Using Trapdoor Permutations in a Complete Subtree Method for Broadcast Encryption
نویسندگان
چکیده
The complete subtree (CS) method is widely accepted for the broadcast encryption. A new method for assigning keys in the CS method is proposed in this paper. The essential idea behind the proposed method is to use two trapdoor permutations. Using the trapdoor information, the key management center computes and assigns a key to each terminal so that the terminal can derive all information necessary in the CS method. A terminal has to keep just one key, while log2 N + 1 keys were needed in the original CS method where N is the number of all terminals. The permutations to be used need to satisfy a certain property which is similar to but slightly different from the claw-free property. The needed property, named strongly semi-claw-free property, is formalized in terms of probabilistic polynomial time algorithm, and its relation to the claw-free property is discussed. It is also shown that if the used permutations fulfill the strongly semi-claw-free property, then the proposed method is secure against attacks of malicious users. key words: key management, broadcast encryption, stateless receivers, trapdoor permutations, claw-free permutations
منابع مشابه
Secure, Efficient and Practical Key Management Scheme in the Complete-Subtree Method
The complete subtree (CS) method is one of the most well-known broadcast encryptions which do not enforce the receivers to keep “online.” This paper is to reduce the size of secret information which must be stored in a terminal of the method. In the original CS method, the size of the secret information increases as the number of terminals increases. It is shown in this paper that, by making us...
متن کاملOn Black-Box Constructions of Predicate Encryption from Trapdoor Permutations
Predicate encryption is a recent generalization of identitybased encryption (IBE), broadcast encryption, attribute-based encryption, and more. A natural question is whether there exist black-box constructions of predicate encryption based on generic building blocks, e.g., trapdoor permutations. Boneh et al. (FOCS 2008) recently gave a negative answer for the specific case of IBE. We show both n...
متن کاملSecure and Insecure Modifications of the Subset Difference Broadcast Encryption Scheme
In ACISP 2003, Hwang et al. proposed a broadcast encryption scheme, which is a modification of the Subset Difference (SD) method. In this paper we present how their scheme can be broached in a way a collusion of two receivers can obtain other receivers’ keys which are not given to any of the colluding receivers. We also propose a new method using trapdoor one-way permutations to reduce the stor...
متن کاملReducing Receiver's Storage in CS, SD and LSD Broadcast Encryption Schemes
SUMMARY This paper deals with broadcast encryption schemes, in which a sender can send information securely to a group of receivers excluding some receivers over a broadcast channel. In this paper we propose modifications of the Complete Subtree (CS), the Subset Difference (SD) and the Layered Subset Difference (LSD) methods based on the Master Key Tree (MKT). Our modifications eliminate log N ...
متن کاملOn the Security of Padding-Based Encryption Schemes - or - Why We Cannot Prove OAEP Secure in the Standard Model
We investigate the security of “padding-based” encryption schemes in the standard model . This class contains all public-key encryption schemes where the encryption algorithm first applies some invertible public transformation to the message (the “padding”), followed by a trapdoor permutation. In particular, this class contains OAEP and its variants. Our main result is a black-box impossibility...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEICE Transactions
دوره 88-A شماره
صفحات -
تاریخ انتشار 2005