We propose a verifiable and anonymous broadcast encryption scheme, where an 'untrusted' gateway can verify incoming communication flows to ensure only the intended (anonymous) receivers in the target domain can receive them. This scenario is interesting while the privacy of receivers should be considered. The difficulty in this setting is how to achieve both confidentiality of the message and anonymity of receivers during the gateway verification. To achieve this goal, we introduce a new notion of encrypted identity search, which allows the gateway blindly verifies the incoming traffic. Our scheme captures security properties: confidentiality and anonymity against dishonest gateway, corrupted receivers and collusion attacks. We present a concrete construction of gatewaybased verifiable and anonymous broadcast encryption system from bilinear pairings, and give its security reduction under the computational assumptions related to bilinear pairings.
- Broadcast encryption
- Verifiable encryption
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications
- Electrical and Electronic Engineering