CryptoDB
An Attack on A Traitor Tracing Scheme
Authors: | |
---|---|
Download: | |
Abstract: | In Crypto'99, Boneh and Franklin proposed a public key traitor tracing scheme~\cite{Boneh}, which was believed to be able to catch all traitors while not accusing any innocent users (i.e., full-tracing and error-free). Assuming that Decision Diffie-Hellman problem is unsolvable in $G_{q}$, Boneh and Franklin proved that a decoder cannot distinguish valid ciphertexts from invalid ones that are used for tracing. However, our novel pirate decoder $P_{3}$ manages to make some invalid ciphertexts distinguishable without violating their assumption, and it can also frame innocent users to fool the tracer. Neither the single-key nor arbitrary pirate tracing algorithm presented in~\cite{Boneh} can identify all keys used by $P_{3}$ as claimed. Instead, it is possible for both algorithms to catch none of the traitors. We believe that the construction of our novel pirate also demonstrates a simple way to defeat some other black-box traitor tracing schemes in general. |
BibTeX
@misc{eprint-2001-11479, title={An Attack on A Traitor Tracing Scheme}, booktitle={IACR Eprint archive}, keywords={black-box traitor tracing, copyright protection}, url={http://eprint.iacr.org/2001/067}, note={Technical Report No. 518, Computer Laboratory, University of Cambridge, 2001 Jeff.Yan@cl.cam.ac.uk 11556 received 10 Aug 2001, last revised 22 Aug 2001}, author={Jeff Jianxin Yan and Yongdong Wu}, year=2001 }