Property-Based Broadcast Encryption for Multi-level Security Policies

  • André Adelsbach
  • Ulrich Huber
  • Ahmad-Reza Sadeghi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3935)


Most current Digital Rights Management (DRM) systems rely on the doubtful assumption that all devices are equally trustworthy. This allows a pirate to obtain access if he undetectedly breaks just one arbitrary device. As there is a multitude of different devices, trust assumptions and policies should depend on the security level of each device type. For each content item to be distributed, the content providers should be able to base their access decision on various properties that the devices might have, such as the devices’ tamper resistance, geographical region, output interface or device model.

We propose a hierarchical property-based broadcast encryption scheme enabling a variety of new business models. It operates with an arbitrary number of properties, including one hierarchical property such as tamper resistance. The scheme is secure and more efficient than existing Broadcast Encryption (BE) schemes in the hierarchical setting. As the first building block, we formalize the notion of properties with respect to BE and show an approach for representing them in a binary tree structure. As the second building block, we use existing BE schemes to achieve short ciphertexts. Specifically, we enhance the Complete Subtree scheme with pseudo-random chains to embed the hierarchical property.


Content Provider Device Tree Broadcast Encryption Access Decision Revocation List 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adelsbach, A., Huber, U., Sadeghi, A.R.: Property-based broadcast encryption for multi-level security policies. Technical Report, full version of this paper, Horst Görtz Institute for IT Security (2005),
  2. 2.
    Miller, M.L., Cox, I.J., Linnartz, J.P.M.G., Kalker, T.: A review of of watermarking principles and practices. In: Parhi, K.K., Nishitani, T. (eds.) Digital Signal Processing for Multimedia Systems, pp. 461–485. IEEE, Los Alamitos (1999)Google Scholar
  3. 3.
    Petitcolas, F.A.: Digital watermarking. In: Becker, E., Buhse, W., Günnewig, D., Rump, N. (eds.) Digital Rights Management. LNCS, vol. 2770, pp. 81–92. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Kundur, D., Karthik, K.: Video fingerprinting and encryption principles for digital rights management. Proceedings of the IEEE 92(6), 918–932 (2004)CrossRefGoogle Scholar
  5. 5.
    Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994)Google Scholar
  6. 6.
    Naor, M., Pinkas, B.: Threshold traitor tracing. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 502–517. Springer, Heidelberg (1998)Google Scholar
  7. 7.
    Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)Google Scholar
  8. 8.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Anderson, R.J., Kuhn, M.: Tamper resistance—a cautionary note. In: Tygar, D. (ed.) USENIX Electronic Commerce 1996, USENIX, pp. 1–11 (1996)Google Scholar
  10. 10.
    Anderson, R.J.: Security Engineering: A Guide to Building Dependable Distributed Systems, 1st edn. John Wiley & Sons, New York (2001)Google Scholar
  11. 11.
    Popescu, B.C., Crispo, B., Tanenbaum, A.S.: Support for multi-level security policies in DRM architectures. In: NSPW 2004, pp. 3–9. ACM Press, New York (2005)Google Scholar
  12. 12.
    Digital Content Protection, LLC: High-bandwidth digital content protection system. Specification Revision 1.1 (2003),
  13. 13.
    Digital Transmission Licensing Administrator, LLC: Digital transmission content protection specification. Specification Revision 1.4, vol. 1 (2005),
  14. 14.
    Halevy, D., Shamir, A.: The LSD broadcast encryption scheme. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Berkovits, S.: How to broadcast a secret. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 535–541. Springer, Heidelberg (1991)Google Scholar
  16. 16.
    Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. 17.
    Jho, N.S., Hwang, J.Y., Cheon, J.H., Kim, M.H., Lee, D.H., Yoo, E.S.: One-way chain based broadcast encryption schemes. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 559–574. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • André Adelsbach
    • 1
  • Ulrich Huber
    • 1
  • Ahmad-Reza Sadeghi
    • 1
  1. 1.Horst Görtz Institute for IT SecurityRuhr-Universität BochumGermany

Personalised recommendations