Efficient identity-based traceable cloud data broadcasting with outsider anonymity and simultaneous individual transmission

In recent years, cloud data broadcasting system has attracted intensive attention due to its universal applicability in various Internet-of-Things enabled real-life scenarios. Cloud data broadcasting with simultaneous individual transmission is an exciting data broadcasting variant that empowers any data broadcaster to distribute encrypted broadcast data to a subscribed consumer group and the personalized transmission to each group member simultaneously. Recently [IEEE Transactions on Broadcasting (2020)], a certificate based data broadcasting with simultaneous individual transmission scheme (Chen et al., 2020) is proposed with the aim to solve both key-escrow problem and certificate management problem, and it is claimed to provide subscriber's outsider anonymity under the nonstandard q-type security assumption with the existence of random oracles. Unfortunately, we can show that this most recent work of Chen et al. (2020) is not secure against insider attacks, meaning that their protocol cannot trace the system's traitor consumers who can resell the sensitive information for their own profit without valid authorization. Besides, the design of Chen et al. (2020) has significantly high communication bandwidth that is approvingly inconvenient for the Internet-of-Things facilitated low-powerful multimedia devices to reduce unnecessary burden on the encryption costs. We design a provably secure adaptive identity-based data broadcasting technique having simultaneous individual transmission with unbounded number of consumers that can concatenate two mutually orthogonal functionalities, namely consumer's outsider anonymity and traitor consumer traceability, in a cost-efficient way. Our framework exploits the most secure and advanced asymmetric Type-3 bilinear maps to defend against fault attacks and realizes security in the standard provable security model without the existence of any random oracle. On a positive note, our construction eliminates the q-type security assumption that is so far a plausible achievement compared to all the existing schemes in this area.