International Association for Cryptologic Research

International Association
for Cryptologic Research


Optimal Broadcast Encryption from Pairings and LWE

Shweta Agrawal , IIT Madras
Shota Yamada , AIST Japan
DOI: 10.1007/978-3-030-45721-1_2 (login may be required)
Search ePrint
Search Google
Conference: EUROCRYPT 2020
Award: Best Paper Award
Abstract: Boneh, Waters and Zhandry (CRYPTO 2014) used multilinear maps to provide a solution to the long-standing problem of public-key broadcast encryption (BE) where all parameters in the system are small. In this work, we improve their result by providing a solution that uses only {\it bilinear} maps and Learning With Errors (LWE). Our scheme is fully collusion-resistant against any number of colluders, and can be generalized to an identity-based broadcast system with short parameters. Thus, we reclaim the problem of optimal broadcast encryption from the land of ``Obfustopia''. Our main technical contribution is a ciphertext policy attribute based encryption (CP-ABE) scheme which achieves special efficiency properties -- its ciphertext size, secret key size, and public key size are all independent of the size of the circuits supported by the scheme. We show that this special CP-ABE scheme implies BE with optimal parameters; but it may also be of independent interest. Our constructions rely on a novel interplay of bilinear maps and LWE, and are proven secure in the generic group model.
  title={Optimal Broadcast Encryption from Pairings and LWE},
  booktitle={39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10–14, 2020, Proceedings},
  series={Lecture Notes in Computer Science},
  keywords={broadcast encryption;identity-based broadcast encrytpion;lattices;bilinear maps},
  author={Shweta Agrawal and Shota Yamada},