| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 427805 | Information Processing Letters | 2011 | 4 Pages |
Identity based broadcast encryption allows a centralized transmitter to send encrypted messages to a set of identities S, so that only the users with identity in S can decrypt these ciphertexts using their respective private key. Recently [Information Processing Letters 109 (2009)], an identity-based broadcast encryption scheme was proposed (Ren and Gu, 2009) [1], and it was claimed to be fully chosen-ciphertext secure without random oracles. However, by giving a concrete attack, we indicate that this scheme is even not chosen-plaintext secure.
Research highlights► We analyze a recent identity-based broadcast encryption scheme. ► We present a chosen-plaintext attack against this scheme. ► Our attack indicate that this scheme is even not chosen-plaintext secure.
