1. Field of the Invention
Aspects of the present invention relate to a broadcast encryption method and a broadcast decryption method, and more particularly, to a broadcast encryption method and a broadcast decryption method that can generate a public key and a secret key using a Strong Diffie-Hellman tuple.
2. Description of the Related Art
Recently, research on broadcast encryption is actively under way. Broadcast encryption indicates that only a user included in a user group S restores a message encryption key using a header, and decrypts an encrypted message using the restored message encryption key when a broadcasting center transmits a list of users in a user group S, a header, and an encrypted message to a plurality of users. The user included in the user group S is referred to as an authorized user. Only the authorized user can acquire a message. A user excluded from the user group S cannot acquire the message. Broadcast encryption can be used efficiently for a satellite television receiving service of a paid channel and for transmitting content protected by copyright, since only the authorized user can acquire an encryption key by only one-time broadcasting.
Broadcast encryption employs two types of encryption: symmetric key and public key. In the symmetric key setting, only a trusted broadcasting center generates and distributes a secret key of a user, and transmits a broadcast message to the user. The trusted broadcasting center is entirely responsible for the broadcast encryption. The entire broadcast encryption system is paralyzed when a malfunction of the trusted broadcasting center occurs, and a complex key update process is needed when a member joins or leaves the user group.
The public key setting can overcome some drawbacks of the symmetric key setting, since any group member can transmit the broadcast message by using a public key commonly used in a system and the need for complex key update processes is eliminated. Also, the broadcast encryption of the public key setting can be easily converted into the symmetric key setting. D. Boneh, C. Gentry, and B. Waters proposed a public key-based broadcast encryption method having efficiency in a transmission amount and a storage amount by using a pairing on an elliptic curve in a paper “Collusion resistant broadcast encryption with short ciphertexts and private keys” in CRYPTO vol. 3621, pp. 258-275 published in 2005. However, according to the method proposed by Boneh, Gentry, and Waters, since 2n+1 public keys are needed for n-number of users, and 2n−1 public keys are needed for decryption, a new broadcast encryption method and a new broadcast decryption method, which can reduce a number of necessary public keys and thereby reduce a transmission amount, are needed.