On non-binary traceability set systems
- PDF / 275,609 Bytes
- 8 Pages / 439.37 x 666.142 pts Page_size
- 31 Downloads / 183 Views
On non-binary traceability set systems Elena Egorova1
· Marcel Fernandez2 · Grigory Kabatiansky1
Received: 12 September 2019 / Revised: 27 February 2020 / Accepted: 9 March 2020 © Springer Science+Business Media, LLC, part of Springer Nature 2020
Abstract We introduce non-binary IPP set systems with traceability properties that have IPP codes and binary IPP set systems with traceability capabilities as particular cases. We prove an analogue of the Gilbert–Varshamov bound for such systems. Keywords IPP schemes · IPP codes · IPP set system · Constant-weight codes Mathematics Subject Classification 94B60
1 Introduction Consider a distribution model where a dealer uses a broadcast channel to transmit some digital content to a wide audience. In order to restrict the access to the distributed content only for the authorized users (who paid for the access) the distributor should use broadcast encryption schemes. For the first time such schemes were considered in [14]. In what follows we will be interested in broadcast encryption schemes resistant to the so-called collusion attacks [6]. Such type of attacks can be described as follows. To prevent unauthorized users from accessing the data, the distributor encrypts the data blocks with session keys and gives each authorized user the corresponding personal decoder, consisting of the personal set of keys needed to decrypt the data. Note that different users receive different decoders. Malicious users, who want to resell the access to the distributed content without revealing their identities, can form a group (coalition of traitors) and, based on their common knowledge (present keys and decoders), create a forged decoder. This type
This is one of several papers published in Designs, Codes and Cryptography comprising the “Special Issue on Coding and Cryptography 2019”.
B
Elena Egorova [email protected] Marcel Fernandez [email protected] Grigory Kabatiansky [email protected]
1
Skolkovo Institute of Science and Technology (Skoltech), Moscow Region, Russia
2
Universitat Politcnica de Catalunya, Barcelona, Spain
123
E. Egorova et al.
of forgery constitutes the main idea of a collusion attack. So, assuming that the cardinality of a possible coalition is not grater than some integer t, the main problem is to construct such set of decoders (for authorized users) that for a given unauthorized decoder (pirate version), the distributor will be able to identify at least one of the sources of the leakage even if this unauthorized copy was produced by a coalition. The problem of data protection against such collusion attacks has given rise to the well known concept of tracing traitors (TT) [6]. As a base of TT-schemes, in [6] it was proposed to use different types of perfect secret sharing schemes (SSS, for short), which were discovered in [5,23]. For the moment three main tracing traitor schemes are known. Historically the first scheme is known as codes with the identifiable parent property (IPP codes). Such scheme is based on the simplest (n, n)-threshold
Data Loading...
