Breaking Two k-Resilient Traitor Tracing Schemes with Sublinear Ciphertext Size
- Cite this paper as:
- Lee M., Ma D., Seo M. (2009) Breaking Two k-Resilient Traitor Tracing Schemes with Sublinear Ciphertext Size. In: Abdalla M., Pointcheval D., Fouque PA., Vergnaud D. (eds) Applied Cryptography and Network Security. ACNS 2009. Lecture Notes in Computer Science, vol 5536. Springer, Berlin, Heidelberg
In 2004, Matsushita and Imai proposed a k-resilient public-key traitor tracing scheme which has sublinear ciphertext size 4k + 2 + (n/2k) with efficient black-box tracing against self-defensive pirates, where n, k are the total number of subscribers and the maximum number of colluders. After that, in 2006, they presented a hierarchical key assignment method to reduce the ciphertext size into 4k + 5 + log(n/2k) by combining a complete binary tree with the former scheme.
In this paper, we show that the proposed schemes are vulnerable to our attack which makes pirate keys able to avoid the black-box tracing. Their schemes are based on multiple polynomials and our attack use a combination between different polynomials. The latter scheme can be broken by other attacks which use secret values of the key generation polynomial or use partial keys.
Keywordscryptanalysis public-key traitor tracing black-box tracing self-defensive pirates linear attack
Unable to display preview. Download preview PDF.