Broadcast Encryption with Both Temporary and Permanent Revocation

Brownstein, Dan; Dolev, Shlomi; Gilboa, Niv

doi:10.1007/978-3-319-69084-1_35

Dan Brownstein¹⁵,
Shlomi Dolev¹⁵ &
Niv Gilboa¹⁶

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 10616))

Included in the following conference series:

International Symposium on Stabilization, Safety, and Security of Distributed Systems

1223 Accesses

Abstract

Broadcast encryption enables a sender to broadcast data that only an authorized set of users can decrypt and is therefore an essential component of secure content distribution. Public key broadcast encryption separates the roles of a key manager who provides keys to users and content providers who distribute content to users. This separation is useful for flexible content distribution and for simplifying the process of additional content providers joining the network. A content provider or key manager can control the authorized set of users by user revocation which has two types, temporary revocation and permanent revocation. A content provider sending a message can determine the set of users authorized for the message by using temporary revocation. A key manager can use permanent revocation to remove a user from the set of authorized users as a better alternative to temporarily revoking the user in all subsequent messages. In this paper we present the first public-key, broadcast encryption scheme that achieves both temporary and permanent revocation and has essentially the same performance as state of the art schemes that achieve only one of the two types of revocation. The scheme combines and optimizes the broadcast encryption systems of Delerablée et al. (Pairing 2007) and Lewko et al. (Security and Privacy 2010) and is generically secure over groups that support bilinear maps.

S. Dolev—This research was partially supported by the Rita Altura Trust Chair in Computer Sciences; the Lynne and William Frankel Center for Computer Science; grant of the Ministry of Science, Technology and Space, Israel, and the National Science Council (NSC) of Taiwan; the Ministry of Foreign Affairs, Italy; the Ministry of Science, Technology and Space, Infrastructure Research in the Field of Advanced Computing and Cyber Security and the Israel National Cyber Bureau.

N. Gilboa—Supported by ISF grant 1638/15, a grant by the BGU Cyber Center, the Israeli Ministry Of Science and Technology Cyber Program and by the European Union’s Horizon 2020 ICT program (Mikelangelo project).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Notes

1.
The work of Delerablée et al. [DPP07] is an exception, considering both types of revocation.
2.
A q-type assumption is a family of hardness assumptions indexed by an integer q, which corresponds to the number of queries the adversary makes in the security proof.
3.
The first scheme of Delerablée et al. [DPP07] is a public-key construction with public key of size O(n) for n users.
4.
We slightly abuse notation and use \(\phi \) to denote both the function and a concrete description of this function.

References

Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. IACR Cryptology ePrint Archive 2005:15 (2005)
Google Scholar
Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005). doi:10.1007/11535218_16
Chapter Google Scholar
Canetti, R., Garay, J.A., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: a taxonomy and some efficient constructions. In: INFOCOM, pp. 708–716. IEEE (1999)
Google Scholar
Canetti, R., Malkin, T., Nissim, K.: Efficient communication-storage tradeoffs for multicast encryption. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 459–474. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_32
Chapter Google Scholar
Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003). doi:10.1007/978-3-540-44993-5_5
Chapter Google Scholar
Delerablée, C., Pointcheval, D.: Dynamic threshold public-key encryption. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 317–334. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85174-5_18
Chapter Google Scholar
Delerablée, C., Paillier, P., Pointcheval, D.: Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. In: Takagi, T., Okamoto, E., Okamoto, T., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 39–59. Springer, Heidelberg (2007). doi:10.1007/978-3-540-73489-5_4
Chapter Google Scholar
Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994). doi:10.1007/3-540-48329-2_40
Chapter Google Scholar
Goodrich, M.T., Sun, J.Z., Tamassia, R.: Efficient tree-based revocation in groups of low-state devices. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 511–527. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28628-8_31
Chapter Google Scholar
Garay, J.A., Staddon, J., Wool, A.: Long-lived broadcast encryption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 333–352. Springer, Heidelberg (2000). doi:10.1007/3-540-44598-6_21
Chapter Google Scholar
Gentry, C., Waters, B.: Adaptive security in broadcast encryption systems (with short ciphertexts). In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 171–188. Springer, Heidelberg (2009). doi:10.1007/978-3-642-01001-9_10
Chapter MATH Google Scholar
Lewko, A.B., Sahai, A., Waters, B.: Revocation systems with very small private keys. In: IEEE Symposium on Security and Privacy, pp. 273–285. IEEE Computer Society (2010)
Google Scholar
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). doi:10.1007/3-540-44647-8_3
Chapter Google Scholar
Naor, M., Pinkas, B.: Efficient trace and revoke schemes. Int. J. Inf. Secur. 9(6), 411–424 (2010)
Article Google Scholar
Shoup, V.: Lower bounds for discrete logarithms and related problems. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 256–266. Springer, Heidelberg (1997). doi:10.1007/3-540-69053-0_18
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, Ben-Gurion University of the Negev, Beersheba, Israel
Dan Brownstein & Shlomi Dolev
Department of Communication Systems Engineering, Ben-Gurion University of the Negev, Beersheba, Israel
Niv Gilboa

Authors

Dan Brownstein
View author publications
You can also search for this author in PubMed Google Scholar
Shlomi Dolev
View author publications
You can also search for this author in PubMed Google Scholar
Niv Gilboa
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dan Brownstein .

Editor information

Editors and Affiliations

University of Liverpool, Liverpool, United Kingdom
Paul Spirakis
Chalmers University of Technology, Gothenburg, Sweden
Philippas Tsigas

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Brownstein, D., Dolev, S., Gilboa, N. (2017). Broadcast Encryption with Both Temporary and Permanent Revocation. In: Spirakis, P., Tsigas, P. (eds) Stabilization, Safety, and Security of Distributed Systems. SSS 2017. Lecture Notes in Computer Science(), vol 10616. Springer, Cham. https://doi.org/10.1007/978-3-319-69084-1_35

Download citation

DOI: https://doi.org/10.1007/978-3-319-69084-1_35
Published: 07 October 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69083-4
Online ISBN: 978-3-319-69084-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Broadcast Encryption with Both Temporary and Permanent Revocation