Authenticated broadcast encryption with short ciphertexts and private keys

Broadcast encryption schemes allow a broadcaster encrypts a message for a subset S of system users who are listening on a broadcast channel. Any user in S can use his private key to decrypt the broadcast. Most of previous works about broadcast encryption only restrict access to content to authorized users. However, when a broadcast system is composed of multiple broadcasters, it raises an issue of authentication and non-repudiation of the broadcast message. This issue is especially important for many applications, such as multicasting in computer networks. In this paper, we proposed an authenticated broadcast encryption scheme, ensured both confidentiality and authenticity of the broadcasted message. In our scheme, the size of private keys and ciphertexts is constant, and the public key is of size linear in the number of system users. Our system does not require any paring operations in order to encrypt and sign the message. Finally we prove the existentially unforgeability and semantic security of our system by using the BDHE assumption without random oracle.