Skip to main content
SpringerLink
Log in
Book cover

International Conference on Coding and Cryptology

IWCC 2011: Coding and Cryptology pp 223–237Cite as

On the Effects of Pirate Evolution on the Design of Digital Content Distribution Systems

  • Conference paper

  • 1718 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6639))

Abstract

A cryptographic primitive that is widely deployed commercially for digital content distribution is the subset-difference (SD) method of Naor, Naor and Lotspiech that was introduced in Crypto 2001. This encryption mechanism, called a trace and revoke scheme, is part of the Advanced Access Content System (AACS), and is used for encrypting Blu-Ray movie disks and is based on an explicit combinatorial construction of an exclusive set system. At the time of its introduction the only attacks cryptographers considered against such schemes were against the revocation and tracing algorithms. The SD method defended against them successfully and provided a superior ciphertext length compared to other known techniques : the length of the ciphertext grew only linearly with the number of revocations r; in contrast, e.g., the simpler complete subtree (CS) method requires ciphertexts of length O(r·logN/r) where N is the total number of users.

In Crypto 2007 a new class of attacks was discovered against trace and revoke schemes called “pirate evolution.” Pirate evolution refers to the ability of the adversary to schedule the key material it possesses in such a way so that it can withstand a great number of rounds of tracing and revocation. With the introduction of pirate evolution, the reduction of the number of rounds of pirate evolution became a design consideration for trace and revoke schemes. In 2009, Jin and Lotspiech proposed a mechanism for defending against pirate evolution in the SD method that is a tradeoff between ciphertext size and the pirate evolution bound.

In this article we provide a review of all the above results. Moreover, we compare the modified SD scheme to the CS method (similarly modified to address pirate evolution) and find that for many choices of the parameters that are relevant to practice SD can be a less preferable choice. This fact highlights the importance of considering all relevant attack scenarios when applying a specific cryptographic primitive to a certain application domain.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. AACS Specifications (2006), http://www.aacsla.com/specifications/

  2. Boneh, D., Franklin, M.K.: An Efficient Public Key Traitor Scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 338–353. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  3. Boneh, D., Sahai, A., Waters, B.: Fully Collusion Resistant Traitor Tracing with Short Ciphertexts and Private Keys. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 573–592. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  4. Boneh, D., Shaw, J.: Collusion-Secure Fingerprinting for Digital Data. IEEE Transactions on Information Theory 44(5), 1897–1905 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  5. Chabanne, H., Phan, D.H., Pointcheval, D.: Public traceability in traitor tracing schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 542–558. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Chor, B., Fiat, A., Naor, M.: Tracing Traitors. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 257–270. Springer, Heidelberg (1994)

    Google Scholar 

  7. Chor, B., Fiat, A., Naor, M., Pinkas, B.: Tracing Traitors. IEEE Transactions on Information Theory 46(3), 893–910 (2000)

    Article  MATH  Google Scholar 

  8. Dodis, Y., Fazio, N.: Public Key Broadcast Encryption for Stateless Receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Dodis, Y., Fazio, N., Kiayias, A., Yung, M.: Scalable public-key tracing and revoking, PODC 2003. In: Proceedings of the Twenty-Second ACM Symposium on Principles of Distributed Computing (PODC 2003), Boston, Massachusetts, July 13-16, pp. 190–199 (2003)

