Broadcast encryption schemes allow a center to deliver encrypted data to a large set of users so that only a particular subset of privileged users can decrypt it. Most of previous works about broadcast encryption only provide confidentiality of the message. However, when a broadcast system is composed of multiple broadcasters, it raises an issue of authentication and non-repudiation of the message or broadcaster. This issue is especially important for multicasting in computer networks. In this paper, a new concept called broadcast signcryption by combining the concepts of broadcast encryption and signcryption together is proposed to resolve the authentication and non-repudiation problem in a broadcast system. We also propose an identity-based broadcast signcryption scheme using Chen and Malone-Lee's identity-based signcryption scheme. © 2007 Elsevier B.V. All rights reserved.
Li, F., Xin, X., & Hu, Y. (2008). Indentity-based broadcast signcryption. Computer Standards and Interfaces, 30(1–2), 89–94. https://doi.org/10.1016/j.csi.2007.08.005