A Fully Public-Key Traitor-Tracing Scheme

We propose a fully public-key traitor-tracing scheme in which each subscriber can choose his or her own private decryption key without others learning the key. The distributor of the digital content utilizes the public data coming from all subscribers to compute a public encryption key. The paid contents are then transmitted to the subscribers, after being encrypted with the public key. Each subscriber can decrypt the data using his or her own secret key. Even if a coalition of subscribers conspire to create a pirate decoder with a tamper-free decryption key, we have a tracing algorithm to trace them. Our scheme is long-lived, which means that the subscribers’ secret keys need not be regenerated after the pirate key is detected or when subscribers join or leave the system. Finally, our scheme guarantees anonymity. Key-Words: Public-key encryption, Broadcast encryption, Traitor tracing, Semantical security, Long livedness, Anonymity.

[1]  E. T. An Introduction to the Theory of Numbers , 1946, Nature.

[2]  Ernest F. Brickell,et al.  A Fast Modular Multiplication Algorithm With Application To Two Key Cryptography , 1982, CRYPTO.

[3]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[4]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[5]  Wen-Tsuen Chen,et al.  Secure Broadcasting Using the Secure Lock , 1989, IEEE Trans. Software Eng..

[6]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[7]  Evangelos Kranakis,et al.  On key distribution via true broadcasting , 1994, CCS '94.

[8]  Douglas R. Stinson,et al.  Trade-offs Between Communication and Storage in Unconditionally Secure Schemes for Broadcast Encryption and Interactive Key Distribution , 1996, CRYPTO.

[9]  Birgit Pfitzmann,et al.  Trials of Traced Traitors , 1996, Information Hiding.

[10]  Victor Shoup,et al.  Lower Bounds for Discrete Logarithms and Related Problems , 1997, EUROCRYPT.

[11]  Douglas R. Stinson,et al.  Key Preassigned Traceability Schemes for Broadcast Encryption , 1998, Selected Areas in Cryptography.

[12]  Jessica Staddon,et al.  Combinatorial Bounds for Broadcast Encryption , 1998, EUROCRYPT.

[13]  Jessica Staddon,et al.  Efficient Methods for Integrating Traceability and Broadcast Encryption , 1999, CRYPTO.

[14]  Matthew K. Franklin,et al.  An Efficient Public Key Traitor Tracing Scheme , 1999, CRYPTO.

[15]  Avishai Wool,et al.  Long-Lived Broadcast Encryption , 2000, CRYPTO.

[16]  Amos Fiat,et al.  Tracing traitors , 2000, IEEE Trans. Inf. Theory.