Analysis of Lewko-Sahai-Waters Revocation System

In 2010, Lewko, Sahai and Waters proposed an ecient revocation system but they neglected the security dierences between one-to-one encryption and one-to-many encryption. In their system, an authority generates all users’ decryption keys once and for all. We remark that the inherent drawback results in that the system is vulnerable to an attack launched by some malicious users. These malicious users could exchange their decryption keys after they receive them from the authority in order to maximize their own interests. Thus, the LewkoSahai-Waters revocation system cannot truly revoke a malicious user. From the practical point of view, the aw discounts greatly the importance of the system.

[1]  Douglas R. Stinson,et al.  On Some Methods for Unconditionally Secure Key Distribution and Broadcast Encryption , 1997, Des. Codes Cryptogr..

[2]  Michael T. Goodrich,et al.  Efficient Tree-Based Revocation in Groups of Low-State Devices , 2004, CRYPTO.

[3]  Adi Shamir,et al.  The LSD Broadcast Encryption Scheme , 2002, CRYPTO.

[4]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[5]  Yevgeniy Dodis,et al.  Public Key Broadcast Encryption for Stateless Receivers , 2002, Digital Rights Management Workshop.

[6]  Moni Naor,et al.  Efficient trace and revoke schemes , 2000, International Journal of Information Security.

[7]  Avishai Wool,et al.  Long-Lived Broadcast Encryption , 2000, CRYPTO.

[8]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[9]  Yvo Desmedt,et al.  Optimum Traitor Tracing and Asymmetric Schemes , 1998, EUROCRYPT.

[10]  David Pointcheval,et al.  Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys , 2007, Pairing.

[11]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[12]  Amit Sahai,et al.  Coding Constructions for Blacklisting Problems without Computational Assumptions , 1999, CRYPTO.

[13]  Jung Hee Cheon,et al.  Efficient Broadcast Encryption Using Multiple Interpolation Methods , 2004, ICISC.

[14]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[15]  Brent Waters,et al.  Adaptive Security in Broadcast Encryption Systems , 2008, IACR Cryptol. ePrint Arch..

[16]  Douglas R. Stinson,et al.  Some New Results on Key Distribution Patterns and Broadcast Encryption , 1998, Des. Codes Cryptogr..

[17]  Jessica Staddon,et al.  Efficient Methods for Integrating Traceability and Broadcast Encryption , 1999, CRYPTO.

[18]  Moni Naor,et al.  Multicast security: a taxonomy and some efficient constructions , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[19]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[20]  Allison Bishop,et al.  Revocation Systems with Very Small Private Keys , 2010, 2010 IEEE Symposium on Security and Privacy.