A collusion resistant broadcast, trace and revoke system
Authors: D. Boneh and B. Waters
Abstract:
We introduce a simple primitive called Augmented Broadcast
Encryption (ABE) that is sufficient for constructing broadcast
encryption, traitor-tracing, and trace-and-revoke systems. These
ABE-based constructions are resistant to an arbitrary number of
colluders and are secure against adaptive adversaries.
Furthermore, traitor tracing requires no secrets and can be done by anyone.
These broadcast systems are designed for broadcasting to arbitrary
sets of users. We then construct a secure ABE system for which the
resulting concrete trace-and-revoke system has ciphertexts and private
keys of size sqrt(N) where N is the total number of users in the
system. In particular, this is the first example of a fully collusion
resistant broadcast system with sub-linear size ciphertexts and
private keys that is secure against adaptive adversaries. The
system is publicly traceable.
Reference:
In proceedings of ACM CCS '06, pp. 211-220, 2006
Full paper: pdf