Optimal subset-difference broadcast encryption with free riders

Broadcast encryption (BE) deals with secure transmission of a message to a group of receivers such that only an authorized subset of receivers can decrypt the message. The transmission cost of a BE system can be reduced considerably if a limited number of free riders can be tolerated in the system. In this paper, we study the problem of how to optimally place a given number of free riders in a subset-difference (SD)-based BE system, which is currently the most efficient BE scheme in use and has also been incorporated in standards, and we propose a polynomial-time optimal placement algorithm and three more efficient heuristics for this problem. Simulation experiments show that SD-based BE schemes can benefit significantly from the proposed algorithms.

[1]  Dong Hoon Lee,et al.  Public Key Broadcast Encryption Schemes With Shorter Transmissions , 2008, IEEE Transactions on Broadcasting.

[2]  Tomoyuki Asano,et al.  Efficient Dynamic Broadcast Encryption and Its Extension to Authenticated Dynamic Broadcast Encryption , 2008, CANS.

[3]  Rafail Ostrovsky,et al.  Fast digital identity revocation , 1998 .

[4]  David P. Woodruff,et al.  Fast Algorithms for the Free Riders Problem in Broadcast Encryption , 2006, CRYPTO.

[5]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[6]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[7]  Carlo Blundo,et al.  Unconditional Secure Conference Key Distribution Schemes with Disenrollment Capability , 1999, Inf. Sci..

[8]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[9]  Paz Morillo,et al.  Ad-Hoc Threshold Broadcast Encryption with Shorter Ciphertexts , 2008, Electron. Notes Theor. Comput. Sci..

[10]  Dan Boneh,et al.  Generalized Identity Based and Broadcast Encryption Schemes , 2008, ASIACRYPT.

[11]  C. Brendan S. Traw Protecting Digital Content within the Home , 2001, Computer.

[12]  Jeffrey B. Lotspiech,et al.  Broadcast Encryption's Bright Future , 2002, Computer.

[13]  Jeremy Horwitz A Survey of Broadcast Encryption , 2003 .

[14]  Adi Shamir,et al.  The LSD Broadcast Encryption Scheme , 2002, CRYPTO.

[15]  Tzonelih Hwang,et al.  All-in-one group-oriented cryptosystem based on bilinear pairing , 2007, Inf. Sci..

[16]  B. C. Brookes,et al.  Information Sciences , 2020, Cognitive Skills You Need for the 21st Century.

[17]  Eric J. Harder,et al.  Key Management for Multicast: Issues and Architectures , 1999, RFC.

[18]  Michael T. Goodrich,et al.  Efficient Tree-Based Revocation in Groups of Low-State Devices , 2004, CRYPTO.

[19]  Eugenio Barahona Marciel,et al.  AACS(Advanced Access Content System) , 2005 .

[20]  David Pointcheval,et al.  Dynamic Threshold Public-Key Encryption , 2008, CRYPTO.

[21]  Sheng-Tun Li,et al.  A platform-neutral live IP/TV presentation system , 2002, Inf. Sci..

[22]  Mohamed G. Gouda,et al.  Secure group communications using key graphs , 2000, TNET.

[23]  Wen-Guey Tzeng,et al.  Public Key Broadcast Encryption with Low Number of Keys and Constant Decryption Time , 2008, Public Key Cryptography.

[24]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[25]  Avishai Wool,et al.  Key management for restricted multicast using broadcast encryption , 2000, TNET.

[26]  Dongho Won,et al.  Resource-aware protocols for authenticated group key exchange in integrated wired and wireless networks , 2007, Inf. Sci..

[27]  Rafail Ostrovsky,et al.  Fast Digital Identity Revocation (Extended Abstract) , 1998, CRYPTO.