The Barth-Boneh-Waters Private Broadcast Encryption Scheme Revisited
Zhengjun Cao, Lihua Liu
TL;DR
This paper revisits the Barth-Boneh-Waters private broadcast encryption scheme, highlighting the need for proper data origin authentication and discussing the limitations of the original one-time signature approach.
Contribution
It proposes replacing the one-time signature with conventional public key signatures for better authentication and analyzes the drawbacks of the original primitive.
Findings
Public key signatures effectively authenticate broadcast data.
The original scheme's use of one-time signatures has notable disadvantages.
Replacing signatures improves security and efficiency.
Abstract
The primitive of private broadcast encryption introduced by Barth, Boneh and Waters, is used to encrypt a message to several recipients while hiding the identities of the recipients. In their construction, a recipient has to first decrypt the received ciphertext to extract the verification key for one-time signature. He then uses the verification key to check whether the ciphertext is malformed. The authors did not consider that information delivered over a channel, especially over a broadcast channel, should be authenticated as to its origin. We remark that the conventional public key signature suffices to authenticate data origin and filter out all malformed ciphertexts. We also discuss the disadvantages of the primitive of one-time signature used in their construction.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptography and Data Security · Chaos-based Image/Signal Encryption · Cryptographic Implementations and Security