Skip to main content
SpringerLink
Log in

Toward tracing and revoking schemes secure against collusion and any form of secret information leakage

  • Special Issue Paper
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Tracing and revoking schemes enable a center to deliver protected content to a subset of privileged users of a given universe. The main property these schemes enjoy is that traitors, who illegally help unauthorized users to set up a pirate decoder for gaining access to the protected content, can be identified and removed from the privileged subset. Historically, traitors have been modeled as users who privately share their secret information with unauthorized users. However, in the Pirates 2.0 attack model, traitors collaborate in public and partially share their secret information with a certified guarantee of anonymity. Several classes of tracing and revoking schemes, like tree-based tracing and revoking schemes and code-based tracing schemes, are subject to such a new threat. In this paper we propose methods to cope with the Pirates 2.0 attack. We focus our attention on the class of tree-based schemes. We start by discussing some simple techniques, which can partially help to deal with the attack, and point out their limits. Then, looking through the literature, we recover some ideas, which can be used to strengthen tracing and revoking schemes. We also analyze the trade-off which can be obtained by applying these ideas to the schemes. Finally, we describe new hybrid schemes, obtained by mixing previous constructions, which can be used to face up the Pirates 2.0 attack.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

Notes

  1. The join operation is trivially performed by constructing at the beginning an oversized tree structure, capable of accommodating new users. Hence, the focus is only posed on efficient ways to revoke users.

  2. Roughly speaking, the bifurcation property guarantees that each set of the collection can be split in two subsets, still belonging to the collection, more or less of the same size.

  3. A similar problem is faced in [15] when trying to generalize the SD scheme to the public key setting.

References

  1. Abdalla, M., Catalano, D., Dent, A., Malone-Lee, J., Neven, G., Smart, N.: Identity-based encryption gone wild. In: Automata, Languages and Programming, vol. 4052 of LNCS, pp. 300–311. Springer (2006)

  2. Anzai, J., Matsuzaki, N., Matsumoto, T.: A quick group key distribution scheme with entity revocation. In: Advances in Cryptology–Asiacrypt ’99. Lecture Notes in Computer Science, vol. 1716, pp. 333–347 (1999)

  3. Berkovits, S.: How to broadcast a secret. In: Advances in Cryptology–EUROCRYPT ’91, vol. 547 of LNCS, pp. 535–541. Springer (1991)

  4. Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: CRYPTO, vol. 3621 of LNCS, pp. 258–275. Springer (2005)

  5. Boneh, D., Naor, M.: Traitor tracing with constant size ciphertext. In: CCS ’08: Proceedings of the 15th ACM conference on Computer and communications security, pp. 501–510, ACM, New York (2008)

  6. Boneh, D.: The decision diffie-hellman problem. In: Proceedings of the Third Algorithmic Number Theory Symposium, vol. 1423 of LNCS, pp. 48–63. Springer (1998)

  7. Billet, O., Phan, D.H.: Efficient traitor tracing from collusion secure codes. In: ICITS ’08: Proceedings of the 3rd International Conference on Information Theoretic Security, pp. 171–182, Springer, Berlin (2008)

  8. Billet, O., Phan, D.H.: Traitors collaborating in public: Pirates 2.0. In: Advances in Cryptology–Eurocrypt ’09, vol. 5479 of LNCS, pp. 189–205, (2009)

  9. Berkman, O., Parnas, M., Sgall, J.: Efficient dynamic traitor tracing. In: SODA ’00: Proceedings of the Eleventh Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 586–595, Society for Industrial and Applied Mathematics, Philadelphia (2000)

  10. Chang, I., Engel, R., Kandlur, D., Pendarakis, D., Saha, D.: Key management for secure internet multicast using boolean function minimization techniques. In: Proceedings of IEEE INFOCOMM 1999, vol. 2, pp. 689–698 (1999)

  11. Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: CRYPTO ’94: Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology, pp. 257–270, Springer, London (1994)

  12. Chor, B., Fiat, A., Naor, M., Pinkas, B.: Traitor tracing. IEEE Trans. Inf. Theory 46(3), 893–910 (2000)

    Article  MATH  Google Scholar 

  13. Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., Pinkas, B.: Multicast security: a taxonomy and some efficient constructions. In: Proceedings of INFOCOMM 1999, pp. 708–716 (1999)

