## Cryptology ePrint Archive: Report 2018/897

Traitor-Tracing from LWE Made Simple and Attribute-Based

Yilei Chen and Vinod Vaikuntanathan and Brent Waters and Hoeteck Wee and Daniel Wichs

Abstract: A traitor tracing scheme is a public key encryption scheme for which there are many secret decryption keys. Any of these keys can decrypt a ciphertext; moreover, even if a coalition of users collude, put together their decryption keys and attempt to create a new decryption key, there is an efficient algorithm to trace the new key to at least one the colluders.

Recently, Goyal, Koppula and Waters (GKW, STOC 18) provided the first traitor tracing scheme from LWE with ciphertext and secret key sizes that grow polynomially in $\log n$, where $n$ is the number of users. The main technical building block in their construction is a strengthening of (bounded collusion secure) secret-key functional encryption which they refer to as mixed functional encryption (FE).

In this work, we improve upon and extend the GKW traitor tracing scheme: - We provide simpler constructions of mixed FE schemes based on the LWE assumption. Our constructions improve upon the GKW construction in terms of expressiveness, modularity, and security. - We provide a construction of attribute-based traitor tracing for all circuits based on the LWE assumption.

Category / Keywords:

Original Publication (in the same form): IACR-TCC-2018