Cryptology ePrint Archive: Report 2006/298

A Fully Collusion Resistant Broadcast, Trace, and Revoke System

Dan Boneh and Brent Waters

Abstract: We introduce a simple primitive called Augmented Broadcast Encryption (ABE) that is sufficient for constructing broadcast encryption, traitor-tracing, and trace-and-revoke systems. These ABE-based constructions are resistant to an arbitrary number of colluders and are secure against adaptive adversaries. Furthermore, traitor tracing requires no secrets and can be done by anyone. These broadcast systems are designed for broadcasting to arbitrary sets of users. We then construct a secure ABE system for which the resulting concrete trace-and-revoke system has ciphertexts and private keys of size $\sqrt{N}$ where $N$ is the total number of users in the system. In particular, this is the first example of a fully collusion resistant broadcast system with sub-linear size ciphertexts and private keys that is secure against adaptive adversaries. The system is publicly traceable.

Category / Keywords: public-key cryptography / broadcast encryption, traitor tracing

Publication Info: To appear in CCS 2006.

Date: received 30 Aug 2006

Contact author: bwaters at csl sri com

Available format(s): PDF | BibTeX Citation

Version: 20060831:090536 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]