A Traitor Tracing Scheme Based on RSA for Fast Decryption

We describe a fully k-resilient traitor tracing scheme that utilizes RSA as a secret-key rather than public-key cryptosystem. Traitor tracing schemes deter piracy in broadcast encryption systems by enabling the identification of authorized users known as traitors that contribute to unauthorized pirate decoders. In the proposed scheme, upon the confiscation of a pirate decoder created by a collusion of k or fewer authorized users, contributing traitors can be identified with certainty. Also, the scheme prevents innocent users from being framed as traitors. The proposed scheme improves upon the decryption efficiency of past traitor tracing proposals. Each authorized user needs to store only a single decryption key, and decryption primarily consists of a single modular exponentiation operation. In addition, unlike previous traitor tracing schemes, the proposed scheme employs the widely deployed RSA algorithm.

[1]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[2]  Jessica Staddon,et al.  Efficient Methods for Integrating Traceability and Broadcast Encryption , 1999, CRYPTO.

[3]  Colin Boyd,et al.  Advances in Cryptology - ASIACRYPT 2001 , 2001 .

[4]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[5]  Dan Collusion-Secure Fingerprinting for Digital Data , 2002 .

[6]  Aggelos Kiayias,et al.  Breaking and Repairing Asymmetric Public-Key Traitor Tracing , 2002, Digital Rights Management Workshop.

[7]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[8]  Dan Boneh,et al.  TWENTY YEARS OF ATTACKS ON THE RSA CRYPTOSYSTEM , 1999 .

[9]  Mihir Bellare,et al.  Optimal Asymmetric Encryption , 1994, EUROCRYPT.

[10]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[11]  Birgit Pfitzmann,et al.  Asymmetric fingerprinting for larger collusions , 1997, CCS '97.

[12]  Matthew K. Franklin,et al.  An Efficient Public Key Traitor Tracing Scheme , 1999, CRYPTO.

[13]  Gustavus J. Simmons,et al.  A "Weak" Privacy Protocol using the RSA Crypto Algorithm , 1983, Cryptologia.

[14]  Victor Shoup,et al.  OAEP Reconsidered , 2001, CRYPTO.

[15]  Amos Fiat,et al.  Tracing traitors , 2000, IEEE Trans. Inf. Theory.

[16]  Birgit Pfitzmann,et al.  Trials of Traced Traitors , 1996, Information Hiding.

[17]  Douglas R. Stinson,et al.  Key Preassigned Traceability Schemes for Broadcast Encryption , 1998, Selected Areas in Cryptography.

[18]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[19]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[20]  Min Wu,et al.  Reading Between the Lines: Lessons from the SDMI Challenge , 2001, USENIX Security Symposium.

[21]  Reihaneh Safavi-Naini,et al.  Sequential Traitor Tracing , 2000, CRYPTO.

[22]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[23]  Sushil Jajodia,et al.  Kronos: a scalable group re-keying approach for secure multicast , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[24]  Jessica Staddon,et al.  Efficient Traitor Tracing Algorithms Using List Decoding , 2001, ASIACRYPT.

[25]  Yvo Desmedt,et al.  Shared Generation of Authenticators and Signatures (Extended Abstract) , 1991, CRYPTO.

[26]  Amos Fiat,et al.  Dynamic Traitor Tracing , 2001, Journal of Cryptology.

[27]  E. Szemerédi,et al.  On the probability that a random ±1-matrix is singular , 1995 .

[28]  John M. DeLaurentis,et al.  A Further Weakness in the Common Modulus Protocol for the RSA Cryptoalgorithm , 1984, Cryptologia.

[29]  Jacques Stern,et al.  RSA-OAEP Is Secure under the RSA Assumption , 2001, Journal of Cryptology.

[30]  Dan Boneh,et al.  Simplified OAEP for the RSA and Rabin Functions , 2001, CRYPTO.

[31]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[32]  Douglas R. Stinson,et al.  Combinatorial Properties and Constructions of Traceability Schemes and Frameproof Codes , 1998, SIAM J. Discret. Math..

[33]  Amos Fiat,et al.  Dynamic Traitor Training , 1999, CRYPTO.

[34]  Cryptosystem Dan Boneh Twenty Years of Attacks on the RSA , 1999 .

[35]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[36]  Aggelos Kiayias,et al.  Scalable public-key tracing and revoking , 2003, PODC.

[37]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[38]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[39]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[40]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[41]  Yvo Desmedt,et al.  Optimum Traitor Tracing and Asymmetric Schemes , 1998, EUROCRYPT.

[42]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[43]  Moni Naor,et al.  Threshold Traitor Tracing , 1998, CRYPTO.

[44]  Douglas R. Stinson,et al.  Advances in Cryptology — CRYPTO’ 93 , 2001, Lecture Notes in Computer Science.

[45]  Aggelos Kiayias,et al.  Fully scalable public-key traitor tracing , 2003 .

[46]  Ingemar J. Cox,et al.  A Secure, Robust Watermark for Multimedia , 1996, Information Hiding.

[47]  Dan Boneh,et al.  Collusion-Secure Fingerprinting for Digital Data (Extended Abstract) , 1995, CRYPTO.

[48]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[49]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[50]  Hideki Imai,et al.  Efficient Asymmetric Public-Key Traitor Tracing without Trusted Agents , 2001, CT-RSA.