skip to main content
article

A practical revocation scheme for broadcast encryption using smartcards

Published: 01 August 2006 Publication History

Abstract

We present an anti-pirate revocation scheme for broadcast encryption systems (e.g., pay TV), in which the data is encrypted to ensure payment by users. In the systems we consider, decryption of keys is done on smartcards and key management is done in-band. Our starting point is a scheme of Naor and Pinkas. Their basic scheme uses secret sharing to remove up to t parties, is information-theoretic secure against coalitions of size t, and is capable of creating a new group key. However, with current smartcard technology, this scheme is only feasible for small system parameters, allowing up to about 100 pirates to be revoked before all the smartcards need to be replaced. We first present a novel implementation method of their basic scheme that distributes the work among the smartcard, set-top terminal, and center. Based on this, we construct several improved schemes for many revocation rounds that scale to realistic system sizes. We allow up to about 10,000 pirates to be revoked using current smartcard technology before recarding is needed. The transmission lengths of our constructions are on par with those of the best tree-based schemes. However, our constructions have much lower smartcard CPU complexity: only O(1) smartcard operations per revocation round (a single 10-byte field multiplication and addition), as opposed to the complexity of the best tree-based schemes, which is polylogarithmic in the number of users. We evaluate the system behavior via an exhaustive simulation study coupled with a queueing theory analysis. Our simulations show that with mild assumptions on the piracy discovery rate, our constructions can perform effective pirate revocation for realistic broadcast encryption scenarios.

References

[1]
Abdalla, M., Shavitt, Y., and Wool, A. 2000. Key management for restricted multicast using broadcast encryption. IEEE/ACM Transactions on Networking 8, 4, 443--454.]]
[2]
Anderson, R. and Kuhn, M. 1996. Tamper resistance---a cautionary note. In Proc. 2nd USENIX Workshop on Electronic Commerce. USENIX, Oakland, CA. 1--11.]]
[3]
Anderson, R. and Kuhn, M. 1997. Low cost attacks on tamper resistant devices. In 5th Security Protocols Workshop, LNCS 1361. Paris, France. Springer-Verlag, New York. 125--136.]]
[4]
BBC. 26 Jan. 2001. Toasting the crackers. BBC news on Science and Technology, reporter Mark Ward, Front Page. http://news.bc.co.uk/hi/science/nature/1138550.stm.]]
[5]
Berkovits, S. 1991. How to broadcast a secret. In Advances in Cryptology---EUROCRYPT '91, LNCS 547. Springer-Verlag, New York. 535--541.]]
[6]
Blundo, C. and Cresti, A. 1994. Space requirements for broadcast encryption. In Advances in Cryptology---EUROCRYPT '94, LNCS 950, A. D. Santis, Ed. Springer-Verlag, New York. 287--298.]]
[7]
Blundo, C., Frota Mattos, L. A., and Stinson, D. R. 1996. Trade-offs between communication and storage in unconditionally secure schemes for broadcast encryption and interactive key distribution. In Advances in Cryptology---CRYPTO '96, LNCS 1109. Springer-Verlag, New York. 387--400.]]
[8]
Briscoe, B. 1999. MARKS: Zero side-effect multicast key management using arbitrarily revealed key sequences. In Proc 1st International Workshop on Networked Group Communication (NGC '99), LNCS 1736, L. Rizzo and S. Fdida, Eds. Pisa, Italy. Springer-Verlag, New York.]]
[9]
Canetti, R., Garay, J., Itkis, G., Micciancio, D., Naor, M., and Pinkas, B. 1999a. Multicast security: A taxonomy and efficient constructions. In Proc. IEEE INFOCOM '99. 708--716.]]
[10]
Canetti, R., Malkin, T., and Nissim, K. 1999b. Efficient communication-storage tradeoffs for multicast encryption. In Advances in Cryptology---EUROCRYPT '99, LNCS 1592. Springer-Verlag, New York. 459--474.]]
[11]
Fiat, A. and Naor, M. 1994. Broadcast encryption. In Advances in Cryptology---CRYPTO '93, LNCS 773. Springer-Verlag, New York. 480--491.]]
[12]
Garay, J. A., Staddon, J., and Wool, A. 2000. Long-lived broadcast encryption. In Advances in Cryptology---CRYPTO '2000. LNCS 1880, M. Bellare, Ed. Springer-Verlag, New York. 333--352.]]
[13]
Hackwatch 2002. Canal plus claims Murdoch operation pirated canal plus cards. Hackwatch. http://www.hackwatch.com/~kooltek/.]]
[14]
Halevy, D. and Shamir, A. 2002. The LSD broadcast encryption scheme. In Advances in Cryptology---CRYPTO '02. LNCS 2442, M. Yung, Ed. Springer-Verlag, New York.]]
[15]
Jain, R. 1991. The Art of Computer Systems Performance Analysis. Wiley, New York.]]
[16]
Kogan, N., Shavitt, Y., and Wool, A. 2003. A practical revocation scheme for broadcast encryption using smart cards. In Proc. IEEE Symp. on Security and Privacy. Oakland, CA. 225--235.]]
[17]
Kumar, R., Rajagopalan, S., and Sahai, A. 1999. Coding constructions for blacklisting problems without computational assumptions. In Advances in Cryptology---CRYPTO '99, LNCS 1666. Springer-Verlag, New York. 609--623.]]
[18]
Luby, M. and Staddon, J. 1998. Combinatorial bounds for broadcast encryption. In Advances in Cryptology---EUROCRYPT '98, LNCS 1403, K. Nyberg, Ed. Espoo, Finland. Springer-Verlag, New York. 512--526.]]
[19]
Naor, M. and Pinkas, B. 2000. Efficient trace and revoke schemes. In Financial Cryptography '00, LNCS 1962. Springer-Verlag, New York. 1--20.]]
[20]
Naor, D., Naor, M., and Lotspiech, J. B. 2001. Revocation and tracing schemes for stateless receivers. In Advances in Cryptology---CRYPTO '2001, LNCS 2139. Springer-Verlag, New York. 41--62.]]
[21]
Pinkas, B. 2001. Efficient state updates for key management. In Digital Rights Management Workshop '2001, LNCS 2320. Springer-Verlag, New York. 40--56.]]
[22]
Shamir, A. 1979. How to share a secret. Communications of the ACM 22, 11, 612--613.]]
[23]
Wallner, D. M., Harder, E. J., and Agee, R. C. 1998. Key management for multicast: Issues and architectures. Internet Draft. Available from http://www.ietf.org/ID.html.]]
[24]
Wong, C. K., Gouda, M., and Lam, S. S. 2000. Secure group communications using key graphs. IEEE/ACM Transactions on Networking 8, 1 (Feb.), 16--30.]]

