TY - GEN
T1 - Threshold public-key encryption with adaptive security and short ciphertexts
AU - Qin, Bo
AU - Wu, Qianhong
AU - Zhang, Lei
AU - Domingo-Ferrer, Josep
PY - 2010
Y1 - 2010
N2 - Threshold public-key encryption (TPKE) allows a set of users to decrypt a ciphertext if a given threshold of authorized users cooperate. Existing TPKE schemes suffer from either long ciphertexts with size linear in the number of authorized users or can only achieve non-adaptive security. A non-adaptive attacker is assumed to disclose her target attacking set of users even before the system parameters are published. The notion of non-adaptive security is too weak to capture the capacity of the attackers in the real world. In this paper, we bridge these gaps by proposing an efficient TPKE scheme with constant-size ciphertexts and adaptive security. Security is proven under the decision Bilinear Diffie-Hellman Exponentiation (BDHE) assumption in the standard model. This implies that our proposal preserves security even if the attacker adaptively corrupts all the users outside the authorized set and some users in the authorized set, provided that the number of corrupted users in the authorized set is less than a threshold. We also propose an efficient tradeoff between the key size and the ciphertext size, which gives the first TPKE scheme with adaptive security and sublinear-size public key, decryption keys and ciphertext.
AB - Threshold public-key encryption (TPKE) allows a set of users to decrypt a ciphertext if a given threshold of authorized users cooperate. Existing TPKE schemes suffer from either long ciphertexts with size linear in the number of authorized users or can only achieve non-adaptive security. A non-adaptive attacker is assumed to disclose her target attacking set of users even before the system parameters are published. The notion of non-adaptive security is too weak to capture the capacity of the attackers in the real world. In this paper, we bridge these gaps by proposing an efficient TPKE scheme with constant-size ciphertexts and adaptive security. Security is proven under the decision Bilinear Diffie-Hellman Exponentiation (BDHE) assumption in the standard model. This implies that our proposal preserves security even if the attacker adaptively corrupts all the users outside the authorized set and some users in the authorized set, provided that the number of corrupted users in the authorized set is less than a threshold. We also propose an efficient tradeoff between the key size and the ciphertext size, which gives the first TPKE scheme with adaptive security and sublinear-size public key, decryption keys and ciphertext.
KW - Access control
KW - Adaptive security
KW - Public key cryptosystem
KW - Threshold public-key encryption
UR - https://www.scopus.com/pages/publications/78650855071
U2 - 10.1007/978-3-642-17650-0_6
DO - 10.1007/978-3-642-17650-0_6
M3 - 会议稿件
AN - SCOPUS:78650855071
SN - 3642176496
SN - 9783642176494
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 62
EP - 76
BT - Information and Communications Security - 12th International Conference, ICICS 2010, Proceedings
T2 - 2010 International Conference on Information and Communications Security, ICICS 2010
Y2 - 15 December 2010 through 17 December 2010
ER -