Research On Broadcast Encryption

The concept of Broadcast Encryption (BE) was introduced by Fiat and Naor in 1993. Broadcast Encryption provides a convenient way to distribute digital content to subscribers over an insecure broadcast channel. In BE schemes, a broadcaster encrypts messages and transmits them to a group of users who are listening to a broadcast channel and use their private keys to decrypt transmissions, other users that are not in the group can by no means infer information about the broadcast message.As the rapid development of computer network and communication technology, information technology and digitization is very popular in our real life, and greatly improve the ability of transfer and process information, and provide many convenient and efficient services, such as communication and resource sharing. Broadcast encryption has many applications including satellite communication, access control in encrypted file systems, pay-TV systems, distribution of copyrighted material(such as CD or VCD) and many other. More and more experts and scholars study on this filed and many good methods for broadcast encryption are proposed. However, many broadcast encryption still can not meet the needs of practical application, more efficient and secure broadcast encryption schemes with specific properties are required in some specific applications.This paper focuses on broadcast encryption, and first introduced the background and overview of broadcast encryption technology, analyzed and compared many classical broadcast encryption schemes, and studied their basic technology. Since it is often equally important to protect the identities of the users who are able to access protected content (for example, when commercial companies broadcast messages to their customers, they often not want to disclose the identities of their customers because of commercial interests and enterprise morality), the author mainly studied broadcast encryption schemes with recipient privacy, and achieved the following main result. 1) We presented recipient privacy in identity-based broadcast encryption schemes, gave a notion of recipient privacy under a chosen-ciphertext attack for identity-based broadcast encryption schemes.2) We proposed the first identity-based broadcast encryption scheme with recipient privacy, enables the efficient encryption of messages to multiple recipients without revealing the identities of authorized recipients. In our scheme, the size of private keys is constant, the public key and ciphertext are of size linear in the maximal size m of the set of authorized recipients, which is smaller than the number of possible users in the system. Finally we prove the IND-sID-CPA security of our scheme by using the GDDHE framework and recipient privacy.