I've interested in the broadcast encryption schemes.
And now, I'm thinking about the sender authentication in the broadcast
encryption. That subject is about how to we authenticate the
broadcaster in the environment with several broadcast senders,
For example, a malicious attacker first legitimately join the group
then if he modify the message given from the broadcast sender. how to
we verify that the messages are come from the original sender.
Recently, I found several papers about the authenticated broadcast
encryption. In the paper, the authors proved that their scheme is CCA
My question is that whether the CCA secure is enough to prove the
sender authentication. I means that whether we can prove a sender
authentication by using only the CCA secure. If not, what security
model should we use?