CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Revocation and Tracing Schemes for Stateless Receivers
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
The LSD Broadcast Encryption Scheme
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
A One Round Protocol for Tripartite Diffie-Hellman
ANTS-IV Proceedings of the 4th International Symposium on Algorithmic Number Theory
Collusion resistant broadcast encryption with short ciphertexts and private keys
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Hi-index | 0.00 |
Security systems should not only be correctly devised but also be correctly used. In Crypto 2005, Boneh, Gentry and Waters (BGW) proposed two efficient broadcast encryption schemes proven secure in their security definition. They also suggested for a number of applications of their schemes including satellite TV subscription services and DVD content protections. In contrast to this suggestion, we show that any legitimate decoder(s) can collude with the revoked decoders to produce exponentially many equivalent decryption keys, and moreover, this activity cannot be traced by the dealer. Our results remind of abuse that their schemes are not suitable for the satellite TV subscription services or DVD content protection applications, although their schemesmay be applicable in trusted environments such as conference key distribution.