Scalable public-key tracing and revoking

Yevgeniy Dodis, Nelly Fazio, Aggelos Kiayias, Moti Yung

Research output: Contribution to journalArticle

Abstract

Traitor tracing schemes constitute a useful tool against piracy in the context of digital content distribution. They are encryption schemes that can be employed by content providers that wish to deliver content to an exclusive set of users. Each user holds a decryption key that is fingerprinted and bound to his identity. When a pirate decoder is discovered, it is possible to trace the identities of the users that contributed to its construction. In most settings, both the user population and the set of content providers are dynamic, thus scalable user management and scalable provider management are crucial. Previous work on public-key traitor tracing did not address the dynamic scenario thoroughly: no efficient scalable public-key traitor tracing scheme has been proposed, in which the populations of providers and users can change dynamically over time without incurring substantial penalty in terms of system performance and management complexity. To address these issues, we introduce a formal model for Scalable Public-Key Traitor Tracing, and present the first construction of such a scheme. Our model mandates for deterministic traitor tracing and unlimited number of efficient provider and user management operations. We present a formal adversarial model for our system and we prove our construction secure, against both adversaries that attempt to cheat the provider and user management mechanism, and adversaries that attempt to cheat the traitor tracing mechanism.

Original languageEnglish (US)
Pages (from-to)323-347
Number of pages25
JournalDistributed Computing
Volume17
Issue number4
DOIs
StatePublished - May 2005

Fingerprint

Traitor Tracing
Public key
Tracing
Formal Model
Cryptography
Content Distribution
Operations Management
Encryption
Penalty
System Performance
Trace
Scenarios

Keywords

  • Broadcast Encryption
  • Digital Content Distribution
  • Multicast
  • Scalability
  • Traitor Tracing

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computational Theory and Mathematics

Cite this

Scalable public-key tracing and revoking. / Dodis, Yevgeniy; Fazio, Nelly; Kiayias, Aggelos; Yung, Moti.

In: Distributed Computing, Vol. 17, No. 4, 05.2005, p. 323-347.

Research output: Contribution to journalArticle

Dodis, Y, Fazio, N, Kiayias, A & Yung, M 2005, 'Scalable public-key tracing and revoking', Distributed Computing, vol. 17, no. 4, pp. 323-347. https://doi.org/10.1007/s00446-004-0120-5
Dodis, Yevgeniy ; Fazio, Nelly ; Kiayias, Aggelos ; Yung, Moti. / Scalable public-key tracing and revoking. In: Distributed Computing. 2005 ; Vol. 17, No. 4. pp. 323-347.
@article{a6430dbaccf3464caaa8c1eb667653a2,
title = "Scalable public-key tracing and revoking",
abstract = "Traitor tracing schemes constitute a useful tool against piracy in the context of digital content distribution. They are encryption schemes that can be employed by content providers that wish to deliver content to an exclusive set of users. Each user holds a decryption key that is fingerprinted and bound to his identity. When a pirate decoder is discovered, it is possible to trace the identities of the users that contributed to its construction. In most settings, both the user population and the set of content providers are dynamic, thus scalable user management and scalable provider management are crucial. Previous work on public-key traitor tracing did not address the dynamic scenario thoroughly: no efficient scalable public-key traitor tracing scheme has been proposed, in which the populations of providers and users can change dynamically over time without incurring substantial penalty in terms of system performance and management complexity. To address these issues, we introduce a formal model for Scalable Public-Key Traitor Tracing, and present the first construction of such a scheme. Our model mandates for deterministic traitor tracing and unlimited number of efficient provider and user management operations. We present a formal adversarial model for our system and we prove our construction secure, against both adversaries that attempt to cheat the provider and user management mechanism, and adversaries that attempt to cheat the traitor tracing mechanism.",
keywords = "Broadcast Encryption, Digital Content Distribution, Multicast, Scalability, Traitor Tracing",
author = "Yevgeniy Dodis and Nelly Fazio and Aggelos Kiayias and Moti Yung",
year = "2005",
month = "5",
doi = "10.1007/s00446-004-0120-5",
language = "English (US)",
volume = "17",
pages = "323--347",
journal = "Distributed Computing",
issn = "0178-2770",
publisher = "Springer Verlag",
number = "4",

}

TY - JOUR

T1 - Scalable public-key tracing and revoking

AU - Dodis, Yevgeniy

AU - Fazio, Nelly

AU - Kiayias, Aggelos

AU - Yung, Moti

PY - 2005/5

Y1 - 2005/5

N2 - Traitor tracing schemes constitute a useful tool against piracy in the context of digital content distribution. They are encryption schemes that can be employed by content providers that wish to deliver content to an exclusive set of users. Each user holds a decryption key that is fingerprinted and bound to his identity. When a pirate decoder is discovered, it is possible to trace the identities of the users that contributed to its construction. In most settings, both the user population and the set of content providers are dynamic, thus scalable user management and scalable provider management are crucial. Previous work on public-key traitor tracing did not address the dynamic scenario thoroughly: no efficient scalable public-key traitor tracing scheme has been proposed, in which the populations of providers and users can change dynamically over time without incurring substantial penalty in terms of system performance and management complexity. To address these issues, we introduce a formal model for Scalable Public-Key Traitor Tracing, and present the first construction of such a scheme. Our model mandates for deterministic traitor tracing and unlimited number of efficient provider and user management operations. We present a formal adversarial model for our system and we prove our construction secure, against both adversaries that attempt to cheat the provider and user management mechanism, and adversaries that attempt to cheat the traitor tracing mechanism.

AB - Traitor tracing schemes constitute a useful tool against piracy in the context of digital content distribution. They are encryption schemes that can be employed by content providers that wish to deliver content to an exclusive set of users. Each user holds a decryption key that is fingerprinted and bound to his identity. When a pirate decoder is discovered, it is possible to trace the identities of the users that contributed to its construction. In most settings, both the user population and the set of content providers are dynamic, thus scalable user management and scalable provider management are crucial. Previous work on public-key traitor tracing did not address the dynamic scenario thoroughly: no efficient scalable public-key traitor tracing scheme has been proposed, in which the populations of providers and users can change dynamically over time without incurring substantial penalty in terms of system performance and management complexity. To address these issues, we introduce a formal model for Scalable Public-Key Traitor Tracing, and present the first construction of such a scheme. Our model mandates for deterministic traitor tracing and unlimited number of efficient provider and user management operations. We present a formal adversarial model for our system and we prove our construction secure, against both adversaries that attempt to cheat the provider and user management mechanism, and adversaries that attempt to cheat the traitor tracing mechanism.

KW - Broadcast Encryption

KW - Digital Content Distribution

KW - Multicast

KW - Scalability

KW - Traitor Tracing

UR - http://www.scopus.com/inward/record.url?scp=18744384346&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=18744384346&partnerID=8YFLogxK

U2 - 10.1007/s00446-004-0120-5

DO - 10.1007/s00446-004-0120-5

M3 - Article

VL - 17

SP - 323

EP - 347

JO - Distributed Computing

JF - Distributed Computing

SN - 0178-2770

IS - 4

ER -