Abstract
Traitor tracing schemes are cryptographically secure broadcast methods that allow identification of conspirators: if a pirate key is generated by k traitors out of a static set of ℓ legitimate users, then all traitors can be identified given the pirate key. In this paper we address three practicality and security issues of the Boneh-Franklin traitor-tracing scheme. In the first place, without changing the original scheme, we modify its tracing procedure in the non-black-box model such that it allows identification of k traitors in time \(\tilde{O}(k^2)\), as opposed to the original tracing complexity \(\tilde{O}(\ell)\). This new tracing procedure works independently of the nature of the Reed-Solomon code used to watermark private keys. As a consequence, in applications with billions of users it takes just a few minutes on a common desktop computer to identify large collusions. Secondly, we exhibit the lack of practical value of list-decoding algorithms to identify more than k traitors. Finally, we show that 2k traitors can derive the keys of all legitimate users and we propose a fix to this security issue.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-642-00468-1_29
Chapter PDF
References
Anderson, R.: Security engineering – a guide to building dependable distributed systems. Wiley, Chichester (2001)
Billet, O., Phan, D.: Efficient traitor tracing from collusion secure codes. In: Safavi-Naini, R. (ed.) ICITS 2008. LNCS, vol. 5155, pp. 171–182. Springer, Heidelberg (2008)
Bini, D., Pan, V.: Polynomial and matrix computations: fundamental algorithms. Progress in Theoretical Computer Science Series, vol. 1. Birkhauser Verlag, Basel (1994)
Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)
Boneh, D., Franklin, M.: An efficient public key traitor tracing scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 338–353. Springer, Heidelberg (1999)
Boneh, D., Naor, M.: Traitor tracing with constant size ciphertext (manuscript 2008), http://crypto.stanford.edu/~dabo/papers/const-tt.pdf
Boneh, D., Sahai, A., Waters, B.: Fully collusion resistant traitor tracing with short ciphertexts and private keys. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 573–592. Springer, Heidelberg (2006)
Boneh, D., Shaw, J.: Collusion-secure fingerprinting for digital data. IEEE Transactions on Information Theory 44(5), 1897–1905 (1998)
Boneh, D., Waters, B.: A fully collusion resistant broadcast, trace and revoke system. In: Juels, A., Wright, R., De Capitani de Vimercati, S. (eds.) Proceedings of the 13th ACM Conference on Computer and Communication Security, CCS 2006, Alexandria, USA, October 30 - November 3, pp. 211–220. ACM Press, New York (2006)
Cantor, D., Zassenhaus, H.: A new algorithm for factoring polynomials over finite fields. Mathematics of Computation 36(154), 587–592 (1981)
Chien, R.: Cyclic decoding procedures for Bose-Chaudhuri-Hocquenghem codes. IEEE Transactions on Information Theory 10(4), 357–363 (1964)
Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994)
Chor, B., Fiat, A., Naor, M., Pinkas, B.: Tracing traitors. IEEE Transactions on Information Theory 46(3), 893–910 (2000)
Cohen, H.: A course in computational algebraic number theory. Springer, Heidelberg (2000)
Dodis, Y., Fazio, N., Kiayias, A., Yung, M.: Scalable public-key tracing and revoking. In: Rajsbaum, S. (ed.) PODC 2003, Proceedings of the Twenty-Second ACM Symposium on Principles of Distributed Computing, July 13-16, 2003, pp. 190–199. ACM Press, Boston (2003)
Dodis, Y., Fazio, N., Kiayias, A., Yung, M.: Scalable public-key tracing and revoking. Distributed Computing 17(4), 323–347 (2005)
Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)
Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometric codes. In: 39th Annual Symposium on Foundations of Computer Science (FOCS 1998), California, USA, November 8-11, 1998, pp. 28–39. IEEE Computer Society, Los Alamitos (1998)
Guruswami, V., Sudan, M.: Improved decoding of Reed-Solomon and algebraic-geometry codes. IEEE Transactions on Information Theory 45(6), 1757–1767 (1999)
Hall, J.: Notes on coding theory – Generalized Reed-Solomon codes (2003), http://www.mth.msu.edu/~jhall/classes/codenotes/GRS.pdf
