On Long-Lived Public-Key Traitor Tracing. First Steps

Pay-per-view television, music transmissions, and computer programmes may be addressed to a wide but still restricted audience. Broadcast encryption can be used to address the contents of a transmission to registered and paying receivers only. To discourage the users from replicating their decryption keys, traitor tracing broadcast encryption schemes were introduced. Even further properties are desired for the schemes to be practical: in long-lived schemes the server can adapt its encryption procedure to the presence of pirate decryption keys, and modify the transmissions to reach the legitimate users only. An efficient public-key broadcast encryption scheme was presented by Boneh and Franklin in Crypto ’99. We present a general attempt to make the scheme long-lived, and also develop an attack against our own proposition. The work demonstrates the properties of the scheme and provides guidelines for future work.