Fingercasting—Joint Fingerprinting and Decryption of Broadcast Messages

  • André Adelsbach
  • Ulrich Huber
  • Ahmad-Reza Sadeghi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4058)


We propose a stream cipher that provides confidentiality, traceability and renewability in the context of broadcast encryption. We prove it to be as secure as the generic pseudo-random sequence on which it operates. This encryption scheme, termed fingercasting scheme, achieves joint decryption and fingerprinting of broadcast messages in such a way that an adversary cannot separate both operations or prevent them from happening simultaneously. The scheme is a combination of a broadcast encryption scheme, a fingerprinting scheme and an encryption scheme inspired by the Chameleon cipher. It is the first to provide a formal security proof and a non-constant lower bound for resistance against collusion of malicious users i.e., a minimum number of content copies needed to remove all fingerprints. The scheme is efficient and includes parameters that allow, for example, to trade-off storage size for computation cost at the receiving end.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Touretzky, D.S.: Gallery of CSS descramblers. Webpage, Computer Science Department of Carnegie Mellon University (2000) (November 17, 2005),
  2. 2.
    4C Entity, LLC: CPPM specification—introduction and common cryptographic elements. Specification, Revision 1.0 (2003)Google Scholar
  3. 3.
    AACS Licensing Administrator: Advanced access content system (AACS): Introduction and common cryptographic elements. Specification, Revision 0.90 (2005)Google Scholar
  4. 4.
    Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)Google Scholar
  5. 5.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  6. 6.
    Halevy, D., Shamir, A.: The LSD broadcast encryption scheme. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Jho, N.-S., Hwang, J.Y., Cheon, J.H., Kim, M.-H., Lee, D.-H., Yoo, E.S.: One-way chain based broadcast encryption schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 559–574. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Chor, B., Fiat, A., Naor, M.: Tracing traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994)Google Scholar
  9. 9.
    Naor, M., Pinkas, B.: Threshold traitor tracing. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 502–517. Springer, Heidelberg (1998)Google Scholar
  10. 10.
    Kundur, D., Karthik, K.: Video fingerprinting and encryption principles for digital rights management. Proceedings of the IEEE 92(6), 918–932 (2004)CrossRefGoogle Scholar
  11. 11.
    Anderson, R., Manifavas, C.: Chameleon – A new kind of stream cipher. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 107–113. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  12. 12.
    Briscoe, B., Fairman, I.: Nark: Receiver-based multicast non-repudiation and key management. In: ACM EC 1999, pp. 22–30. ACM Press, New York (1999)Google Scholar
  13. 13.
    Cox, I.J., Kilian, J., Leighton, T., Shamoon, T.: Secure spread spectrum watermarking for multimedia. IEEE Trans. Image Process. 6(12), 1673–1687 (1997)CrossRefGoogle Scholar
  14. 14.
    Kilian, J., Leighton, F.T., Matheson, L.R., Shamoon, T.G., Tarjan, R.E., Zane, F.: Resistance of digital watermarks to collusive attacks. Technical Report TR-585-98, Princeton University, Department of Computer Science (1998)Google Scholar
  15. 15.
    Anderson, R.J., Kuhn, M.: Tamper resistance—a cautionary note. In: Tygar, D. (ed.) USENIX Electronic Commerce 1996, USENIX, pp. 1–11 (1996)Google Scholar
  16. 16.
    Maurer, U.: Conditionally-perfect secrecy and a provably-secure randomized cipher. Journal of Cryptology 5(1), 53–66 (1992)MATHCrossRefMathSciNetGoogle Scholar
  17. 17.
    Ferguson, N., Schneier, B., Wagner, D.: Security weaknesses in a randomized stream cipher. In: Clark, A., Boyd, C., Dawson, E.P. (eds.) ACISP 2000. LNCS, vol. 1841, pp. 234–241. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  18. 18.
    Ergun, F., Kilian, J., Kumar, R.: A note on the limits of collusion-resistant watermarks. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 140–149. Springer, Heidelberg (1999)Google Scholar
  19. 19.
    Brown, I., Perkins, C., Crowcroft, J.: Watercasting: Distributed watermarking of multicast media. In: Rizzo, L., Fdida, S. (eds.) NGC 1999. LNCS, vol. 1736, pp. 286–300. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  20. 20.
    Parviainen, R., Parnes, P.: Large scale distributed watermarking of multicast media through encryption. In: Perrin, D., Nivat, M. (eds.) Automata on Infinite Words. LNCS, vol. 192, pp. 149–158. Springer, Heidelberg (1985)Google Scholar
  21. 21.
    Luh, W., Kundur, D.: New paradigms for effective multicasting and fingerprinting of entertainment media. IEEE Communications Magazine 43(5), 77–84 (2005)CrossRefGoogle Scholar
  22. 22.
    Adelsbach, A., Huber, U., Sadeghi, A.R.: Fingercasting—joint fingerprinting and decryption of broadcast messages. Technical Report, Horst Görtz Institute for IT Security (2006),

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • André Adelsbach
    • 1
  • Ulrich Huber
    • 1
  • Ahmad-Reza Sadeghi
    • 1
  1. 1.Horst Görtz Institute for IT SecurityRuhr-Universität BochumGermany

Personalised recommendations