在現代網路發達的環境下，資訊大多轉換成數位內容( digital content )的形式傳播出去，其中付費有線電視與網路電視相當盛行，因此廣播系統的設計相當重要，在廣播系統的環境下，同一份資料會被傳送給系統內的所有使用者，然而大多數的資料是具有價值性的，比如具有著作權的視訊媒體或軟體，此時廣播出去的內容就不希望讓所有人都能解讀，為了解決這樣的問題，衍生出了廣播加密機制，然而在廣播加密機制中，金鑰管理是一個不容易處理的問題，計算金鑰所需要的運算量過大、或傳送金鑰所需的通訊流量過高，都容易使得廣播加密系統難以實行，因此如何設計一個兼具效率以及安全性的廣播加密機非常值得我們去探討。
本研究基於盧卡斯數列設計出了一個具時效性的金鑰參數，使得金鑰在時效過期之後自動廢止，省去了撤銷以及重新計算其他使用者新金鑰的運算及流量成本，並在初始化註冊階段採用基於橢圓曲線的自我驗證公開金鑰密碼系統，能夠避免憑證管理及金鑰託管問題。本系統除了提升效率之外，亦可滿足「金鑰安全」、「前推安全」、「後推安全」、「抵抗共謀攻擊」、「抵抗偽冒攻擊」、「預防無權限用戶竊取服務」等6項安全需求。

As the Internet grows in the modern world, most of the information is converted into digital content for dissemination. Pay TV and Web TV are becoming even more popular, so the design of the broadcast system is very important. In the broadcast system, a copy of data will be transmitted to all users in the system. However, most of the digital content are valuable, such as copyrighted video or software, so we do not want to let every user to has the ability to interpret the broadcasted content. Hence, the broadcast encryption mechanism has been developed in order to solve this problem. Because of the central broadcast architecture, the critical issue in broadcast encryption mechanism is key management. It is difficult to design a key management method that keep both strong security and high performance. Therefore, there are several important issues that are worth discussing.
In this paper, we propose a time-interval-bound broadcast encryption mechanism based on Lucas sequence. We design a time-interval-bound key that is only activated during its validity period. For example, when a user’s key has expired, he/she will not have the ability to decrypt the data broadcasted by the center anymore. Furthermore, to handle user authentication, we apply the ECC-based self-certified public key cryptosystems which can prevent the key escrow problem and provide high performance. Our proposed mechanism also satisfies the security requirements of key security, forward secrecy, backward secrecy, collusion attack resistance, impersonation attack resistance and prevention of illegal accessing.

[1] E. Bertino, N. Shang, and S. Wagstaff, “An efficient time-bound hierarchical key management scheme for secure broadcasting,” IEEE Transactions on Dependable and Secure Computing, vol. 5, no. 2, pp. 65–70, 2008.
[2] D. Bleichenbacher, W. Bosma, and A. K. Lenstra, “Some remarks on Lucas-based cryptosystems,” Advances in Cryptology — CRYPT0’ 95 Lecture Notes in Computer Science, pp. 386–396, 1995.
[3] D. Boneh, C. Gentry, and B. Waters, “Collusion resistant broadcast encryption with short ciphertexts and private keys,” Advances in Cryptology – CRYPTO 2005 Lecture Notes in Computer Science, pp. 258–275, 2005.
[4] C. Delerablée, “Identity-based broadcast encryption with constant size ciphertexts and private keys,” Advances in Cryptology – ASIACRYPT 2007 Lecture Notes in Computer Science, pp. 200–215, 2007.
[5] L. H. E. Fadil, A. Moumen, and M. Bouye, “Anonymous multi-receiver public key encryption based on Lucas sequences,” 2018.
[6] M. D. Femila and A. A. Irudhayara, “On the security of an efficient time-bound hierarchical key management scheme with biometrics,” 2010 International Conference on Data Storage and Data Engineering, pp. 283-286, 2010.
[7] A. Fiat, and M. Naor, “Broadcast encryption,” Annual International Cryptology Conference, Springer, pp. 480-491, 1993.
