A Tree Based One-Key Broadcast Encryption Scheme with Low Computational Overhead

  • Tomoyuki Asano
  • Kazuya Kamio
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3574)


In this paper, we propose a new broadcast encryption method which is a modification of the Complete Subtree method and it reduces the number of keys a receiver stores to one. There have been proposed some methods which minimize the number of keys for a receiver to one. The most efficient one among them uses RSA cryptosystem in order to reduce the number of keys, while the proposed method is based on Rabin cryptosystem. The computational overhead at receivers in our method is around 1 / log2 e compared with the most efficient method proposed previously, where e is a public exponent of RSA. We examine this result by experiments. Therefore, the proposed method is the most efficient among tree based one-key methods with respect to the computational overhead at receivers. This reduction in the computational overhead is achieved in exchange for an increase in the size of nonsecret memory by [ log N * few (e. g. eight)] bits, where N is the total number of receivers. The security of the proposed method is equivalent to Rabin cryptosystem in the sense of key-intractability in the random oracle model.


Hash Function Computational Overhead Secret Information Digital Right Management Random Oracle Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Asano, T.: A Revocation Scheme with Minimal Storage at Receivers. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 433–450. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  2. 2.
    Asano, T.: Reducing Storage at Receivers in SD and LSD Broadcast Encryption Schemes. In: Chae, K.-J., Yung, M. (eds.) WISA 2003. LNCS, vol. 2908, pp. 317–332. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Attrapadung, N., Kobara, K., Imai, H.: Sequential Key Derivation Patterns for Broadcast Encryption and Key Predistribution Schemes. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 374–391. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Berkovits, S.: How to Broadcast a Secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 535–541. Springer, Heidelberg (1991)Google Scholar
  5. 5.
    Chick, G.C., Tavares, S.E.: Flexible Access Control with Master Keys. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 316–322. Springer, Heidelberg (1990)Google Scholar
  6. 6.
    Fiat, A., Naor, M.: Broadcast Encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)Google Scholar
  7. 7.
    Gentry, C., Ramzan, Z.: RSA Accumulator Based Broadcast Encryption. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 73–86. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Goodrich, M.T., Sun, J.Z., Tamassia, R.: Efficient Tree-Based Revocation in Groups of Low-State Devices. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 511–527. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Halevy, D., Shamir, A.: The LSD Broadcast Encryption Scheme. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Kikuchi, H.: Rabin Tree and its Application to Broadcast Encryption IEICE Technical Report ISEC 2003-13, pp. 9–12 (2003) (in Japanese)Google Scholar
  11. 11.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)zbMATHGoogle Scholar
  12. 12.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and Tracing Schemes for Stateless Receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Nojima, R., Kaji, Y.: Efficient Tree-based Key Management Using One-way Functions. In: Proceedings of the 2004 Symposium on Cryptography and Information Security, pp. 189–194 (2004) (in Japanese)Google Scholar
  14. 14.
    Nojima, R., Kaji, Y.: Secure, Efficient and Practical Key Management Scheme in the Complete-Subtree Method. IEICE Trans. Fundamentals E88-A(1), 189–194 (2001)CrossRefGoogle Scholar
  15. 15.
    Ogata, W., Hiza, T., Quang, D.V.: Efficient Tree Based Key management based on RSA function. In: Proceedings of the 2004 Symposium on Cryptography and Information Security, pp. 195–199 (2004) (in Japanese)Google Scholar
  16. 16.
    Rabin, M.O.: Digitalized Signatures and Public-Key Functions as Intractable as Factorization. MIT Technical Report, MIT/LCS/TR-212 (1979)Google Scholar
  17. 17.
    Wallner, D., Harder, E., Agee, R.: Key Management for Multicast: Issues and Architectures. IETF NetworkWorking Group, Request for Comments: 2627 (1999), available from
  18. 18.
    Wang, P., Ning, P., Reeves, D.S.: Storage-Efficient Stateless Group Key Revocation. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 25–38. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Wong, C.K., Gouda, M., Lam, S.S.: Secure Group Communications Using Key Graphs. In: Proceedings of ACM SIGCOMM 1998 (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Tomoyuki Asano
    • 1
  • Kazuya Kamio
    • 1
  1. 1.Sony CorporationTokyoJapan

Personalised recommendations