Traditionally, a ciphertext from an identity-based broadcast encryption can be distributed to a group of receivers whose identities are included in the ciphertext. Once the ciphertext has been created, it is not possible to remove any intended receivers from it without conducting decryption. In this paper, we consider an interesting question: how to remove target designated receivers from a ciphertext generated by an anonymous identity-based broadcast encryption? The solution to this question is found applicable to file sharing with revocation. In this work, we found an affirmative answer to this question. We construct an anonymous identity-based broadcast encryption, which offers the user revocation of ciphertext and the revocation process does not reveal any information of the plaintext and receiver identity. In our proposed scheme, the group of receiver identities are anonymous and only known by the encryptor. We prove that our scheme is semantically secure in the random oracle model.
展开▼