    Google Scholar 

  10. Fiat, A., Naor, M.: Broadcast Encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  11. Fiat, A., Tassa, T.: Dynamic Traitor Tracing. Journal of Cryptology 4(3), 211–223 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  12. Goldreich, O., Goldwasser, S., Micali, S.: How to Construct Random Functions. J. of the ACM 33(4), 792–807 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  13. Gafni, E., Staddon, J., Yin, Y.L.: Efficient Methods for Integrating Traceability and Broadcast Encryption. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 372–387. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  14. Garay, J.A., Staddon, J., Wool, A.: Long-Lived Broadcast Encryption. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 333–352. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  15. Halevy, D., Shamir, A.: The LSD Broadcast Encryption Scheme. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  16. Jho, N.-S., Hwang, J.Y., Cheon, J.H., Kim, M.-H., Lee, D.-H., Yoo, E.S.: One-Way Chain Based Broadcast Encryption Schemes. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 559–574. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  17. Jin, H., Lotspiech, J.: Defending against the Pirate Evolution Attack. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 147–158. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  18. Kiayias, A., Pehlivanoglu, S.: Pirate evolution: How to make the most of your traitor keys. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 448–465. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  19. Kiayias, A., Yung, M.: Self Protecting Pirates and Black-Box Traitor Tracing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 63–79. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  20. Kiayias, A., Yung, M.: On Crafty Pirates and Foxy Tracers. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 22–39. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Kiayias, A., Yung, M.: Traitor Tracing with Constant Transmission Rate. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 450–465. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  22. Kurosawa, K., Desmedt, Y.: Optimum Traitor Tracing and Asymmetric Schemes. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 145–157. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  23. Micciancio, D., Panjwani, S.: Corrupting One vs. Corrupting Many: The Case of Broadcast and Multicast Encryption. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 70–82. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  24. Naor, D., Naor, M., Lotspiech, J.: Revocation and Tracing Schemes for Stateless Receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  25. Naor, M., Pinkas, B.: Threshold Traitor Tracing. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 502–517. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  26. Naor, M., Pinkas, B.: Efficient Trace and Revoke Schemes. In: Frankel, Y. (ed.) FC 2000. LNCS, vol. 1962, pp. 1–20. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  27. Naor, M., Reingold, O.: Number-Theoretic Constructions of Efficient Pseudo-Random Functions. In: 38th Annual Symposium on Foundations of Computer Science, FOCS 1997, Miami Beach, Florida, USA, October 19-22, pp. 458–467. IEEE Computer Society, Los Alamitos (1997)

    Google Scholar 

  28. Pfitzmann, B.: Trials of Traced Traitors. In: Anderson, R.J. (ed.) IH 1996. LNCS, vol. 1174, pp. 49–63. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  29. Phan, D.H., Safavi-Naini, R., Tonien, D.: Generic Construction of Hybrid Public Key Traitor Tracing with Full-Public-Traceability, pp. 264–275

    Google Scholar 

  30. Safavi-Naini, R., Wang, Y.: Sequential Traitor Tracing. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 316–332. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  31. Safavi-Naini, R., Wang, Y.: Collusion Secure q-ary Fingerprinting for Perceptual Content. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 57–75. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  32. Safavi-Naini, R., Wang, Y.: New Results on Frameproof Codes and Traceability Schemes. IEEE Transactions on Information Theory 47(7), 3029–3033 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  33. Safavi-Naini, R., Wang, Y.: Traitor Tracing for Shortened and Corrupted Fingerprints. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 81–100. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  34. Jessica, N., Staddon, D.R.: Combinatorial Properties of Frameproof and Traceability Codes. IEEE Transactions on Information Theory 47(3), 1042–1049 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  35. Stinson, D.R., Wei, R.: Combinatorial Properties and Constructions of Traceability Schemes and Frameproof Codes. SIAM Journal on Discrete Math. 11(1), 41–53 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  36. Wang, P., Ning, P., Reeves, D.S.: Storage-efficient stateless group key revocation. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 25–38. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  37. Wong, C.K., Gouda, M., Lam, S.: Secure Group Communications Using Key Graphs. In: SIGCOMM (1998)

    Google Scholar 

  38. Tardos, G.: Optimal probabilistic fingerprint codes. In: Proceedings of the 35th Annual ACM Symposium on Theory of Computing, San Diego, CA, USA, June 9-11, pp. 116–125. ACM, New York (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science and Engineering, University of Connecticut, Storrs, CT, USA

    Aggelos Kiayias

Authors
  1. Aggelos Kiayias
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Physical and Mathematical Sciences, Division of Mathematical Sciences, Nanyang Technological University, 637371, Singapore

    Yeow Meng Chee , San Ling , Huaxiong Wang  & Chaoping Xing , ,  & 

  2. College of Information Engineering, Qingdao University, 266071, Shandong, P.R. China

    Zhenbo Guo

  3. Qingdao University, 266071, Shandong, P.R. China

    Fengjing Shao

  4. School of Mathematical Sciences, Yangzhou University, 225002, Jiangsu, P.R. China

    Yuansheng Tang

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kiayias, A. (2011). On the Effects of Pirate Evolution on the Design of Digital Content Distribution Systems. In: Chee, Y.M., et al. Coding and Cryptology. IWCC 2011. Lecture Notes in Computer Science, vol 6639. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20901-7_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-20901-7_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-20900-0

  • Online ISBN: 978-3-642-20901-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation