Research On Identity-Based Broadcast Encryption

In recent years, point-to-multipoint and multipoint-to-multipoint communication modes are developing rapidly. These communication modes usually require that only authorized users can gain communication content, and Broadcast Encryption (BE) is an effective means to solve this problem. In Broadcast Encryption, the broadcaster encrypts and sends messages to users through insecure broadcast channel. Only authorized users can decrypt, and unauthorized users can not obtain any useful information. Identity-based Broadcast Encryption (IBBE) is the combination of Identity-based Cryptography and BE. IBBE using user’s identity as public key, simplifies Public Key Infrastructure. Therefore, IBBE has wide application prospects. However, the existing research results do not meet the increasing requirement. On the one hand, security and efficiency achieving good standards at the same time has still not been solved. On the other hand, key escrow problem has not caused enough attention. In this thesis, we research the two problems and achieve results are as follows:1. In2001, Zhang et al. and Sun et al. proposed respective IBBE scheme, and claimed that their own scheme achieve constant size ciphertexts and private keys, and adaptively secure. However, after analysis, we found that Zhang et al. scheme does not meet consistency, i.e. the user can not decrypt correctly, and Sun et al. scheme is insecure. Subsequently, we give an improved scheme, which is the first IBBE scheme that achieve constant size ciphertexts and private keys, and adaptively secure in standard model.2. The existing methods of mitigating key escrow problem in IBBE include Distributed PKG strategy. Self-certified Cryptography, Certificateless Public Key Cryptography and Account-able Authority Identity-based Encryption. These methods need multiple PKGs or interaction between PKG and the user. For Point-to-Multipoint Identity-based Broadcast Encryption, the above methods are impracticable because of the limited computing power of the user. We propose a new method which we call Augmented Broadcaster Identity-based Broadcast Encryption (AB-IBBE). It needs not multiple PKGs and makes the user need not interaction and calculation in private key generation phase. We introduce the notion of AB-IBBE, formalize the definition, and present the security mode. Subsequently, a universal scheme fo realizing AB-IBBE is constructed, which makes that any IND-ID-CPA secure IBBE scheme can be extended to an IND-ID-CPA secure AB-IBBE scheme.