Toward Practical Group Encryption
A group encryption scheme allows anyone to form a ciphertext for a given group member while keeping the receiver’s identity private. At the same time, the encryptor is capable of proving that some (anonymous) group member is able to decrypt the ciphertext and, optionally, that the corresponding plaintext satisfies some a priori relation (to prevent sending bogus messages). Finally, in case of a dispute, the identity of the intended receiver can be recovered by a designated authority. In this paper, we abstract a generic approach to construct group encryption schemes. We also introduce several new implementation tricks. As a result, we obtain group encryption schemes that significantly improve the state of the art. Both interactive and non-interactive constructions are considered.
KeywordsGroup encryption Canetti-Halevi-Katz paradigm homomorphic encryption structure-preserving signatures (non)-interactive zero-knowledge
Unable to display preview. Download preview PDF.
- 2.El Aimani, L., Joye, M.: Toward practical group encryption. IACR Cryptology ePrint Archive, Report 2012/155 (2012), http://eprint.iacr.org/
- 8.Fuchsbauer, G.: Automorphic Signatures in Bilinear Groups and an Application to Round-Optimal Blind Signatures. Cryptology ePrint Archive, Report 2009/320 (2009), http://eprint.iacr.org/
- 9.Groth, J.: Homomorphic Trapdoor Commitments to Group Elements. IACR Cryptology ePrint Archive 2009, 7 (2009)Google Scholar