Cryptology ePrint Archive: Report 2006/282

Chosen Ciphertext Secure Broadcast Threshold Encryption (resp. Threshold-Traitor Tracing)

Victor K. Wei and Fangguo Zhang

Abstract: Recently, Boneh, Gentry, and Waters '05 presented an efficient broadcast encryption, and Boneh, Sahai, and Waters '06 presented an efficient traitor tracing scheme. The former broadcast encryption result contains both a simpler chosen plaintext secure version and a more complicated but chosen ciphertext secure version. The latter traitor tracing scheme is only chosen plaintext secure. In this paper, we use the twin encryption technique of Naor and Yung '90 to add chosen ciphertext security to both papers. By``twinning", we extend the simpler chosen plaintext secure broadcast encryption to achieve chosen ciphertext security, and we extend the chosen plaintext secure traitor tracing to achieve chosen ciphertext security. We also extend both schemes to versions corresponding to threshold encryption which we call "broadcast threshold encryption" and "threshold-traitor tracing", i.e. tracing of threshold traitors. In these schemes, any $\theta$ un-revoked users can decrypt while $\theta-1$ users cannot. The tracing is to a set of $\theta$ users. We call this set a "threshold-traitor". Our broadcast threshold encryption is collusion resistant. Our threshold-traitor tracing is collusion resistant in its traceability.

Category / Keywords: cryptographic protocols / broadcast encryption, traitor tracing, threshold encryption, twin encryption

Date: received 18 Aug 2006, withdrawn 24 Aug 2006

Contact author: kwwei at ie cuhk edu hk

Available format(s): (-- withdrawn --)

Version: 20060824:133658 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]