@conference {IIIA-2007-1585,
title = {CCA2-Secure Threshold Broadcast Encryption with Shorter Ciphertexts},
booktitle = {Lecture Notes in Computer Science},
volume = {4784},
year = {2007},
pages = {35-50},
publisher = {Springer-Verlag},
organization = {Springer-Verlag},
abstract = {In a threshold broadcast encryption scheme, a sender chooses (ad-hoc) a set of $n$ receivers and a threshold $t$, and then encrypts a message by using the public keys of all the receivers, in such a way that the original plaintext can be recovered only if at least $t$ receivers cooperate. Previously proposed threshold broadcast encryption schemes have ciphertexts whose length is at least $n + \O(1)$. In this paper, we propose new schemes, for both PKI and identity-based scenarios, where the ciphertexts{\textquoteright} length is $n-t + \O(1)$. The constructions use secret sharing techniques and the Canetti-Halevi-Katz transformation to achieve chosen-ciphertext security. The security of our schemes is formally proved under the Decisional Bilinear Diffie-Hellman (DBDH) Assumption.},
author = {Javier Herranz and Vanes Daza and Paz Morillo and Carla Rafols},
editor = {W. Susilo, J.K. Liu, and Y. Mu}
}