Combinatorial Properties and Constructions of Traceability Schemes and Frameproof Codes
SIAM Journal on Discrete Mathematics
The Design of Rijndael
The LSD Broadcast Encryption Scheme
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Traitor Tracing with Constant Transmission Rate
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Efficient Trace and Revoke Schemes
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
On Crafty Pirates and Foxy Tracers
DRM '01 Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management
Linear Code Implies Public-Key Traitor Tracing
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Public Key Trace and Revoke Scheme Secure against Adaptive Chosen Ciphertext Attack
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Improved Decoding of Reed-Solomon and Algebraic-Geometric Codes
FOCS '98 Proceedings of the 39th Annual Symposium on Foundations of Computer Science
Polynomial reconstruction based cryptography
Polynomial reconstruction based cryptography
One-Way chain based broadcast encryption schemes
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
An efficient single-key pirates tracing scheme using cover-free families
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Fully collusion resistant traitor tracing with short ciphertexts and private keys
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
IEEE Transactions on Information Theory
| Hi-index | 0.01 |
Public-key traitor-tracing schemes is a supporting technology for content distribution that discourages abuse and resale of cryptographic keys used for the distribution. These schemes enable a system manager to maintain a set of subscribers so that any external content provider can use the public key nature of the method and transmit data to the subscribers, while assuring that if a coalition of users generate a pirate deciphering device, they can be identified via a procedure called "traitor tracing." The usefulness of efficient decoding in this context was exemplified in the work of Boneh and Franklin that showed how a specific family of codes can be combined with ElGamal encryption to produce a public-key traitor tracing scheme that supports non-black-box traitor tracing and recovers all traitors that contributed to the pirate key. In this work we are motivated by the notion of "Traitor Tracing with unbounded enrollment" that we define here, and we look for proper implementation thereof. To this end, we first generalize the Boneh Franklin approach to arbitrary code families by introducing Extended ElGamal encryption and showing an explicit condition under which the encryption can be transformed to traitor tracing, while also identifying cases where such transformation would not work; the properties are presented in terms of efficient decoding algorithms. The approach sheds light on the superlogarithmic (non-black-box) traceability of the Kurosawa-Desmedt public-key traitor tracing scheme that was only shown to support efficient tracing for a logarithmic number of traitors (in the black-box sense, where it was shown that logarithmic is optimal). Recall that the original non-black-box tracing algorithm of this scheme was found to be insufficient. We also show how to take advantage of list decoding techniques for non-black-box traitor tracing to extend the number of traitors that can be successfully traced. Finally, the Kurosawa Desmedt scheme accompanied with our tracing method is shown to be the first construction to implement traitor tracing with unbounded enrollment for an optimal number of traitors (for such a scheme) in both the non-black-box tracing case and the black-box tracing case.