Trials of traced traitors

  • Birgit Pfitzmann
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1174)


Traitor tracing schemes as introduced by Chor, Fiat, and Naor at Crypto '94 are intended for tracing people who abuse a broadcast encryption scheme by allowing additional, illegitimate users to decrypt the data. The schemes should also provide legal evidence for such treachery.

We discuss and improve the quality of such evidence, i.e., the security of trials that would be held about supposedly traced traitors. In particular, previous traitor tracing schemes are symmetric in the sense that legitimate users of the broadcast information share all their secrets with the information provider. Thus they cannot offer non-repudiation. We define asymmetric traitor tracing schemes, where the provider, confronted with treachery, obtains information that he could not have produced on his own, and that is therefore much better evidence. Examples of concrete constructions are given.

We also discuss the general model of traitor tracing and propose improvements to the symmetric schemes.


Encryption Scheme Legitimate User Information Provider User Initialization Symmetric Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. BDHK_93.
    Carlo Blundo, Alfredo De Santis, Amir Herzberg, Shay Kutten, Ugo Vaccaro, Moti Yung: Perfectly-Secure Key Distribution for Dynamic Conferences; Crypto '92, LNCS 740, Springer-Verlag, Berlin 1993, 471–486.Google Scholar
  2. Berk_91.
    Shimshon Berkovits: How To Broadcast A Secret; Eurocrypt '91, LNCS 547, Springer-Verlag, Berlin 1991, 535–541.Google Scholar
  3. BlCr_95.
    Carlo Blundo, Antonella Cresti: Space Requirements for Broadcast Encryption; Eurocrypt '94, LNCS 950, Springer-Verlag, Berlin 1995, 287–298.Google Scholar
  4. BlMP_86.
    G. R. Blakley, Catherine Meadows, G. B. Purdy: Fingerprinting Long Forgiving Messages; Crypto '85, LNCS 218, Springer-Verlag, Berlin 1986, 180–189.Google Scholar
  5. Blom_80.
    Rolf Blom: Key Distribution for Broadcast Cryptography; Third International Conference: Security Through Science and Engineering, September 23–26, 1980, Technical University Berlin, 19–23.Google Scholar
  6. BoSh_95.
    Dan Boneh, James Shaw: Collusion-Secure Fingerprinting for Digital Data; Crypto '95, LNCS 963, Springer-Verlag, Berlin 1995, 452–465.Google Scholar
  7. BrCC_88.
    Gilles Brassard, David Chaum, Claude Crépeau: Minimum Disclosure Proofs of Knowledge; Journal of Computer and System Sciences 37 (1988) 156–189.CrossRefGoogle Scholar
  8. Caro_95.
    Germano Caronni: Assuring Ownership Rights for Digital Images; Proceedings VIS '95, Vieweg, Wiesbaden 1995, 251–263.Google Scholar
  9. ChDG_88.
    David Chaum, Ivan B. Damgard, Jeroen van de Graaf: Multiparty computations ensuring privacy of each party's input and correctness of the result; Crypto '87, LNCS 293, Springer-Verlag, Berlin 1988, 87–119.Google Scholar
  10. ChFN_94.
    Benny Chor, Amos Fiat, Moni Naor: Tracing traitors; Crypto '94, LNCS 839, Springer-Verlag, Berlin 1994, 257–270.Google Scholar
  11. DwLN_96.
    Cynthia Dwork, Jeffrey Lotspiech, Moni Naor: Digital Signets; Self-Enforcing Protection of Digital Information; to appear at 28th Symposium on Theory of Computing (STOC) 1996; preliminary version received April 1996.Google Scholar
  12. FiNa_94.
    Amos Fiat, Moni Naor: Broadcast Encryption; Crypto '93, LNCS 773, Springer-Verlag, Berlin 1994, 480–491.Google Scholar
  13. GMW_87.
    Oded Goldreich, Silvio Micali, Avi Wigderson: How to play any mental game — or — a completeness theorem for protocols with honest majority; 19th Symposium on Theory of Computing (STOC) 1987, ACM, New York 1987, 218–229.Google Scholar
  14. PfSc_96.
    Birgit Pfitzmann, Matthias Schunter: Asymmetric Fingerprinting; Eurocrypt '96, LNCS 1070, Springer-Verlag, Berlin 1996, 84–95.Google Scholar
  15. Wagn_83.
    Neal R. Wagner: Fingerprinting; Proceedings 1983 IEEE Symposium on Security and Privacy, April 25–27 1983, Oakland, California, 18–22.Google Scholar
  16. Yao_82.
    Andrew C. Yao: Protocols for Secure Computations; 23rd Symposium on Foundations of Computer Science (FOCS) 1982, IEEE Computer Society, 1982, 160–164.Google Scholar
  17. Yao_86.
    Andrew C. Yao: How to Generate and Exchange Secrets; 27th Symposium on Foundations of Computer Science (FOCS) 1986, IEEE Computer Society, 1986, 162–167.Google Scholar
  18. ZhKo_95.
    Jian Zhao, Eckhard Koch: Embedding Robust Labels Into Images For Copyright Protection; Congress on Intellectual Property Rights for Specialized Information, Knowledge and New Technologies, R. Oldenbourg Verlag, München 1995 (also at Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1996

Authors and Affiliations

  • Birgit Pfitzmann
    • 1
  1. 1.Institut für InformatikUniversität HildesheimHildesheimGermany

Personalised recommendations