Cryptology ePrint Archive: Report 2021/891

White Box Traitor Tracing

Mark Zhandry

Abstract: Traitor tracing aims to identify the source of leaked decryption keys. Since the "traitor" can try to hide their key within obfuscated code in order to evade tracing, the tracing algorithm should work for general, potentially obfuscated, decoder programs. In the setting of such general decoder programs, prior work uses black box tracing: the tracing algorithm ignores the implementation of the decoder, and instead traces just by making queries to the decoder and observing the outputs.

We observe that, in some settings, such black box tracing leads to consistency and user privacy issues. On the other hand, these issues do not appear inherent to white box tracing, where the tracing algorithm actually inspects the decoder implementation. We therefore develop new white box traitor tracing schemes providing consistency and/or privacy. Our schemes can be instantiated under various assumptions ranging from public key encryption and NIZKs to indistinguishability obfuscation, with different trade-offs. To the best of our knowledge, ours is the first work to consider white box tracing in the general decoder setting.

Category / Keywords: public-key cryptography / traitor tracing, non-black box, privacy

Original Publication (with minor differences): IACR-CRYPTO-2021

Date: received 28 Jun 2021

Contact author: mzhandry at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20210629:115006 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]