CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Revocation and Tracing Schemes for Stateless Receivers
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
The LSD Broadcast Encryption Scheme
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A Revocation Scheme with Minimal Storage at Receivers
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Generic transformation for scalable broadcast encryption schemes
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
One-Way chain based broadcast encryption schemes
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Hi-index | 0.00 |
This paper proposes a ternary subset difference method (SD method) that is resistant to coalition attacks. In order to realize a secure ternary SD method, we design a new cover-finding algorithm, label assignment algorithm, and encryption algorithm. These algorithms are required to revoke one or two subtrees simultaneously while maintaining resistance against coalition attacks. We realize this two-way revocation mechanism by creatively using labels and hashed labels. Then, we evaluate the efficiency and security of the ternary SD method. We show that the upper bound of the average message length in the ternary SD method is smaller by about 12.2 percent than that of the conventional SD method, and the number of labels on each client device can be reduced by about 20.4 percent. On the other hand, the computational cost imposed on a client device stays within O (logn ). Finally, we prove that the ternary SD method is secure against coalition attacks.