An attribute-based anonymous broadcast encryption scheme with adaptive security in the standard model

In broadcast encryption schemes, a distribution center broadcasts an encrypted message to a subset chosen from a universe of receivers, and only the intended users are able to decrypt the message. Most broadcast encryption schemes do not provide anonymity, and the identities of target receivers are sent in plaintext. However, in several applications, the authorized user's identities have the same sensitivity as the broadcasted messages. Yu, Ren, and Lou (YRL) [Yu, S., Ren, K., and Lou, W. "Attribute-based on-demand multicast group setup with membership anonymity", Computer Networks, 54(3), pp. 377-386 (2010).] considered this issue and introduced an efficient anonymous attribute-based broadcast encryption scheme. This paper first proposed an attack on the YRL scheme, and showed that the unauthorized receivers could also decrypt the broadcasted message. Next, we proposed the Improved-YRL scheme and proved that it achieved anonymity and semantic security under adaptive corruptions in the chosen ciphertext setting. The proof is provided by the dual system encryption technique and is based on three complexity assumptions in composite order bilinear maps. The Improved-YRL scheme is a step forward in solving the long-standing problem of secure and low overhead anonymous broadcast encryption. (C) 2019 Sharif University of Technology. All rights reserved.