Paper 2000/032

Anonymous Fingerprinting with Direct Non-Repudiation

Birgit Pfitzmann and Ahmad-Reza Sadeghi


Fingerprinting schemes support copyright protection by enabling the merchant of a data item to identify the original buyer of a redistributed copy. In asymmetric schemes, the merchant can also convince an arbiter of this fact. Anonymous fingerprinting schemes enable buyers to purchase digital items anonymously; however, identification is possible if they redistribute the data item. Recently, a concrete and reasonably efficient construction based on digital coins was proposed. A disadvantage is that the accused buyer has to participate in any trial protocol to deny charges. Trials with direct non-repudiation, i.e., the merchant alone holds enough evidence to convince an arbiter, are more useful in real life. This is similar to the difference between ``normal'' and ``undeniable'' signatures. In this paper, we present an equally efficient anonymous fingerprinting scheme with direct non-repudiation. The main technique we use, delayed verifiable encryption, is related to coin tracing in escrowed cash systems. However, there are technical differences, mainly to provide an unforgeable link to license conditions.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
sadeghi @ cs uni-sb de
2000-06-26: received
Short URL
Creative Commons Attribution


      author = {Birgit Pfitzmann and Ahmad-Reza Sadeghi},
      title = {Anonymous Fingerprinting with Direct Non-Repudiation},
      howpublished = {Cryptology ePrint Archive, Paper 2000/032},
      year = {2000},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.