Paper 2006/298

A Fully Collusion Resistant Broadcast, Trace, and Revoke System

Dan Boneh and Brent Waters

Abstract

We introduce a simple primitive called Augmented Broadcast Encryption (ABE) that is sufficient for constructing broadcast encryption, traitor-tracing, and trace-and-revoke systems. These ABE-based constructions are resistant to an arbitrary number of colluders and are secure against adaptive adversaries. Furthermore, traitor tracing requires no secrets and can be done by anyone. These broadcast systems are designed for broadcasting to arbitrary sets of users. We then construct a secure ABE system for which the resulting concrete trace-and-revoke system has ciphertexts and private keys of size $\sqrt{N}$ where $N$ is the total number of users in the system. In particular, this is the first example of a fully collusion resistant broadcast system with sub-linear size ciphertexts and private keys that is secure against adaptive adversaries. The system is publicly traceable.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. To appear in CCS 2006.
Keywords
broadcast encryptiontraitor tracing
Contact author(s)
bwaters @ csl sri com
History
2006-08-31: received
Short URL
https://ia.cr/2006/298
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2006/298,
      author = {Dan Boneh and Brent Waters},
      title = {A Fully Collusion Resistant Broadcast, Trace, and Revoke System},
      howpublished = {Cryptology ePrint Archive, Paper 2006/298},
      year = {2006},
      note = {\url{https://eprint.iacr.org/2006/298}},
      url = {https://eprint.iacr.org/2006/298}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.