“Token-controlled public key encryption” is a public key encryption scheme where individual message can be encrypted and sent to every receiver, but the receiver cannot decrypt the message until he/she is given an extra piece of information called a “token”. The token will not reveal any information about the messages that the sender originally sent and the communication overhead for releasing the token is very small. Also, it is possible that a single token can control the decryption of a number of ciphertexts sent to multiple receivers. We formalize security model for such scheme and show efficient and provably secure constructions based on known computational assumptions in the random oracle model.
Available at: http://works.bepress.com/wsusilo/249/