Optimal Broadcast Encryption from Pairings and LWE
Optimal Broadcast Encryption from Pairings and LWE
Boneh, Waters and Zhandry (CRYPTO 2014) used multilinear maps to provide a solution to the long-standing problem of public-key broadcast encryption (BE) where all parameters in the system are small. In this work, we improve their result by providing a solution that uses only bilinear maps and Learning With Errors (LWE). Our scheme is fully collusion-resistant against any number of colluders, and can be generalized to an identity-based broadcast system with short parameters. Thus, we reclaimed the problem of optimal broadcast encryption from the land of “Obfustopia”.
Our main technical contribution is a ciphertext policy attribute based encryption (CP-ABE) scheme which achieves special efficiency properties – its ciphertext size, secret key size, and public key size are all independent of the size of the circuits supported by the scheme. We show that this special CP-ABE scheme implies BE with optimal parameters; but it may also be of independent interest. Our constructions rely on a novel interplay of bilinear maps and LWE, and are proven secure in the generic group model.
This talk is based on a paper that received the best paper award at EUROCRYPT 2020.
About the speaker
Associate Professor, IIT Madras
Dr. Shweta Agrawal is an associate professor at the Computer Science and Engineering department, at the Indian Institute of Technology, Madras. She earned her PhD at the University of Texas at Austin, and did her postdoctoral work at the University of California, Los Angeles. Her area of research is cryptography and information security, with a focus on post quantum cryptography. She has won multiple awards such as the prestigious national Swarnajayanti award and a best paper award at the leading conference Eurocrypt.