Broadcast Encryption

@inproceedings{Naor1993BroadcastE,
  title={Broadcast Encryption},
  author={Dalit Naor},
  booktitle={Encyclopedia of Cryptography and Security},
  year={1993}
}
  • D. Naor
  • Published in
    Encyclopedia of Cryptography…
     22 August 1993
  • Computer Science
We introduce new theoretical measures for the qualitative and quantitative assessment of encryption schemes designed for broadcast transmissions. The goal is to allow a central broadcast site to broadcast secure transmissions to an arbitrary set of recipients while minimizing key management related transmissions. We present several schemes that allow a center to broadcast a secret to any subset of privileged users out of a universe of size n so that coalitions of k users not in the privileged… 
View via Publisher
link.springer.com
388 Citations
Highly Influential Citations
5
Background Citations
70
Methods Citations
24

388 Citations

Authenticated broadcast encryption with short ciphertexts and private keys

  • Wu DanfeiZ. Weimin
  • Computer Science
    2011 International Conference on Multimedia Technology
  • 2011
This paper proposed an authenticated broadcast encryption scheme, ensured both confidentiality and authenticity of the broadcasted message, and proved the existentially unforgeability and semantic security of the system by using the BDHE assumption without random oracle.

Recipient Revocable Broadcast Encryption Schemes Without Random Oracles

This paper proposes two new constructions for RRBE with constant number of pairing, linear exponentiation operations and analyze their security in the standard model with constant communication cost.

TREE STRUCTURES IN BROADCAST ENCRYPTION

This thesis describes some broadcast encryption schemes that have been proposed in the literature and focuses on stateless schemes which do not require receivers to update their decryption keys after the initial keys have been received; particularly the Subset Difference (SD) scheme.

Efficient Broadcast Encryption Scheme with Log-Key Storage

This paper presents a broadcast encryption scheme that has the most efficient transmission cost in the existing schemes with log-key storage and is comparable to other schemes that allow a large key storage.

RSA Accumulator Based Broadcast Encryption

This paper describes a technique for achieving full key derivability given any broadcast encryption scheme in the general subset-cover framework and derives a new lower bound that characterizes the tradeoffs inherent in broadcast encryption schemes which use the technique.

A Concise Bounded Anonymous Broadcast Yielding Combinatorial Trace-and-Revoke Schemes

This work is about constructing methods for simultaneously broadcasting multimedia data privately to a set of subscribers, and on various connections among important efficient variants of the general

Provable Secure Constructions for Broadcast Encryption with Personalized Messages

Three BEPM constructions have constant communication cost and proven to be secure in the standard security model under reasonable assumptions in generic group model and are fully collision resistant and flexible for adding and removing of users from the broadcast system.

Unconditionally Secure Conference Key Distribution: Security Notions, Bounds and Constructions

It is shown that under this new adversary model, the previously proposed one round protocol of Blundo et.

Corrupting One vs. Corrupting Many: The Case of Broadcast and Multicast Encryption

This work analyzes group key distribution protocols for broadcast and multicast scenarios that make blackbox use of symmetric encryption and a pseudorandom generator in deriving the group center's messages, and proves equivalence and separation are shown to hold in the computational world under mild syntactic conditions.

Adaptively secure identity-based broadcast encryption with constant size private keys and ciphertexts from the subgroups

...

References

SHOWING 1-10 OF 35 REFERENCES

New Hash Functions and Their Use in Authentication and Set Equality

Tracing traitors

This work gives cryptographic schemes that help trace the source of leaks when sensitive or proprietary data is made available to a large set of parties, in the context of pay television, where only paying customers should be able to view certain programs.

The implementation of guaranteed, reliable, secure broadcast networks

This paper depicts a conceptually simple and easy to implement protocol that provides reliable and secure broadcast/multicast communication, GRSB - Guaranteed, Reliable, Secure Broadcast, that can be implemented in many types of networks - local area networks, wide area networks as well as satellite communications.

How To Broadcast A Secret

A general method for secret broadcasting scheme based on "k out of n" secret sharing is proposed, and an example using polynomial interpolation is presented as well as a related vector formulation.

Secure Broadcasting Using the Secure Lock

The authors discuss secure broadcasting, effected by means of a secure lock, on broadcast channels, such as satellite, radio, etc. This lock is implemented by using the Chinese Remainder theorem

A method for obtaining digital signatures and public-key cryptosystems

An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key, soriers or other secure means are not needed to transmit keys.

Universal Classes of Hash Functions

Pseudo-random generators under uniform assumptions

  • J. Håstad
  • Mathematics, Computer Science
    STOC '90
  • 1990
The main result of this paper is to indeed prove that oneway functions in the uniform model imply uniformly secure generators.

A new threshold scheme and its application in designing the conference key distribution cryptosystem

On the generation of cryptographically strong pseudorandom sequences

  • A. Shamir
  • Computer Science, Mathematics
    TOCS
  • 1983
In this paper we show how to generate from a short random seed S a long sequence of pseudo-random numbers Ri in which the problem of computing one more Ri value given an arbitrarily large subset of