[8] C. Gentry and B. Waters, “Adaptive security in broadcast encryption systems (with short ciphertexts),” Advances in Cryptology - EUROCRYPT 2009 Lecture Notes in Computer Science, pp. 171–188, 2009.
[9] M. Girault, “Self-certified public keys,” Advances in Cryptology — EUROCRYPT ’91 Lecture Notes in Computer Science, pp. 490–497, 1991.
[10] A. P. Haripriya and K. Kulothungan, “ECC based self-certified key management scheme for mutual authentication in Internet of things,” 2016 International Conference on Emerging Technological Trends (ICETT), pp. 1-6, 2016.
[11] P.-K. Hsu, M.-T. Lin, and I.-C. Lin, “Flexible hierarchical key assignment scheme with time-based assured deletion for cloud storage,” Communications in Computer and Information Science New Trends in Computer Technologies and Applications, pp. 599–607, 2019.
[12] S.-J. Hwang and Y.-H. Lee, “Repairing ElGamal-like multi-signature schemes using self-certified public keys,” Applied Mathematics and Computation, vol. 156, no. 1, pp. 73–83, 2004.
[13] N. Koblitz, “Elliptic curve cryptosystems,” Mathematics of Computation, vol. 48, no. 177, pp. 203–203, 1987.
[14] X.-J. Lin, L. Sun, and H. Qu, “An efficient RSA-based certificateless public key encryption scheme,” Discrete Applied Mathematics, vol. 241, pp. 39–47, 2018.
[15] C.-F. Lu, T.-C. Wu, and T.-F. Shih, “Authenticated group key agreement protocol for unbalanced wireless mobile networks,” 2010 International Conference on Complex, Intelligent and Software Intensive Systems, vol. 8, no. 11, pp. 1145-1159, 2010.
[16] D. Naor, M. Naor, and J. Lotspiech, “Revocation and tracing schemes for stateless receivers,” Advances in Cryptology — CRYPTO 2001 Lecture Notes in Computer Science, pp. 41–62, 2001.
[17] NIST FIPS PUB 180, “Secure Hash Standard,” National Institute of Standards and Technology, U.S. Department of Commerce, DRAFT, 1993.
[18] V. Odelu, A. K. Das, and A. Goswami, “A secure and efficient time-bound hierarchical access control scheme for secure broadcasting,” International Journal of Ad Hoc and Ubiquitous Computing, vol. 22, no. 4, p. 236, 2016.
[19] P. Piscaglia and B. Macq, “Lossless hierarchical storage of images,” European Transactions on Telecommunications, vol. 6, no. 3, pp. 267–274, 1995.
[20] R. L. Rivest, “On NISTs proposed digital signature standard,” Advances in Cryptology — ASIACRYPT 91 Lecture Notes in Computer Science, pp. 481–484, 1993.
[21] A. Shamir, “Identity-based cryptosystems and signature schemes,” Advances in Cryptology Lecture Notes in Computer Science, pp. 47–53, 1984.
[22] J. K. Shrewsbury, “An introduction to TMN,” Journal of Network and Systems Management, vol. 3, no. 1, pp. 13–38, 1995.
[23] W.-J. Tsaur, “Several security schemes constructed using ECC-based self-certified public key cryptosystems,” Applied Mathematics and Computation, vol. 168, no. 1, pp. 447–464, 2005.
[24] W.-G. Tzeng, “A time-bound cryptographic key assignment scheme for access control in a hierarchy,” IEEE Transactions on Knowledge and Data Engineering, vol. 14, no. 1, pp. 182–188, 2002.
[25] S. UçAr, N. Taş, and N. Y. Özgür, “A new cryptography model via Fibonacci and Lucas numbers,” arXiv preprint arXiv:1709.10355, 2017.
[26] Z. Zhou, D. Huang, and Z. Wang, “Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption,” IEEE Transactions on Computers, vol. 64, no. 1, pp. 126-138, 2013.
[27] Y. Zhu, R. Yu, E. Chen, and D. Huang, “An efficient broadcast encryption supporting designation and revocation mechanisms,” Chinese Journal of Electronics, vol. 28, no. 3, pp. 445-456, 2019.