Del av: ARES'17. Proceedings of The 12th International Conference on Availability, Reliability and Security, Reggio Calabria, Italy — August 29 - September 01, 2017 (Association for Computing Machinery (ACM), 2017)
Threshold broadcast encryption (TBE) is a class of threshold cryptographic schemes that allow a sender to compute ciphertexts to ad hoc user groups. Plaintexts can only be recovered if $t$ of the pertaining recipients collaborate by each producing a partial decryption share.
Existing TBE schemes require that the partial decryptions are transferred through secure channels to a single combiner that restores the plaintext. Thus, the single combiner becomes the eventual target for the deciphered plaintext, and not the addressed group. As such, a single combiner and explicit secure channels are inconsistent with the concept of broadcasting.
In this paper, we propose a fully TBE scheme that does not require a combiner and secure channels. In this scheme, the partial decryptions are broadcasted, and only the intended recipients that are defined ad hoc by the sender are able to decrypt.