Identity-Based Trace and Revoke Schemes

Trace and revoke systems allow for the secure distribution of digital content in such a way that malicious users, who collude to produce pirate decoders, can be traced back and revoked from the system. In this paper, we consider such schemes in the identity-based setting, by extending the model of identity-based traitor tracing scheme by Abdalla et al. to support revocation. The proposed constructions rely on the subset cover framework. We first propose a generic construction which transforms an identity-based encryption with wildcard (WIBE) of depth log(N) (N being the number of users) into an identity-based trace and revoke scheme by relying on the complete subtree framework (of depth log(N)). This leads, however, to a scheme with log(N) private key size (as in a complete subtree scheme). We improve this scheme by introducing generalized WIBE (GWIBE) and propose a second construction based on GWIBE of two levels. The latter scheme provides the nice feature of having constant private key size (3 group elements). In our schemes, we also deal with advanced attacks in the subset cover framework, namely pirate evolution attacks (PEvoA) and pirates 2.0. The only known strategy to protect schemes in the subset cover framework against pirate evolution attacks was proposed by Jin and Lotspiech but decreases seriously the efficiency of the original schemes: each subset is expanded to many others subsets; the total number of subsets to be used in the encryption could thus be O(N1/b) to prevent a traitor from creating more than b generations. Our GWIBE based scheme, resisting PEvoA better than the Jin and Lotspiech's method. Moreover, our method does not need to change the partitioning procedure in the original complete subtree scheme and therefore, the resulted schemes are very competitive compared to the original scheme, with r log(N/r) logN-size ciphertext and constant size private key.

[1]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[2]  Aggelos Kiayias,et al.  BiTR: Built-in Tamper Resilience , 2011, IACR Cryptol. ePrint Arch..

[3]  Kaoru Kurosawa,et al.  Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings , 2007, International Conference on the Theory and Application of Cryptology and Information Security.

[4]  Brent Waters,et al.  A fully collusion resistant broadcast, trace, and revoke system , 2006, CCS '06.

[5]  Ran Canetti,et al.  Efficient Communication-Storage Tradeoffs for Multicast Encryption , 1999, EUROCRYPT.

[6]  Amit Sahai,et al.  Coding Constructions for Blacklisting Problems without Computational Assumptions , 1999, CRYPTO.

[7]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[8]  Serge Vaudenay Progress in Cryptology - AFRICACRYPT 2008, First International Conference on Cryptology in Africa, Casablanca, Morocco, June 11-14, 2008. Proceedings , 2008, AFRICACRYPT.

[9]  Donald W. Davies,et al.  Advances in Cryptology — EUROCRYPT ’91 , 2001, Lecture Notes in Computer Science.

[10]  Aggelos Kiayias,et al.  On Crafty Pirates and Foxy Tracers , 2001, Digital Rights Management Workshop.

[11]  Matthew K. Franklin,et al.  An Efficient Public Key Traitor Tracing Scheme , 1999, CRYPTO.

[12]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[13]  Olivier Billet,et al.  Traitors Collaborating in Public: Pirates 2.0 , 2009, EUROCRYPT.

[14]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[15]  Tomoyuki Asano,et al.  A Tree Based One-Key Broadcast Encryption Scheme with Low Computational Overhead , 2005, ACISP.

[16]  David Pointcheval,et al.  Fully Collusion Secure Dynamic Broadcast Encryption with Constant-Size Ciphertexts or Decryption Keys , 2007, Pairing.

[17]  Tomoyuki Asano A Revocation Scheme with Minimal Storage at Receivers , 2002, ASIACRYPT.

[18]  Tsuyoshi Takagi,et al.  Pairing-Based Cryptography - Pairing 2007, First International Conference, Tokyo, Japan, July 2-4, 2007, Proceedings , 2007, Pairing.

[19]  David Lubicz,et al.  Attribute-Based Broadcast Encryption Scheme Made Efficient , 2008, AFRICACRYPT.

[20]  Brent Waters,et al.  Adaptive Security in Broadcast Encryption Systems (with Short Ciphertexts) , 2009, EUROCRYPT.

[21]  Shlomo Shamai,et al.  Information Theoretic Security , 2009, Found. Trends Commun. Inf. Theory.

[22]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[23]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[24]  Yvo Desmedt,et al.  Optimum Traitor Tracing and Asymmetric Schemes , 1998, EUROCRYPT.

[25]  Xingwen Zhao,et al.  Traitor Tracing against Public Collaboration , 2011, ISPEC.

[26]  Serdar Pehlivanoglu,et al.  Defending against the pirate evolution attack , 2010, Int. J. Appl. Cryptogr..

[27]  Olivier Billet,et al.  Efficient Traitor Tracing from Collusion Secure Codes , 2008, ICITS.

[28]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[29]  Cécile Delerablée,et al.  Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys , 2007, ASIACRYPT.

[30]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[31]  Moni Naor,et al.  Traitor tracing with constant size ciphertext , 2008, CCS.

[32]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[33]  Alan T. Sherman,et al.  Key Establishment in Large Dynamic Groups Using One-Way Function Trees , 2003, IEEE Trans. Software Eng..

[34]  Nigel P. Smart,et al.  Identity-Based Encryption Gone Wild , 2006, ICALP.

[35]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[36]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[37]  Xingwen Zhao,et al.  Traitor Tracing against Public Collaboration (Full Version) , 2011, IACR Cryptol. ePrint Arch..

[38]  Dan Boneh,et al.  Collusion-Secure Fingerprinting for Digital Data (Extended Abstract) , 1995, CRYPTO.

[39]  Serdar Pehlivanoglu,et al.  Pirate Evolution: How to Make the Most of Your Traitor Keys , 2007, CRYPTO.

[40]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[41]  Jun Furukawa,et al.  Identity-Based Broadcast Encryption , 2007, IACR Cryptol. ePrint Arch..

[42]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[43]  Yevgeniy Dodis,et al.  Public Key Broadcast Encryption for Stateless Receivers , 2002, Digital Rights Management Workshop.

[44]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[45]  Moni Naor,et al.  Efficient trace and revoke schemes , 2000, International Journal of Information Security.

[46]  Yuliang Zheng,et al.  Advances in Cryptology — ASIACRYPT 2002 , 2002, Lecture Notes in Computer Science.

[47]  Avishai Wool,et al.  Long-Lived Broadcast Encryption , 2000, CRYPTO.

[48]  Moti Yung,et al.  A New Randomness Extraction Paradigm for Hybrid Encryption , 2009, EUROCRYPT.

[49]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[50]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[51]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[52]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[53]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[54]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[55]  A. J. Menezes,et al.  Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings , 2007, CRYPTO.

[56]  Paolo D'Arco,et al.  Fighting Pirates 2.0 , 2011, ACNS.

[57]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[58]  Duong Hieu Phan,et al.  Identity-Based Traitor Tracing , 2007, Public Key Cryptography.

[59]  Yevgeniy Dodis,et al.  Public Key Trace and Revoke Scheme Secure against Adaptive Chosen Ciphertext Attack , 2003, Public Key Cryptography.

[60]  Gene Tsudik,et al.  Simple and fault-tolerant key agreement for dynamic collaborative groups , 2000, CCS.

[61]  Amos Fiat,et al.  Tracing Traitors , 1994, CRYPTO.

[62]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.