Research On Traitor Tracing In Broadcast Encryption

In digital content distribution systems,broadcast encryption brings a secure distribution mechanism.This mechanism assures that only legitimate/authorized users (called as subscribers) are able to extract the plaintext datum from received data which is transmitted in the way of broadcast.Meanwhile,traitor tracing introduced a copyright protection mechanism in order to deter piracy conducted by legitimate users who are called as traitor.As the mean of piracy might be implemented in different ways,variety traitor tracing mechanisms are being researched at present.The mechanism researched in this dissertation is mainly oriented to this situation where piracy is conducted in the way of sharing traitor's decryption keys to illegal users.By this mechanism,at least one subscriber will be revealed if he/she is a traitor who took part in constructing the confiscated illegal decoder.In the field of broadcast encryption and traitor tracing,the author achieves the following contributions:1.As a main property of traitor tracing,collusion resistance is the first problem we researched,and two fully collusion resistant public key traitor tracing schemes are presented.By detailed research on existing traitor tracing schemes,we found the reason why these schemes cannot satisfy fully collusion resistant property is the linear correlation in subscriber's decryption keys.On the ground of this analysis,we proposed a fully collusion resistant public key traitor tracing scheme by using a new method that a subscriber's decryption key is independent of others.A widely used method for constructing traitor tracing scheme in traitor tracing research is using polynomial in finite field.However,the most schemes constructed based on polynomial do not satisfy property of fully collusion resistance because users held a direct share(a point) of the polynomial as his/her decryption key.Based on this analysis,we proposed another fully collusion resistant public key traitor tracing scheme in which the Data Supplier gives each subscriber indirect information as his/her decryption key rather a direct share.2.Revocation as another important property in traitor tracing scheme is the second problem we researched.We focus on designing a fully revoke public key traitor tracing scheme because a traitor tracing scheme with fully revoke implies the completeness of broadcast encryption. After deep research,we presented a fully revoke public key traitor tracing scheme by using bilinear map.To implement the fully revoke,it is enough to update public key and the decryption keys of subscribers need not any change.3.Privacy is the third important problem we researched.So far,little attention has been paid on privacy in the research of traitor tracing.Existing traitor tracing schemes that gave an eye on privacy only focused on the anonymity of subscribers. That is how to prevent Data Supplier from learning the real identity of subscribers. However,the privacy of revoked subscribers should also be considered in traitor tracing research.At present,most proposed traitor tracing schemes have to give out the revoked subscriber's or traitor's identity information in order to revoke these subscribers.The same traitor tracing scheme constructed based on bilinear map as depicted above also implements the anonymity of traitors.About privacy,we also presented an anonymous fingerprinting scheme without third party.It provides simultaneously the protection of both the merchant's copyright and the usres' anonymity without the help of any third party.Moreover, this scheme is of asymmetry,unlinkability and non-repudiation.4.In addition,we presented an asymmetric public key traitor tracing scheme secure against chosen cipher attack.Further we proposed two broadcast encryption schemes,one is constructed based on ID-Based encryption with completeness,and the other is designed based on RSA encryption with completeness in which the storage overhead is minimal 1 and the translation overhead is independent of the number of subscribers.