  14. Canetti, R., Malkin, T., Nissim, K.: Efficient communication-storage tradeoffs for multicast encryption. In: Advances in Cryptology–EUROCRYPT ’99, vol. 1592 of LNCS, pp. 459–474. Springer (1999)

  15. Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Digital Rights Management Workshop, vol. 2696 of LNCS, pp. 61–80. Springer (2003)

  16. Delerablée, C., Paillier, P., Pointcheval, D.: Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys. In: Pairing, vol. 4575 of LNCS, pp. 39–59. Springer (2007)

  17. D’Arco, P., De Santis, A.: Optimising SD and LSD in presence of non-uniform probabilities of revocation. In: Proceedings of ICITS 2007, vol. 4883 of LNCS, pp. 46–64. Springer (2009)

  18. Feldman, P.: A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th IEEE Symposium on Foundations of Computer Science, pp. 427–437 (1987)

  19. Fiat, A., Naor, M.: Broadcast encryption. In: Advances in Cryptology–CRYPTO ’93, vol. 773 of LNCS, pp. 480–491. Springer (1994)

  20. Fiat, A., Tessa, T.: Dynamic traitor tracing. J. Cryptol. 14, 211–223 (2001)

    MATH  Google Scholar 

  21. Goodrich, M.T., Sun, J.Z., Tamassia, R.: Efficient tree-based revocation in groups of low-state devices. In: Advances in Cryptology–CRYPTO’04, vol. 3152 of LNCS, pp. 511–527. Springer (2004)

  22. Gafni, E., Staddon, J., Yin, Y.L.: Efficient methods for integrating traceability and broadcast encryption. In: Advances in Cryptology–Crypto’99, vol. 1666 of LNCS, pp. 372–387 (1999)

  23. Hwang, Y.H., Lee, P.J.: Efficient broadcast encryption scheme with log-key storage. In: Financial Cryptography, vol. 4107 of LNCS, pp. 281–295. Springer (2006)

  24. Hwang, J.Y., Lee, D.H., Lim, J.: Generic transformation for scalable broadcast encryption schemes. In: Advances in Cryptology CRYPTO’05, vol. 3621 of LNCS, pp. 276–292. Springer (2005)

  25. Halevy, D., Shamir, A.: The LSD broadcast encryption scheme. In: Advances in Cryptology–Crypto ’02, vol. 2442 of LNCS, pp. 47–60 (2002)

  26. Jho, N., Hwang, J.Y., Cheon, J.H., Kim, M., Lee, D.H., Yoo, E.S.: One-way chain based broadcast encryption schemes. In: Advances in Cryptology: EUROCRYPT’05, vol. 3494 of LNCS, pp. 559–574. Springer (2005)

  27. Kurosawa, K., Desmedt, Y.: Optimum traitor tracing and asymmetric schemes. In: Advances in Cryptology–EUROCRYPT ’98, vol. 1403 of LNCS, pp. 145–157. Springer (1998)

  28. Kiayias, A., Pehlivanoglu, S.: Pirate evolution: how to make the most of your traitor keys. In: Advances in Cryptology: CRYPTO’ 07, vol. 4622 of LNCS, pp. 448–465. Springer (2007)

  29. Kumar, R., Rajagopalan, S., Sahai, A.: Coding constructions for blacklisting problems without computational assumptions. In: Advances in Cryptology–Crypto ’99. Lecture Notes in Computer Science vol. 1666, pp. 609–623 (1999)

  30. Kiayias, A., Yung, M.: Self protecting pirates and black-box traitor tracing. In: CRYPTO ’01: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, pp. 63–79. Springer, London (2001)

  31. Kiayias, A., Yung, M.: Traitor tracing with constant transmission rate. In: EUROCRYPT ’02: Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques, pp. 450–465. Springer, London (2002)

  32. Luby, M., Staddon, J.: Combinatorial bounds for broadcast encryption. In: Advances in Cryptology–Eurocrypt ’98. Lecture Notes in Computer Science vol. 1403, pp. 512–526 (1998)

  33. Micciancio, D., Panjwani, S.: Optimal communication complexity of generic multicast key distribution. In: Advances in Cryptology–EUROCRYPT ’04, vol. 3027 of LNCS, pp. 153–170. Springer Verlag (2004)

