• Journal of Broadcast Engineering
• /
• v.19 no.4
• /
• pp.502-509
• /
• 2014

Broadcast encryption is a cryptographic primitive that allows a sender to securely transmit a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on binary trees and the Subset Difference (SD) method. In 2006, Jang, Nyang, and Song suggested a new broadcast encryption system that can reduce transmission rate by 50% compared to the SD method, by introducing the so-called '2-SD' method. Their result was later given the registration of a patent in Korea (registration number: 100879083). Unfortunately, however, this paper shows that Jang et. al.'s broadcast encryption system is not secure against collusion attacks that are considered as being the basic security requirement in designing broadcast encryption.

• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.351-353
• /
• 1999

본 논문에서는 기존의 브로드캐스트 암호화 방식에 대한 고찰과 현재까지의 기술들의 단점을 보완할 수 있는 새로운 브로드캐스트 채널 상에서 특정 사용자만이 정보를 사용할 수 있도록 하기 위한 프로토콜이다. 이러한 시스템을 평가하는 중요한 비교 변수로는 전송량과 사용자가 보관하고 있어야 하는 해독키의 크기이다. 본 논문에서는 사용자를 일정 그룹으로 나누어서 암호키를 할당함으로써 사용자 개개인에게 암호키를 할당하는 경우 보다 전송량을 줄일 수 있었고, 메시지는 하나의 세션키로 암화화하고 이 세션키를 다시 암호화하여 메시지의 헤더에 첨가하여 전달함으로써 전송량을 확실히 줄일 수 있었다. 사용자를 임의의 그룹으로 구성하여 하나의 그룹에 일정수 이상이 정보를 전달받을 자격이 있다면 그 그룹의 암호키를 선택하여 세션키를 암호화하였다. 이 때 그룹에 있는 권한이 없는 사용자들이 정보를 전달받을 수 있으나, 이들의 크기는 실험 결과 그다지 문제가 되지 않을 정도로 작은 수임을 알 수 있었다.

• Journal of Broadcast Engineering
• /
• v.21 no.3
• /
• pp.412-424
• /
• 2016

Broadcast encryption (BE) is a cryptographic primitive that enables a sender to broadcast a message to a set of receivers in a secure channel. The efficiency of BE is measured by three factors: ciphertext transmission cost, user storage cost, and computational cost for decryption. In general, BE is applied to the environments where a large number of receivers should be accommodated, so that the transmission cost is considered as being the most important factor. In this paper, we suggest a new BE system, using Shamir's secret sharing method, which considerable reduces the transmission cost. In comparison to the previous Subset Difference (SD) system, the transmission size of our BE is longer until $r{\leq}\sqrt{n}$, but get shorter when $r{\geq}\sqrt{n}$ for number of revoked users and n number of total users. We show that the advantage can be achieved at the slight expense of both the storage and computational costs.

• Journal of Broadcast Engineering
• /
• v.20 no.1
• /
• pp.92-109
• /
• 2015

Broadcast encryption is a cryptographic primitive that allows a sender to securely broadcast a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on a pseudo-random generator and the Subset Difference (SD) method. In this paper, we suggest a new broadcast encryption system that is based on secret sharing and SD methods. On an efficiency aspect, our system achieves O(r) transmission cost, O($log^2n$) storage cost, and O(1) computational cost for the number n of users and the number r of revoked users. Compared to O(log n) computational cost in the previous SD method, our system has the advantage that it needs only constant-sized computational cost for decryption, regardless of the number n or r. On a security aspect, our system can achieve tighter security reduction than the previous SD method and the gap of security loss is about O(n log n). Moreover, our result shows that it is possible to give the effect of the SD method while using an information-theoretically secure key distribution technique as in the Complete Subtree method.

• Journal of Broadcast Engineering
• /
• v.18 no.5
• /
• pp.758-770
• /
• 2013

In a Broadcast Encryption System, a sender sends an encrypted message to a large set of receivers at once over an insecure channel and it enables only users in a target set to decrypt the message with their private keys. In 2005, Boneh et al. proposed a fully collusion-resistant public key broadcast encryption in which the ciphertext and the privatekey sizes are constant. In general, pairing-based broadcast encryption system is efficient in bandwidth and storing aspects than non-pairing based broadcast encryption system, however, it requires many computational costs that resource-constrained devices is not suit to be applied. In this paper, we propose a Broadcast Encryption scheme(called BEWD) that user can decrypt a ciphertext more efficiently. The scheme is based on Boneh et al.scheme. More precisely, it reduces receiver's computational costs by delegating pairing computation to a proxy server which computation is required to receiver in Boneh et al.scheme. Furthermore, the scheme enables a user to check if the proxy server compute correctly. We show that our scheme is secure against selective IND-RCCA adversaries under l-BDHE assumption.

• Journal of Broadcast Engineering
• /
• v.20 no.4
• /
• pp.580-597
• /
• 2015

Broadcast encryption system is a cryptographic primitive that enables a sender to broadcast a message to a set of receivers in a secure channel. Out of previous proposed broadcast encryption systems, the most effective is the one that uses the Subset Difference(SD) method in a binary tree structure. The SD method has been realized by two underlying approaches: Pseudo-Random Generator(PRG) and Secret Sharing(SS). 2-SD method is the generalized version of the SD method by which two subsets of revoked receivers can be dealt with by one subset (in an SD-based broadcast encryption system). The primary advantage of the 2-SD method is to further reduce the size of transmission overhead, compared to the SD method. Until now, however, there is no known broadcast encryption system that is based on such a 2-SD technique using either PRG or SS basis. In this paper, we suggest a new 2-SD broadcast encryption system using the SS-based technique that was suggested by Jae Hwan Lee et al. in 2014[9]. The new system can reduce the size of ciphertext by 25% of the one in the previous SS-based broadcast encryption system. Also, on a theoretical note, ours is the first 2-SD broadcast encryption system that is provably secure.

• Journal of the Korea Society of Computer and Information
• /
• v.18 no.9
• /
• pp.79-89
• /
• 2013

Recently, the need for outsourcing sensitive data has grown due to the wide spreading of cost-effective and flexible cloud service. However, there is a fundamental concern in using such service since users have to trust external servers. Therefore, searchable encryption can be a very valuable tool to meet the security requirements of data outsourcing. However, most of work on searchable encryption focus only on privacy preserving search function and relatively lacks research on encryption mechanism used to actually encrypt data. Without a suitable latter mechanism, searchable encryption cannot be deployed in real world cloud services. In this paper, we analyze previously used and possible data encryption mechanisms for multi-user searchable encryption system and discuss their pros and cons. Our results show that readily available tools such as broadcast encryption, attribute-based encryption, and proxy re-encryption do not provide suitable solutions. The main problem with existing tools is that they may require separate fully trusted servers and the difficulty in preventing collusion attacks between outsiders and semi-trusted servers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.19-27
• /
• 2007

Broadcasting contents protection system for HDTV has many difficult to apply file encryption technology that using the existing DRM systems. Therefore, this system has to be processed as accommodative about broadcasting contents format such as TS and PS and so on. Also, this system must support efficient encryption technology and random access mode. In addition, this system must have suitable key distribution mechanism in broadcasting environment. In this paper, we propose and implement encryption/key distribution scheme applicable to encoder/decoder without changing the existing MPEG system.