Adaptive CCA Broadcast Encryption With Constant-Size Secret Keys and Ciphertexts
The authors consider designing broadcast encryption schemes with constant-size secret keys and ciphertexts, achieving chosen-ciphertext security. They first argue that known CPA-to-CCA transforms currently do not yield such schemes. They then propose a scheme, modifying a previous selective CPA secure proposal by Boneh, Gentry, and Waters. Their proposed scheme has constant-size secret keys and ciphertexts and they prove that it is selective chosen-ciphertext secure based on standard assumptions. Their scheme has ciphertexts that are shorter than those of the previous CCA secure proposals. Then they propose a second scheme that provides the functionality of both broadcast encryption and revocation schemes simultaneously using the same set of parameters.