An attribute-based anonymous broadcast encryption scheme with adaptive security in the standard model

Abstract

In broadcast encryption schemes, a distribution center broadcasts an encrypted message to a subset chosen from a universe of receivers and only the intended users are able to decrypt the message. Most broadcast encryption schemes do not provide anonymity and the identities of target receivers are sent in plaintext. However, in several applications, the authorized users' identities have the same sensitivity as the broadcasted messages. Yu, Ren and Lou (YRL) considered this issue and introduced an e icient anonymous a ribute-based broadcast encryption scheme. In this paper, we first propose an a ack on the YRL scheme and showthat the unauthorized receivers can also decrypt the broadcasted message. Next, we propose the Improved-YRL scheme and prove that it achieves anonymity and semantic security under adaptive corruptions in the chosen ciphertext se ing. The proof is provided using the dual system encryption technique and is based on three complexity assumptions in composite order bilinear maps. The Improved-YRL scheme is a step forwardin solving the long-standing problem of secure and low overhead anonymous broadcast encryption.