Traitor Tracing with Constant Transmission Rate

  • Aggelos Kiayias
  • Moti Yung
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2332)


An important open problem in the area of Traitor Tracing is designing a scheme with constant expansion of the size of keys (users’ keys and the encryption key) and of the size of ciphertexts with respect to the size of the plaintext. This problem is known from the introduction of Traitor Tracing by Chor, Fiat and Naor. We refer to such schemes as traitor tracing with constant transmission rate. Here we present a general methodology and two protocol constructions that result in the first two public-key traitor tracing schemes with constant transmission rate in settings where plaintexts can be calibrated to be sufficiently large. Our starting point is the notion of “copyrighted function” which was presented by Naccache, Shamir and Stern. We first solve the open problem of discrete-log-based and public-key-based “copyrighted function.” Then, we observe the simple yet crucial relation between (public-key) copyrighted encryption and (public-key) traitor tracing, which we exploit by introducing a generic design paradigm for designing constant transmission rate traitor tracing schemes based on copyrighted encryption functions. Our first scheme achieves the same expansion efficiency as regular ElGamal encryption. The second scheme introduces only a slightly larger (constant) overhead, however, it additionally achieves efficient black-box traitor tracing (against any pirate construction).


Passive Adversary ElGamal Encryption Frameproof Code Pirate Decoder Quadratic Residuosity 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [Bon98]
    Dan Boneh, The Decision Diffie-Hellman Problem, In Proceedings of the Third Algorithmic Number Theory Symposium, Lecture Notes in Computer Science, Vol. 1423, Springer-Verlag, pp. 48–63, 1998.CrossRefGoogle Scholar
  2. [BF99]
    Dan Boneh and Matthew Franklin, An Efficient Public-Key Traitor Tracing Scheme, CRYPTO 1999.Google Scholar
  3. [BS95]
    Dan Boneh and James Shaw, Collusion-Secure Fingerprinting for Digital Data (Extended Abstract), CRYPTO 1995, Springer, pp. 452–465.Google Scholar
  4. [CDHKS00]
    Ran Canetti, Yevgeniy Dodis, Shai Halevi, Eyal Kushilevitz, and Amit Sahai, Exposure-Resilient Functions and All-or-Nothing Transforms, EUROCRYPT 2000.Google Scholar
  5. [CG98]
    Dario Catalano, and Rosario Gennaro, New Efficient and Secure Protocols for Verifiable Signature Sharing and Other Applications, CRYPTO 1998.Google Scholar
  6. [CFN94]
    Benny Chor, Amos Fiat, and Moni Naor, Tracing Traitors, CRYPTO 1994.Google Scholar
  7. [CFNP00]
    Benny Chor, Amos Fiat, Moni Naor, and Benny Pinkas, Tracing Traitors, IEEE Transactions on Information Theory, Vol. 46,3, 893–910, 2000.zbMATHCrossRefGoogle Scholar
  8. [ElG84]
    Taher El Gamal, A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms, CRYPTO 1984.Google Scholar
  9. [FT99]
    Amos Fiat and T. Tassa, Dynamic Traitor Tracing, CRYPTO 1999.Google Scholar
  10. [FH96]
    Matthew K. Franklin and Stuart Haber, Joint Encryption and Message-Efficient Secure Computation, Journal of Cryptology 9(4), pp. 217–232, 1996.zbMATHCrossRefMathSciNetGoogle Scholar
  11. [GSY99]
    Eli Gafni, Jessica Staddon and Yiqun Lisa Yin, Efficient Methods for Integrating Traceability and Broadcast Encryption, CRYPTO 1999.Google Scholar
  12. [GM84]
    Shafi Goldwasser and Silvio Micali, Probabilistic Encryption, JCSS 28(2): pp. 270–299, 1984.zbMATHMathSciNetGoogle Scholar
  13. [KY01a]
    Aggelos Kiayias and Moti Yung, Self Protecting Pirates and Black-Box Traitor Tracing, CRYPTO 2001.Google Scholar
  14. [KY01b]
    Aggelos Kiayias and Moti Yung, On Crafty Pirates and Foxy Tracers, Proceedings of the 1st Workshop on Security and Privacy in Digital Rights Management, 2001.Google Scholar
  15. [KD98]
    K. Kurosawa and Y. Desmedt, Optimum Traitor Tracing and Asymmetric Schemes, Eurocrypt 1998.Google Scholar
  16. [Mil76]
    G. Miller, Riemann’s Hypothesis and Tests for Primality, Journal of Computer and System Sciences, vol. 13, 300–317, 1976.zbMATHMathSciNetGoogle Scholar
  17. [NSS99]
    David Naccache, Adi Shamir, and Julien P. Stern, How to Copyright a Function?, In the Proceedings of Public Key Cryptography 1999, Springer, 188–196.Google Scholar
  18. [NNL01]
    Dalit Naor, Moni Naor, and Jeffrey B. Lotspiech Revocation and Tracing Schemes for Stateless Receivers, CRYPTO 2001.Google Scholar
  19. [NP98]
    Moni Naor and Benny Pinkas, Threshold Traitor Tracing, CRYPTO 1998.Google Scholar
  20. [NP00]
    Moni Naor and Benny Pinkas, Efficient Trace and Revoke Schemes, In the Proceedings of Financial Crypto’ 2000, Anguilla, February 2000.Google Scholar
  21. [NR97]
    Moni Naor and Omer Reingold, Number-Theoretic Constructions of Efficient Pseudo-Random Functions, FOCS 1997.Google Scholar
  22. [Pfi96]
    Birgit Pfitzmann, Trials of Traced Traitors, Information Hiding Workshop, Spring LNCS 1174, pp. 49–63, 1996.Google Scholar
  23. [Riv97]
    Ron Rivest, All-or-nothing Encryption and the Package Transform, Fast Software Encryption 1997.Google Scholar
  24. [SW00]
    Reihaneh Safavi-Naini and Yejing Wang, Sequential Traitor Tracing, CRYPTO 2000.Google Scholar
  25. [SW01a]
    Reihaneh Safavi-Naini and Yejing Wang, Collusion Secure q-ary Fingerprinting for Perceptual Content, Proceedings of the 1st Workshop on Security and Privacy in Digital Rights Management, 2001.Google Scholar
  26. [SW01b]
    Reihaneh Safavi-Naini and Yejing Wang, New Results on Frameproof Codes and Traceability Schemes, IEEE Transactions on Information Theory, Vol. 47, No. 7, pp. 3029–3033, 2001.zbMATHCrossRefMathSciNetGoogle Scholar
  27. [SSW00]
    Jessica N. Staddon, Douglas R. Stinson and Ruizhong Wei, Combinatorial Properties of Frameproof and Traceability Codes, Cryptology ePrint Archive, report 2000/004.Google Scholar
  28. [SW98]
    Douglas R. Stinson and Ruizhong Wei, Combinatorial Properties and Constructions of Traceability Schemes and Frameproof Codes, SIAM J. on Discrete Math, Vol. 11, no. 1, 1998.Google Scholar
  29. [TY99]
    Yiannis Tsiounis and Moti Yung, On the Security of ElGamal Based Encryption, Public Key Cryptography 1998.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Aggelos Kiayias
    • 1
  • Moti Yung
    • 2
  1. 1.Graduate CenterCUNYUSA
  2. 2.CertCoUSA

Personalised recommendations