Browse > Article
http://dx.doi.org/10.5909/JBE.2014.19.4.502

Security Analysis of Broadcast Encryption System Based on 2-Subset Difference Method  

Lee, Jae Hwan (Department of Computer Science, College of Software, Sangmyung University)
Park, Jong Hwan (Department of Computer Science, College of Software, Sangmyung University)
Publication Information
Journal of Broadcast Engineering / v.19, no.4, 2014 , pp. 502-509 More about this Journal
Abstract
Broadcast encryption is a cryptographic primitive that allows a sender to securely transmit a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on binary trees and the Subset Difference (SD) method. In 2006, Jang, Nyang, and Song suggested a new broadcast encryption system that can reduce transmission rate by 50% compared to the SD method, by introducing the so-called '2-SD' method. Their result was later given the registration of a patent in Korea (registration number: 100879083). Unfortunately, however, this paper shows that Jang et. al.'s broadcast encryption system is not secure against collusion attacks that are considered as being the basic security requirement in designing broadcast encryption.
Keywords
broadcast encryption; collusion attack; subset difference method;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 S. Bhattacherjee and P. Sarkar, "Tree based symmetric key broadcast encryption", IACR Cryptology ePrint Archive, Report 2013/786, 2013.
2 B. Chor, A. Fiat, and M. Naor, "Tracing traitors," Proceedings of the CRYPTO'94, vol. 839 of LNCS, pp. 257-270, Aug. 1994.
3 Y. Dodis and N. Fazio, "Public key broadcast encryption for stateless receivers," Proceedings of the Digital Rights Management Workshop, vol. 2696 of Lecture Notes in Computer Science, pp. 61-80, 2002.
4 ChongHee Kim, YongHo Hwang and PilJoong Lee, "An efficient public key trace and revoke scheme secure against adaptive chosen ciphertext attack," Proceedings of the ASIACRYPT 2003, vol. 2894 of LNCS, pp. 359-373, Nov/Dec. 2003.
5 D. Boneh, C. Gentry and B. Waters, "Collusion resistant broadcast encryption with short ciphertexts and private keys," Proceedings of the CRYPTO 2005, vol. 3621 of LNCS, pp. 258-275, Aug.2005.
6 D. Boneh and B. Waters, "A fully collusion resistant broadcast, trace, and revoke system," Proceedings of the ACM CCS 06, pp. 211-220, Oct/Nov. 2006.
7 JiYong Jang, DaeHun Nyang, and JooSeok Song, "2-Subset Difference Scheme for Broadcast Encryption," Journal of the Korea Institute of Information Security and Cryptology, 16(4), pp. 1-5, Aug. 2006.
8 K. Fukushima, S. Kiyomoto, Y. Miyake and K. Sakurai, "Revocation and tracing based on ternary tree: towards optimal broadcast encryption scheme," Proceedings of the IECTE 2011, vol. 314 of CCIS, pp. 233-248, 2012.
9 A. Fiat and M. Naor, "Broadcast encryption," Proceedings of the CRYPTO'93, volume 773 of LNCS, pp. 480-491, Aug. 1993.
10 D. Naor, M. Naor and J. Lotspiech, "Revocation and tracing schemes for stateless receivers," Proceedings of the CRYPTO 2001, vol. 2139 of LNCS, pp. 41-62, Feb. 2001.
11 D. Halevy and A. Shamir, "The LSD broadcast encryption scheme," Proceedings of the CRYPTO 2002, vol. 2442 of LNCS, pp. 47-60, Aug. 2002.
12 M.T. Goodrich, J.Z. Sun and R. Tamassia, "Efficient tree-based revocation in groups of low-state devices," Proceedings of the CRYPTO 2004, vol. 3152 of LNCS, pp. 511-527, Aug. 2004.