Browse > Article

Fully Collusion-Resistant Trace-and-Revoke Scheme in Prime-Order Groups  

Park, Jong-Hwan (Department of Applied Mathematics, College of Applied Science, Kyung Hee University)
Rhee, Hyun-Sook (Graduate School of Information Security, Korea University)
Lee, Dong-Hoon (Graduate School of Information Security, Korea University)
Publication Information
Journal of Communications and Networks / v.13, no.5, 2011 , pp. 428-441 More about this Journal
Abstract
A trace-and-revoke scheme is a type of broadcast encryption scheme for content protection on various platforms such as pay-per-view TV and DVD players. In 2006, Boneh and Waters (BW) presented a fully collusion-resistant trace-and-revoke scheme. However, a decisive drawback of their scheme is to require composite-order groups. In this paper, we present a new trace-and-revoke scheme that works in prime-order groups. Our scheme is fully collusion-resistant and achieves ciphertexts and private keys of size O($\sqrt{N}$) for N users. For the same level of security, our scheme is better than the BW scheme in all aspects of efficiency. Some superior features include 8.5 times faster encryption, 12 times faster decryption, and 3.4 times shorter ciphertexts. To achieve our goal, we introduce a novel technique where, by using asymmetric bilinear maps in prime-order groups, the cancellation effect same as in composite-order groups can be obtained.
Keywords
Bilinear maps; broadcast encryption; content distribution system; trace-and-revoke scheme;
Citations & Related Records

Times Cited By Web Of Science : 0  (Related Records In Web of Science)
Times Cited By SCOPUS : 1
연도 인용수 순위
  • Reference
1 M. Naor and B. Pinkas, "Effcient trace and revoke schemes," in Proc. FC. vol. 1962, 2000, pp. 1-20.
2 A. Fiat and M. Naor, "Broadcast encryption," in Proc. CRYPTO, vol. 773, 1993, pp. 480-491.
3 B. Chor, A. Fiat, and M. Naor, "Tracing traitors," in Proc. CRYPTO, vol. 839, 1994, pp. 257-270.
4 D. Naor, M. Naor, and J. B. Lotspiech, "Revocation and tracing schemes for stateless receivers," in Proc. CRYPTO, vol. 2139, 2001, pp. 41-62.
5 D. Halevy and A. Shamir, "The LSD broadcast encryption scheme," in Proc. CRYPTO, vol. 2442, 2002, pp. 47-60.
6 M. T. Goodrich, J. Z. Sun, and R. Tamassia, "Effcient tree-based revocation in groups of low-state devices," in Proc. CRYPTO, vol. 2204, 2004, pp.511-527.
7 E. Gahai, J. Staddon, and Y. L. Yin, "Efficient methods for integrating traceability and broadcast encryption," in Proc. CRYPTO, vol. 1666, 1999, pp. 372-387.
8 W. Tzeng and Z. Tzeng, "A public-key traitor tracing scheme with revocation using dynamic shares," in Proc. PKC, vol. 1992, 2001, pp. 207-224.
9 Y. Dodis and N. Fazio, "Public key trace and revoke scheme secure against adaptive chosen ciphertext attack," in Proc. PKC, vol. 2696, 2003, pp.100-115.
10 D. Boneh and B. Waters, "A fully collusion resistant broadcast, trace, and revoke system," in Proc. ACM-CCS, ACM, 2006, pp. 211-220.
11 J. H. Park and D. H. Lee, "A new public key broadcast encryption using Boneh-Boyen-Goh's HIBE scheme," in Proc. ISPEC, vol. 4991, 2008, pp. 101-115.
12 C. Gentry and B. Waters, "Adaptive security in broadcast encryption systems (with short ciphertexts)," in Proc. EUROCRYPT, vol. 5479, 2009, pp.171-188.
13 D. Boneh and M. K. Franklin, "An effcient public key traitor tracing scheme," in Proc. CRYPTO, vol. 1666, 1999, pp. 338-353.
14 A. Kiayias and M. Yung, "On crafy pirates and foxy tracers," in Proc. ACM-DRM, 2001, pp. 22-39.
15 S. Garg, A. Sahai, and B. Waters. Efficient fully collusion-resilient traitor tracing scheme. Cryptology ePrint Archive. Report 2009/532. [Online]. Available: http://eprint.iacr.org/2009/532/
16 D. Boneh, C. Gentry, and B. Waters, "Collusion resistant broadcast encryption with short ciphertexts and private keys," in Proc. CRYPTO, vol. 3621, 2005, pp. 258-275.
17 J. H. Park, H. J. Kim, M. H. Sung, and D. H. Lee, "Public key broadcast encryption schemes with shorter transmissions," IEEE Trans. Broadcast., vol. 54, no. 3, pp. 401-411, 2008.   DOI
18 D. Boneh, A. Sahai, and B. Waters, "Fully collusion resistant traitor tracing with short ciphertexts and private keys," in Proc. EUROCYYPT, vol. 4004, 2006, pp. 573-592.
19 D. Boneh and M. Franklin, "Identity-based encryption from the Weil pairing," in Proc. CRYPTO, vol. 2139, 2001, pp. 213-229.
20 D. Boneh, X. Boyen, and H. Shacham, "Short group signatures," in Proc. CRYPTO, vol. 3152, 2004, pp. 41-55.
21 M. Scott. (2002). Authenticated id-based key exchange and remote login with simple token and pin number. Cryptology ePrint Archive, Report 2002/164, 2002, [Online]. Available: http://eprint.iacr.org/2002/164/
22 S. Galbraith, K. Paterson, and N. Smart, "Pairings for cryptographers," Discrete Appl. Mathematics, vol. 156, no. 16, pp. 3113-3121, 2008.   DOI   ScienceOn
23 L. Ducas, "Anonymity from asymmetry: New constructions for anonymous HIBE," in Proc. CT-RSA, vol. 5985, 2010, pp. 148-164.
24 S. D. Galbraith, "Supersingular curves in cryptography," in Proc. ASIACRYPT, vol. 2248, 2001, pp. 495-513.
25 N. McCullagh and P. S. L. M. Barreto, "A new two-party identity-based authenticated key agreement," in Proc. CT-RSA, 2005, vol. 3376, pp. 262-274.
26 J. Camenisch, S. Hohenberger, and A. Lysyanskaya. (2005) Compact ecash, Cryptology ePrint Archive, Report 2005/060. [Online]. Available: http://eprint.iacr.org/2005/060/
27 G. Ateniese, J. Camenisch, and B. D. Medeiros, "Untraceable rfid tags via insubvertible encryption," in Proc. ACM-CCS, 2005, pp. 92-101.