SCIENCE CHINA Information Sciences, Volume 61, Issue 11: 118101(2018) https://doi.org/10.1007/s11432-017-9287-6

• AcceptedOct 27, 2017
• PublishedMay 21, 2018
Share
Rating

### Acknowledgment

This work was supported by National Natural Science Foundation of China (Grant No. 61472032), NSFC-Genertec Joint Fund for Basic Research (Grant No. U1636104), and Joint Research Fund for Overseas Chinese Scholars and Scholars in Hong Kong and Macao (Grant No. 61628201).

### References

[1] Fiat A, Naor M. Broadcast encryption. In: Proceedings of the 13th Annual International Cryptology Conference, Santa Barbara, 1993. 480--491. Google Scholar

[2] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Proceedings of the 25th Annual International Cryptology Conference, Santa Barbara, 2005. 258--275. Google Scholar

[3] Gentry C, Waters B. Adaptive security in broadcast encryption systems (with short ciphertexts). In: Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques, Cologne, 2009. 171--188. Google Scholar

[4] Naor M, Pinkas B. Efficient trace and revoke schemes. In: Proceedings of the 4th International Conference on Financial Cryptography, Anguilla, 2000. 1--20. Google Scholar

[5] Delerablée C, Paillier P, Pointcheval D. Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. In: Proceedings of the 1st International Conference on Pairing-Based Cryptography, Tokyo, 2007. 39--59. Google Scholar

[6] Lai J C, Mu Y, Guo F C, et al. Anonymous identity-based broadcast encryption with revocation for file sharing. In: Proceedings of the 21st Australasian Conference on Information Security and Privacy, Melbourne, 2016. 223--239. Google Scholar

• Table 1   Performance evaluation of the RBBE scheme$^{{\rm~a})}$
 Computational complexity Communication/storage complexity Setup $(2n)~\cdot~E(\mathbb{G})~+1\cdot~M(\mathbb{G})$ $(2n+1)~\cdot~l_{\mathbb{G}}$(PK), $2\cdot~l_{\mathbb{Z}_p^*}+1\cdot~l_{\mathbb{G}}$(MK) KeyGen $|U|~\cdot~(3~\cdot~E(\mathbb{G})+1\cdot~M(\mathbb{G})~+1\cdot~D(\mathbb{G}))$ (for $|U|$ users) $|U|~\cdot~l_{\mathbb{G}}$ (${\rm~sk}_i$, for $|U|$ users) Encrypt $~2~\cdot~E(\mathbb{G})+1~\cdot~E(\mathbb{G}_T)+(|R|-1)\cdot~M(\mathbb{G})~+1\cdot~D(\mathbb{G})+1~\cdot~B$ $2~\cdot~l_{\mathbb{G}}$ ($C_R$) Decrypt $(|R|-1)\cdot~M(\mathbb{G})~+1\cdot~D(\mathbb{G})+2~\cdot~B+~1~\cdot~D(\mathbb{G}_T)$ $1~\cdot~l_{\mathbb{G}_T}$ (ek)

a) $E(\cdot)$, $M(\cdot)$ and $D(\cdot)$ denote the exponentiation operation, multiplication operation and division operation in cyclic group, respectively. $B$ denotes the bilinear pairing $e:~\mathbb{G}~\times~\mathbb{G}~\rightarrow~\mathbb{G}_T$. $|U|$ and $|R|$ denote the number of users in set $U$ and $R$, respectively. $l_{\mathbb{Z}_p^*}$, $l_{\mathbb{G}}$ and $l_{\mathbb{G}_T}$ denote the length of elements in $\mathbb{Z}_p^*$, $\mathbb{G}$ and $\mathbb{G}_T$, respectively.

• #### 2

Citations

• Altmetric

Copyright 2020 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有