IACR News item: 14 August 2013
Renaud Dubois, Margaux Dugardin, Aurore Guillevic
ePrint Reporttext, a session key is produced, which is required to be indistinguishable from random. Such a scheme can
provide public encryption functionality in combination with a symmetric encryption through the hybrid en-
cryption paradigm. The Boneh-Gentry-Waters scheme of 2005 proposed a broadcast scheme with constant-size
ciphertext. It is one of the most efficient broadcast encryption schemes regarding overhead size. In this work we
consider the improved scheme of Phan-Pointcheval-Shahandashi-Ste
er [PPSS12] which provides an adaptive
CCA broadcast encryption scheme. These two schemes may be tweaked to use bilinear pairings[DGS].
This document details our choices for the implementation of the PPSS scheme. We provide a complete golden sequence
of the protocol with efficient pairings (Tate, Ate and Optimal Ate). We target a 128-bit security
level, hence we use a BN-curve [BN06]. The aim of this work is to contribute to the use and the standardization of
PPSS scheme and pairings in concrete systems.
Additional news items may be found on the IACR news page.