Fully Anonymous Identity-Based Broadcast Encryption Without Random Oracles
In a Broadcast Encryption (BE) scheme, a broadcaster can encrypt a message for a set S of users who are listening to a broadcast channel. Most Identity-Based Broadcast Encryption (IBBE) schemes are not anonymous, which means the attacker can obtain the identities of all receivers from the ciphertext. Currently, anonymous IBBE schemes are only provably secure in the random oracle model. In this paper, the authors propose a fully anonymous IBBE scheme based on asymmetric bilinear groups, which is adaptive-ID secure without random oracles. Any attacker cannot get the identities of the receivers from the ciphertext, and each receiver is anonymous for any other receiver, and only the broadcaster knows the identities of all receivers.