Kiayias, A., Pehlivanoglu, S.: Pirate evolution: how to make most of your traitor keys. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 448–465. Springer, Heidelberg (2007)
Kiayias, A., Yung, M.: Self protecting pirates and black-box traitor tracing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 63–79. Springer, Heidelberg (2001)
Kiayias, A., Yung, M.: Breaking and repairing asymmetric public-key traitor tracing. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 32–50. Springer, Heidelberg (2003)
Kurosawa, K., Desmedt, Y.: Optimum traitor tracing and asymmetric schemes with arbiter. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 145–157. Springer, Heidelberg (1998)
Kurosawa, K., Yoshida, T.: Linear code implies public-key traitor tracing. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 172–187. Springer, Heidelberg (2002)
LiDIA A C++ Library for Computational Number Theory. Software, http://www.cdc.informatik.tu-darmstadt.de/TI/LiDIA/
Mangard, S., Oswald, E., Popp, T.: Power analysis – revealing the secrets of smart cards. Springer, Heidelberg (2007)
Massey, J.: Shift-register synthesis and BCH decoding. IEEE Transactions on Information Theory 15(1), 122–127 (1969)
McGregor, J., Yin, Y., Lee, R.: A traitor tracing scheme based on RSA for fast decryption. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 56–74. Springer, Heidelberg (2005)
Menezes, A., Van Oorschot, P., Vanstone, S.: Handbook of applied cryptography. The CRC Press series on discrete mathematics and its applications. CRC Press, Boca Raton (1997)
GNU Multiple Precision Arithmetic Library, http://gmplib.org .
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)
Naor, M., Pinkas, B.: Threshold traitor tracing. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 502–517. Springer, Heidelberg (1998)
Pan, V.: Faster solution of the key equation for decoding BCH error-correcting codes. In: Leighton, F., Shor, P. (eds.) Proceedings, 29th Annual ACM Symposium on the Theory of Computing (STOC), pp. 168–175. ACM Press, New York (1997)
Pfitzmann, B.: Trials of traced traitors. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 49–64. Springer, Heidelberg (1996)
Reed, I., Solomon, G.: Polynomial codes over certain finite fields. Journal of the Society for Industrial and Applied Mathematics (SIAM) 8(2), 300–304 (1960)
Silverberg, A., Staddon, J., Walker, J.: Efficient traitor tracing algorithms using list decoding. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 175–192. Springer, Heidelberg (2001)
Silverberg, A., Staddon, J., Walker, J.: Applications of list decoding to traitor tracing. IEEE Transactions on Information Theory 49(5), 1312–1318 (2003)
Digital Video Broadcasting (DVB) Conditional Access Standards, http://www.dvb.org/technology/standards/index.xml#conditional
Stinson, D., Wei, R.: Key preassigned traceability schemes for broadcast encryption. In: Tavares, S., Meijer, H. (eds.) SAC 1998. LNCS, vol. 1556, pp. 144–156. Springer, Heidelberg (1999)
Wallner, D., Harder, E., Agee, R.: Key management for multicast: issues and architectures. RFC 2627 (1999), http://www.ietf.org
Welch, L., Berlekamp, E.: Error correction for algebraic block codes. US Patent 4’633’470 (1986)
Wicker, S.: Error control systems for digital communications and storage. Prentice-Hall, Englewood Cliffs (1995)
Wong, C., Gouda, M., Lam, S.: Secure group communications using key graphs. In: Proceedings of the ACM SIGCOMM 1998 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, Vancouver, British Columbia, Canada, August 31 - September 4, 1998, pp. 68–79. ACM Press, New York (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Junod, P., Karlov, A., Lenstra, A.K. (2009). Improving the Boneh-Franklin Traitor Tracing Scheme. In: Jarecki, S., Tsudik, G. (eds) Public Key Cryptography – PKC 2009. PKC 2009. Lecture Notes in Computer Science, vol 5443. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00468-1_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-00468-1_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00467-4
Online ISBN: 978-3-642-00468-1
eBook Packages: Computer ScienceComputer Science (R0)