Advertisement

Broadcast Encryption with Guessing Secrecy

  • Yohei WatanabeEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10681)

Abstract

Perfect secrecy, which is a fundamental security notion introduced by Shannon, guarantees that no information on plaintexts is leaked from corresponding ciphertexts in the information-theoretic sense. Although it captures the strongest security, it is well-known that the secret-key size must be equal or larger than the plaintext-size to achieve perfect secrecy. Furthermore, probability distribution on secret keys must be uniform. Alimomeni and Safavi-Naini (ICITS 2012) proposed a new security notion, called guessing secrecy, to relax the above two restrictions, and showed that unlike perfect secrecy, even non-uniform keys can be used for providing guessing secrecy. Iwamoto and Shikata (ISIT 2015) showed secure concrete constructions of a symmetric-key encryption scheme with non-uniform keys in the guessing secrecy framework. In this work, we extend their results to the broadcast encryption setting. We first define guessing secrecy of broadcast encryption, and show relationships among several guessing-secrecy notions and perfect secrecy. We derive lower bounds on secret keys, and show the Fiat-Naor one-bit construction with non-uniform keys is also secure in the sense of guessing secrecy.

Keywords

Broadcast encryption Guessing secrecy Information-theoretic security Non-uniform distribution 

Notes

Acknowledgments

We would like to thank the anonymous reviewers for fruitful comments. We would also like to thank Junji Shikata for his feedback. The author is supported by JSPS Research Fellowship for Young Scientists. This work was supported by Grant-in-Aid for JSPS Fellows Grant Number JP16J10532 and JP17H01752.

References

  1. 1.
    Alimomeni, M., Safavi-Naini, R.: Guessing Secrecy. In: Smith, A. (ed.) ICITS 2012. LNCS, vol. 7412, pp. 1–13. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32284-6_1 CrossRefGoogle Scholar
  2. 2.
    Berkovits, S.: How to broadcast a secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 535–541. Springer, Heidelberg (1991).  https://doi.org/10.1007/3-540-46416-6_50 CrossRefGoogle Scholar
  3. 3.
    Blundo, C., Cresti, A.: Space requirements for broadcast encryption. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 287–298. Springer, Heidelberg (1995).  https://doi.org/10.1007/BFb0053444 Google Scholar
  4. 4.
    Blundo, C., Mattos, L.A.F., Stinson, D.R.: Trade-offs between communication and storage in unconditionally secure schemes for broadcast encryption and interactive key distribution. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 387–400. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68697-5_29 Google Scholar
  5. 5.
    Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005).  https://doi.org/10.1007/11535218_16 CrossRefGoogle Scholar
  6. 6.
    Chen, H., Ling, S., Padró, C., Wang, H., Xing, C.: Key predistribution schemes and one-time broadcast encryption schemes from algebraic geometry codes. In: Parker, M.G. (ed.) IMACC 2009. LNCS, vol. 5921, pp. 263–277. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-10868-6_16 CrossRefGoogle Scholar
  7. 7.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory. Wiley-Interscience, 2nd edn. July 2006Google Scholar
  8. 8.
    Csiszár, I., Koerner, J.: Information Theory: Coding Theorems for Discrete Memoryless Systems, 2nd edn. Cambridge University Press, Cambridge (2011)CrossRefGoogle Scholar
  9. 9.
    Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-44993-5_5 CrossRefGoogle Scholar
  10. 10.
    Dodis, Y., Smith, A.: Entropic security and the encryption of high entropy messages. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 556–577. Springer, Heidelberg (2005).  https://doi.org/10.1007/978-3-540-30576-7_30 CrossRefGoogle Scholar
  11. 11.
    Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48329-2_40 CrossRefGoogle Scholar
  12. 12.
    Garay, J.A., Staddon, J., Wool, A.: Long-lived broadcast encryption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 333–352. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-44598-6_21 CrossRefGoogle Scholar
  13. 13.
    Gentry, C., Waters, B.: Adaptive security in broadcast encryption systems (with Short Ciphertexts). In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 171–188. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01001-9_10 CrossRefGoogle Scholar
  14. 14.
    Iwamoto, M., Shikata, J.: Constructions of symmetric-key encryption with guessing secrecy. In: IEEE International Symposium on Information Theory 2015, pp. 725–729, June 2015Google Scholar
  15. 15.
    Iwamoto, M., Shikata, J.: Information theoretic security for encryption based on conditional rényi entropies. In: Padró, C. (ed.) ICITS 2013. LNCS, vol. 8317, pp. 103–121. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-04268-8_7 CrossRefGoogle Scholar
  16. 16.
    Kurosawa, K., Yoshida, T., Desmedt, Y., Burmester, M.: Some bounds and a construction for secure broadcast encryption. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 420–433. Springer, Heidelberg (1998).  https://doi.org/10.1007/3-540-49649-1_33 CrossRefGoogle Scholar
  17. 17.
    Luby, M., Staddon, J.: Combinatorial bounds for broadcast encryption. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 512–526. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054150 CrossRefGoogle Scholar
  18. 18.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44647-8_3 CrossRefGoogle Scholar
  19. 19.
    Padró, C., Gracia, I., Martín, S.: Improving the trade-off between storage and communication in broadcast encryption schemes. Discrete Appl. Math. 143(1–3), 213–220 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Padró, C., Gracia, I., Martín, S., Morillo, P.: Linear broadcast encryption schemes. Discrete Appl. Math. 128(1), 223–238 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Phan, D.H., Pointcheval, D., Strefler, M.: Security notions for broadcast encryption. In: Lopez, J., Tsudik, G. (eds.) ACNS 2011. LNCS, vol. 6715, pp. 377–394. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21554-4_22 CrossRefGoogle Scholar
  22. 22.
    Russell, A., Wang, H.: How to fool an unbounded adversary with a short key. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 133–148. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-46035-7_9 CrossRefGoogle Scholar
  23. 23.
    Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28, 656–715 (1949)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Watanabe, Y., Hanaoka, G., Shikata, J.: Unconditionally secure revocable storage: tight bounds, optimal construction, and robustness. In: Nascimento, A.C.A., Barreto, P. (eds.) ICITS 2016. LNCS, vol. 10015, pp. 213–237. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-49175-2_11 CrossRefGoogle Scholar
  25. 25.
    Watanabe, Y., Shikata, J.: Unconditionally secure broadcast encryption schemes with trade-offs between communication and storage. IEICE Trans. 99–A(6), 1097–1106 (2016)CrossRefGoogle Scholar
  26. 26.
    Yamamoto, H.: Rate-distortion theory for the shannon cipher system. IEEE Trans. Inf. Theor. 43(3), 827–835 (1997)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Graduate School of Informatics and EngineeringThe University of Electro-CommunicationsTokyoJapan
  2. 2.Information Technology Research InstituteAISTTokyoJapan

Personalised recommendations