for Applied Mathematics of Fujian Province, College of Mathematics and Informatics, Fujian Normal University, Fuzhou

[2] Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan

来源：

Jisuanji Xuebao/Chinese Journal of Computers | 2021年 / 44卷 / 05期

基金：

中国国家自然科学基金;

关键词：

Broadcast encryption; Constant-size ciphertexts; CPA security; Identity-based cryptosystem; SM9;

D O I：

10.11897/SP.J.1016.2021.00897

中图分类号：

学科分类号：

摘要：

Broadcast encryption allows a data sender to encrypt data to a group of specified users via a public channel. Only those authorized users can decrypt the ciphertext. Unauthorized users learn nothing about the encrypted data even they collude. Broadcast encryption has been widely used in real-world applications for multi-user data sharing or secret sharing due to its merits, such as cloud computing and Internet of things. While the SM9 identity-based encryption algorithm designed by China is a Chinese encryption standard for protecting data privacy. Nevertheless, SM9 encryption algorithm is designed for the scenarios where the receiver is one only. In this paper, we fuse SM9 identity-based encryption algorithm and broadcast encryption, and propose the first identity-based broadcast encryption (IBBE) scheme based on SM9 under pairings. The construction idea is derived from Delerablée's IBBE scheme (Asiacrypt 2007). The proposed scheme features constant-size ciphertexts and private keys, which is independent of the number of receivers. More precisely, the ciphertext consists of three elements and user private key has one group element only. Compared to SM9 identity-based encryption algorithm, the ciphertext contains one additional group element. We give the definition of IBBE and corresponding security models, and formally analyze the security of the proposed scheme. The proposed scheme has been proved to be IND-sID-CPA secure in the random oracle model under a q-type GDDHE assumption. The theoretical analysis and demonstration show that the proposed scheme is comparable to the existing optimal IBBE schemes in terms of computational overheads and communication overheads. © 2021, Science Press. All right reserved.

引用

页码：897 / 907

页数：10

共 34 条

[1] Shamir A., Identity-based cryptosystems and signature schemes, Proceedings of the 4th Annual International Cryptology Conference(CRYPTO 1984), pp. 47-53, (1985)
[2] Boneh D, Franklin M K., Identity-based encryption from the Weil pairing, Proceedings of the 21st Annual International Cryptology Conference(CRYPTO 2001), pp. 213-229, (2001)
[3] Hofheinz D, Dingding Jia, Jiaxin Pan, Identity-based encryption tightly secure under chosen-ciphertext attacks, Proceedings of the 24th International Conference on the Theory and Application of Cryptology and Information Security(ASIACRYPT 2018), pp. 190-220, (2018)
[4] Tseng Yuh-Min, Tsai Tung-Tso, Huang Sen-Shan, Huang Chung-Peng, Identity-based encryption with cloud revocation authority and its applications, IEEE Transactions on Cloud Computing, 6, 4, pp. 1041-1053, (2018)
[5] Nishimaki R, Yamakawa T., Leakage-resilient identity-based encryption in bounded retrieval model with nearly optimal leakage-ratio, Proceedings of the 22nd IACR International Conference on Practice and Theory of Public-Key Cryptography(PKC 2019), pp. 466-495, (2019)
[6] Delerablee C., Identity-based broadcast encryption with constant size ciphertexts and private keys, Proceedings of the 13th International Conference on the Theory and Application of Cryptology and Information Security(ASIACRYPT 2007), pp. 200-215, (2007)
[7] Sakai R, Furukawa J., Identity-based broadcast encryption, IACR Cryptology ePrint Archive, (2007)
[8] Kim J, Susilo W, Au M H, Seberry J., Adaptively secure identity-based broadcast encryption with a constant-sized ciphertext, IEEE Transactions on Information Forensics and Security, 10, 3, pp. 679-693, (2015)
[9] Kai He, Jian Weng, Jia-Nan Liu, Et al., Anonymous identity-based broadcast encryption with chosen-ciphertext security, Proceedings of the 11th Asia Conference on Computer and Communications Security(AsiaCCS 2016), pp. 247-255, (2016)
[10] Aijun Ge, Puwen Wei, Identity-based broadcast encryption with efficient revocation, Proceedings of the 22nd International Conference on Practice and Theory of Public Key Cryptography(PKC 2019), pp. 405-435, (2019)

← 1 2 3 4 →