We present a new generic black-box traitor tracing model in which the pirate-decoder employs a self-protection technique. This mechanism is simple, easy to implement in any (software or hardware) device and is a natural way by which a pirate (an adversary) which is black-box accessible, may try to evade detection. We present a necessary combinatorial condition for black-box traitor tracing of self-protecting devices. We constructively prove that any system that fails this condition, is incapable of tracing pirate-decoders that contain keys based on a superlogarithmic number of traitor keys. We then combine the above condition with specific properties of concrete systems. We show that the Boneh-Franklin (BF) scheme as well as the Kurosawa-Desmedt scheme have no black-box tracing capability in the self-protecting model when the number of traitors is superlogarithmic, unless the ciphertext size is as large as in a trivial system, namely linear in the number of users. This partially settles in the negative the open problem of Boneh and Franklin regarding the general black-box traceability of the BF scheme: at least for the case of superlogarithmic traitors. Our negative result does not apply to the Chor-Fiat-Naor (CFN) scheme (which, in fact, allows tracing in our self-protecting model); this separates CFN black-box traceability from that of BF. We also investigate a weaker form of black-box tracing called single-query "black-box confirmation." We show that, when suspicion is modeled as a confidence weight (which biases the uniform distribution of traitors), such single-query confirmation is essentially not possible against a self-protecting pirate-decoder that contains keys based on a superlogarithmic number of traitor keys.
[1]
Moni Naor,et al.
Digital signets: self-enforcing protection of digital information (preliminary version)
,
1996,
STOC '96.
[2]
Yvo Desmedt,et al.
Optimum Traitor Tracing and Asymmetric Schemes
,
1998,
EUROCRYPT.
[3]
Amos Fiat,et al.
Dynamic Traitor Tracing
,
2001,
Journal of Cryptology.
[4]
Birgit Pfitzmann,et al.
Asymmetric fingerprinting
,
1996
.
[5]
Matthew K. Franklin,et al.
An Efficient Public Key Traitor Tracing Scheme
,
1999,
CRYPTO.
[6]
Douglas R. Stinson,et al.
Key Preassigned Traceability Schemes for Broadcast Encryption
,
1998,
Selected Areas in Cryptography.
[7]
Douglas R. Stinson,et al.
Combinatorial Properties and Constructions of Traceability Schemes and Frameproof Codes
,
1998,
SIAM J. Discret. Math..
[8]
Amos Fiat,et al.
Dynamic Traitor Training
,
1999,
CRYPTO.
[9]
Jessica Staddon,et al.
Efficient Methods for Integrating Traceability and Broadcast Encryption
,
1999,
CRYPTO.
[10]
Amos Fiat,et al.
Tracing Traitors
,
1994,
CRYPTO.
[11]
Birgit Pfitzmann,et al.
Asymmetric fingerprinting for larger collusions
,
1997,
CCS '97.
[12]
Birgit Pfitzmann,et al.
Trials of Traced Traitors
,
1996,
Information Hiding.
[13]
Moni Naor,et al.
Threshold Traitor Tracing
,
1998,
CRYPTO.