Paper 2018/897

Traitor-Tracing from LWE Made Simple and Attribute-Based

Yilei Chen, Vinod Vaikuntanathan, Brent Waters, Hoeteck Wee, and Daniel Wichs


A traitor tracing scheme is a public key encryption scheme for which there are many secret decryption keys. Any of these keys can decrypt a ciphertext; moreover, even if a coalition of users collude, put together their decryption keys and attempt to create a new decryption key, there is an efficient algorithm to trace the new key to at least one the colluders. Recently, Goyal, Koppula and Waters (GKW, STOC 18) provided the first traitor tracing scheme from LWE with ciphertext and secret key sizes that grow polynomially in $\log n$, where $n$ is the number of users. The main technical building block in their construction is a strengthening of (bounded collusion secure) secret-key functional encryption which they refer to as mixed functional encryption (FE). In this work, we improve upon and extend the GKW traitor tracing scheme: - We provide simpler constructions of mixed FE schemes based on the LWE assumption. Our constructions improve upon the GKW construction in terms of expressiveness, modularity, and security. - We provide a construction of attribute-based traitor tracing for all circuits based on the LWE assumption.

Available format(s)
Publication info
Published by the IACR in TCC 2018
Contact author(s)
chenyilei ra @ gmail com
vinodv @ csail mit edu
bwaters @ cs utexas edu
wee @ di ens fr
wichs @ ccs neu edu
2018-09-24: received
Short URL
Creative Commons Attribution


      author = {Yilei Chen and Vinod Vaikuntanathan and Brent Waters and Hoeteck Wee and Daniel Wichs},
      title = {Traitor-Tracing from LWE Made Simple and Attribute-Based},
      howpublished = {Cryptology ePrint Archive, Paper 2018/897},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.