Efficient one-to-one sharing: Public key matchmaking encryption

Identity-Based Matchmaking Encryption (IB-ME) enables both the sender and the receiver to respectively specify an identity that the other party must satisfy, in order to reveal the messages. IB-ME is actually a one-to-one matchmaking encryption, and has many applications such as secure data sharing and non-interactive secret handshake protocol. However, the system requires a central authority to generate encryption keys and decryption keys for all users, which could lead to key escrow problem, single-point failure and performance bottleneck. The goal of this paper is to remove any authority from the system. We propose a matchmaking encryption in public-key setting, named Public Key Matchmaking Encryption (PK-ME). We give the formal syntax and security definition of PK-ME, present a lightweight PK-ME scheme, and formally prove its security in the random model. Finally, we conduct experiments to show the practicability of the scheme. In particular, compared to the related ME schemes, our encryption and decryption are very efficient, and our PK-ME scheme has shorter parameters.