Fully threshold broadcast encryption

  • Sigurd Eskeland


Threshold broadcast encryption (TBE) is a class of threshold cryptographic schemes that allow a sender to compute ciphertexts to ad hoc user groups. Plaintexts can only be recovered if $t$ of the pertaining recipients collaborate by each producing a partial decryption share.
Existing TBE schemes require that the partial decryptions are transferred through secure channels to a single combiner that restores the plaintext. Thus, the single combiner becomes the eventual target for the deciphered plaintext, and not the addressed group. As such, a single combiner and explicit secure channels are inconsistent with the concept of broadcasting.

In this paper, we propose a fully TBE scheme that does not require a combiner and secure channels. In this scheme, the partial decryptions are broadcasted, and only the intended recipients that are defined ad hoc by the sender are able to decrypt.