Identity-Based Trace and Revoke Schemes

Duong Hieu Phan 1 Viet Cuong Trinh 2
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : Trace and revoke systems allow for the secure distribution of digital content in such a way that malicious users, who collude to produce pirate decoders, can be traced back and revoked from the system. In this paper, we consider such schemes in the identity-based setting, by extending the model of identity-based traitor tracing scheme by Abdalla et al. to support revocation. The proposed constructions rely on the subset cover framework. We first propose a generic construction which transforms an identity-based encryption with wildcard (WIBE) of depth log(N) (N being the number of users) into an identity-based trace and revoke scheme by relying on the complete subtree framework (of depth log(N)). This leads, however, to a scheme with log(N) private key size (as in a complete subtree scheme). We improve this scheme by introducing generalized WIBE (GWIBE) and propose a second construction based on GWIBE of two levels. The latter scheme provides the nice feature of having constant private key size (3 group elements). In our schemes, we also deal with advanced attacks in the subset cover framework, namely pirate evolution attacks (PEvoA) and pirates 2.0. The only known strategy to protect schemes in the subset cover framework against pirate evolution attacks was proposed by Jin and Lotspiech but decreases seriously the efficiency of the original schemes: each subset is expanded to many others subsets; the total number of subsets to be used in the encryption could thus be O(N1/b) to prevent a traitor from creating more than b generations. Our GWIBE based scheme, resisting PEvoA better than the Jin and Lotspiech's method. Moreover, our method does not need to change the partitioning procedure in the original complete subtree scheme and therefore, the resulted schemes are very competitive compared to the original scheme, with r log(N/r) logN-size ciphertext and constant size private key.
Type de document :
Communication dans un congrès
Xavier Boyen; Xiaofeng Chen. ProvSec 2011 - 5th International Conference Provable Security, Oct 2011, Xi'an, China. Springer, 6980, pp.204-221, 2011, LNCS - Lecture Notes in Computer Science. 〈10.1007/978-3-642-24316-5_15〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01110494
Contributeur : Brigitte Briot <>
Soumis le : mercredi 28 janvier 2015 - 12:04:31
Dernière modification le : mardi 17 avril 2018 - 11:24:50

Identifiants

Collections

Citation

Duong Hieu Phan, Viet Cuong Trinh. Identity-Based Trace and Revoke Schemes. Xavier Boyen; Xiaofeng Chen. ProvSec 2011 - 5th International Conference Provable Security, Oct 2011, Xi'an, China. Springer, 6980, pp.204-221, 2011, LNCS - Lecture Notes in Computer Science. 〈10.1007/978-3-642-24316-5_15〉. 〈hal-01110494〉

Partager

Métriques

Consultations de la notice

157