  34. Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Advances in Cryptology: Crypto’01, vol. 2139 of LNCS, pp. 41–62. Springer-Verlag, (2001). Full version available at http://www.wisdom.weizmann.ac.il/Naor/

  35. Naor, M., Pinkas, B.: Efficient trace and revoke schemes. In: Proceedings of the 18th Annual International Conference on Financial Cryptography, LNCS, pp. 1–20 (2000)

  36. Poovendran, R., Baras, J.S.: An information theoretic analysis of rooted-tree based secure multicast key distribution schemes. IEEE Transactions on Information Theory, 47(7), 2824–2834, November 2001. Preliminary version in Advances in Cryptology: Crypto ’99, Vol. 1666, pp. 624–638, Springer Verlag (1999)

    Google Scholar 

  37. Pfitzmann, B.: Trials for traced traitors. In: Proceedings of the First International Workshop on Information Hiding, vol. 1174 of LNCS, pp. 49–63 Springer Verlag (1996)

  38. Phan, D.H., Pointcheval, D., Strefler, M.: Security notions for broadcast encryption. In: Proceedings of ACNS 2011, vol. 6980 of LNCS, pp. 204–221. Springer (2011)

  39. Phan, D.H., Trinh, V.C.: Identity-based trace and revoke schemes. In: Proceedings of ProvSec 2011, vol. 6980 of LNCS, pp. 204–221. Springer (2011)

  40. Pfitzmann, B., Waidner, M.: Asymmetric fingerprinting for larger collusions. In: CCS ’97: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 151–160, ACM, New York (1997)

  41. Sherman, A.T., McGrew, D.A.: Key establishment in large dynamic groups using one-way function trees. IEEE Trans. Softw. Eng. 29(5), 444–458 (2003)

    Article  Google Scholar 

  42. Safavi-Naini, R., Wang, Y.: Sequential traitor tracing. In: CRYPTO ’00: Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology, pp. 316–332, Springer, London (2000)

  43. Snoeyink, J., Suri, S., Varghese, G.: A lower bound for multicast key distribution. In: Proceedings of IEEE INFOCOMM 2001, pp. 422–431 (2001)

  44. Stinson, D.R., Wei, R.: Combinatorial properties and constructions of traceability schemes and frameproof codes. SIAM J. Discret. Math. 11(1), 41–53 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  45. Stinson, D.R., Wei. R.: Key preassigned traceability schemes for broadcast encryption. In: SAC 98: Proceedings of the Selected Areas in Cryptography, pp. 144–156, Springer, London (1998)

  46. Tassa, T.: Low bandwidth dynamic traitor tracing schemes. J. Cryptol. 18, 167–183 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  47. Waters, B.R.: Efficient identity-based encryption without random oracles. In: EUROCRYPT, LNCS, vol. of 3494, pp. 114–127. Springer (2005)

  48. Wong, C., Gouda, M., Lam, S.: Secure group communications using key graphs. In: Proceedings ACM SIGCOMM ’98. ACM, September (1998)

  49. Wallner, D., Hardler, E., Agee, R.: Key management for multicast: issues and architectures. RFC 2627, National Security Agency, June (1999)

  50. Zhao, X., Zhang, F.: Traitor tracing against public collaboration. In: Proceedings of ISPEC 2011, vol. 6715 of LNCS, pp. 377–394. Springer (2011)

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Informatica, Università degli Studi di Salerno, 84084, Fisciano (SA), Italy

    Paolo D’Arco

  2. Dept. de Matemática Aplicada, Universidad Rey Juan Carlos, c/ Tulipn, s/n, 28933, Madrid, Spain

    Angel Perez del Pozo

Authors
  1. Paolo D’Arco
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Angel Perez del Pozo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Angel Perez del Pozo.

Rights and permissions

Reprints and permissions

About this article

Cite this article

D’Arco, P., Perez del Pozo, A. Toward tracing and revoking schemes secure against collusion and any form of secret information leakage. Int. J. Inf. Secur. 12, 1–17 (2013). https://doi.org/10.1007/s10207-012-0186-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-012-0186-1

Keywords

Search

Navigation