Ecient Broadcast Encryption with User Proles

Broadcast encryption (BE) deals with secure transmission of a message to a group of users such that only an authorized subset of users can decrypt the message. Some of the most eective BE schemes in the literature are the tree-based schemes of complete subtree (CS) and subset dierence (SD). The key distribution trees in these schemes are traditionally constructed without considering user preferences. In fact these schemes can be made signicantly more ecient when user proles are taken into account. In this paper, we consider this problem and study how to construct the CS and SD trees more eciently according to user proles. We �rst analyze the relationship between the transmission cost and the user prole distribution and prove a number of key results in this aspect. Then we propose several optimization algorithms which can reduce the bandwidth requirement of the CS and SD schemes signicantly. This reduction becomes even more signicant when a number of free riders can be allowed in the system.

[1]  Avishai Wool,et al.  Key management for restricted multicast using broadcast encryption , 2000, TNET.

[2]  Rafail Ostrovsky,et al.  Fast digital identity revocation , 1998 .

[3]  Munchurl Kim,et al.  A target advertisement system based on TV viewer’s profile reasoning , 2006, Multimedia Tools and Applications.

[4]  Dongho Won,et al.  Resource-aware protocols for authenticated group key exchange in integrated wired and wireless networks , 2007, Inf. Sci..

[5]  C. Brendan S. Traw Protecting Digital Content within the Home , 2001, Computer.

[6]  Carlo Blundo,et al.  Unconditional Secure Conference Key Distribution Schemes with Disenrollment Capability , 1999, Inf. Sci..

[7]  Sarit Kraus,et al.  Agents for Information Broadcasting , 1999, ATAL.

[8]  Ali Aydin Selçuk,et al.  Optimal subset-difference broadcast encryption with free riders , 2009, Inf. Sci..

[9]  David P. Woodruff,et al.  Fast Algorithms for the Free Riders Problem in Broadcast Encryption , 2006, CRYPTO.

[10]  Tzonelih Hwang,et al.  All-in-one group-oriented cryptosystem based on bilinear pairing , 2007, Inf. Sci..

[11]  Alfredo De Santis,et al.  Optimising SD and LSD in Presence of Non-uniform Probabilities of Revocation , 2009, ICITS.

[12]  D. Huffman A Method for the Construction of Minimum-Redundancy Codes , 1952 .

[13]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[14]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[15]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[16]  Adi Shamir,et al.  The LSD Broadcast Encryption Scheme , 2002, CRYPTO.

[17]  Jeffrey B. Lotspiech,et al.  Broadcast Encryption's Bright Future , 2002, Computer.

[18]  Michael T. Goodrich,et al.  Efficient Tree-Based Revocation in Groups of Low-State Devices , 2004, CRYPTO.

[19]  Dalit Naor,et al.  Broadcast Encryption , 1993, Encyclopedia of Multimedia.

[20]  Hendrik Blockeel,et al.  Web mining research: a survey , 2000, SKDD.

[21]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 1998, SIGCOMM '98.