Traitor tracing schemes as introduced by Chor, Fiat, and Naor at Crypto ’94 are intended for tracing people who abuse a broadcast encryption scheme by allowing additional, illegitimate users to decrypt the data. The schemes should also provide legal evidence for such treachery. We discuss and improve the quality of such evidence, i.e., the security of trials that would be held about supposedly ...

Traitor tracing is needed because some users in broadcast encryption system may give out their decryption keys to construct pirate decoders. Recently, Liu and Yuan described a trace and revoke systems with short ciphertexts. In this paper, we show that their scheme cannot achieve traitor tracing, since any receiver can decide whether the given ciphertext is well-formed or not so as to decide wh...

Broadcast Encryption allows a centre to send information over a broadcast channel to a dynamically changing group of users. The performance is rated by the bandwidth required for the broadcast and the amount of secret information needed to be stored at the user end. It can also be rated by the computational overhead. In the “Stateless Receiver” model, receivers are incapable of storing any new ...

We propose a new broadcast encryption scheme based on the idea of ‘one key per each punctured interval’. Let r be the number of revoked users. In our scheme with p-punctured c-intervals, the transmission overhead is roughly r p+1 as r grows. Our scheme is very flexible with two parameters p and c. We may take p as large as possible if a user device allows a large key storage, and set c as small...

Broadcast encryption (BE) deals with secure transmission of a message to a group of users such that only an authorized subset of users can decrypt the message. Some of the most effective BE schemes in the literature are the tree-based schemes of complete subtree (CS) and subset difference (SD). The key distribution trees in these schemes are traditionally constructed without considering user pr...

We present the first hierarchical identity based encryption (HIBE) system that has full security for more than a constant number of levels. In all prior HIBE systems in the literature, the security reductions suffered from exponential degradation in the depth of the hierarchy, so these systems were only proven fully secure for identity hierarchies of constant depth. (For deep hierarchies, previ...

We present the first hierarchical identity based encryption (HIBE) system that has full security for more than a constant number of levels. In all prior HIBE systems in the literature, the security reductions suffered from exponential degradation in the depth of the hierarchy, so these systems were only proven fully secure for identity hierarchies of constant depth. (For deep hierarchies, previ...

In identity-based encryption (IBE) systems, an efficient key delegation method to manage a large number of users and an efficient key revocation method to handle the dynamic credentials of users are needed. Revocable hierarchical IBE (RHIBE) can provide these two methods by organizing the identities of users as a hierarchy and broadcasting an update key for non-revoked users per each time perio...