Cited By

View all
  • (2024)Network Coding-Based Post-Quantum Cryptography for Multi-Users with Different Security Permissions2024 IEEE International Symposium on Information Theory (ISIT)10.1109/ISIT57864.2024.10619165(2892-2897)Online publication date: 7-Jul-2024
  • (2023)IEEE Security and Privacy Symposium in the Year 2003IEEE Security and Privacy10.1109/MSEC.2023.323710321:2(43-47)Online publication date: 1-Mar-2023
  • (2022)Compound Secure Groupcast: Key Assignment for Selected BroadcastingIEEE Journal on Selected Areas in Information Theory10.1109/JSAIT.2022.31808893:2(379-389)Online publication date: Jun-2022
  • Show More Cited By

Index Terms

  1. A practical revocation scheme for broadcast encryption using smartcards

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Transactions on Information and System Security
      ACM Transactions on Information and System Security  Volume 9, Issue 3
      August 2006
      156 pages
      ISSN:1094-9224
      EISSN:1557-7406
      DOI:10.1145/1178618
      Issue’s Table of Contents

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 01 August 2006
      Published in TISSEC Volume 9, Issue 3

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. Broadcast encryption
      2. smart cards

      Qualifiers

      • Article

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)7
      • Downloads (Last 6 weeks)2
      Reflects downloads up to 21 Jan 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)Network Coding-Based Post-Quantum Cryptography for Multi-Users with Different Security Permissions2024 IEEE International Symposium on Information Theory (ISIT)10.1109/ISIT57864.2024.10619165(2892-2897)Online publication date: 7-Jul-2024
      • (2023)IEEE Security and Privacy Symposium in the Year 2003IEEE Security and Privacy10.1109/MSEC.2023.323710321:2(43-47)Online publication date: 1-Mar-2023
      • (2022)Compound Secure Groupcast: Key Assignment for Selected BroadcastingIEEE Journal on Selected Areas in Information Theory10.1109/JSAIT.2022.31808893:2(379-389)Online publication date: Jun-2022
      • (2021)Compound Secure Groupcast: Key Assignment for Selected Broadcasting2021 IEEE International Symposium on Information Theory (ISIT)10.1109/ISIT45174.2021.9518149(694-699)Online publication date: 12-Jul-2021
      • (2020)Server-aided immediate and robust user revocation mechanism for SM9Cybersecurity10.1186/s42400-020-00054-63:1Online publication date: 13-May-2020
      • (2019)Identity-Based Broadcast Encryption with Efficient RevocationPublic-Key Cryptography – PKC 201910.1007/978-3-030-17253-4_14(405-435)Online publication date: 14-Apr-2019
      • (2017)Towards Secure Data Distribution Systems in Mobile Cloud ComputingIEEE Transactions on Mobile Computing10.1109/TMC.2017.268793116:11(3222-3235)Online publication date: 29-Sep-2017
      • (2016)Versatile lightweight key distribution for big data privacy in vehicular ad hoc networksConcurrency and Computation: Practice & Experience10.1002/cpe.357728:10(2920-2939)Online publication date: 1-Jul-2016
      • (2014)Efficient Sub-/Inter-Group Key Distribution for ad hoc NetworksNetwork and System Security10.1007/978-3-319-11698-3_34(448-461)Online publication date: 2014
      • (2009)The case of the fake PicassoProccedings of the 7th conference on File and storage technologies10.5555/1525908.1525909(1-14)Online publication date: 24-Feb-2009
      • Show More Cited By

      View Options

      Login options

      Full Access

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media