2002 | OriginalPaper | Buchkapitel
Public Key Trace and Revoke Scheme Secure against Adaptive Chosen Ciphertext Attack
verfasst von : Yevgeniy Dodis, Nelly Fazio
Erschienen in: Public Key Cryptography — PKC 2003
Verlag: Springer Berlin Heidelberg
Enthalten in: Professional Book Archive
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
A (public key) Trace and Revoke Scheme combines the functionality of broadcast encryption witht he capability of traitor tracing. Specifically, (1) a trusted center publishes a single public key and distributes individual secret keys to the users of the system; (2) anybody can encrypt a message so that all but a specified subset of “revoked” users can decrypt the resulting ciphertext; and (3) if a (small) group of users combine their secret keys to produce a “pirate decoder”, the center can trace at least one of the “traitors” given access to this decoder. We construct the first chosen ciphertext (CCA2) secure Trace and Revoke Scheme based on the DDH assumption. Our scheme is also the first adaptively secure scheme, allowing the adversary to corrupt players at any point during execution, while prior works (e.g., [14]Of independent interest, we present a slightly simpler construction that shows a “natural separation” between the classical notion of CCA2- security and the recently proposed [15]