Authors: Hongxia Jin, Jeffrey Lotspiech, Serdar Pehlivanoglu
Addresses: IBM Almaden Research Center, San Jose, CA 95120, USA. ' Lotspiech.com LLC, Henderson, NV, USA. ' Division of Mathematical Sciences, School of Physical and Mathematical Sciences, Nanyang Technological University, Singapore
Abstract: A trace and revoke scheme is an encryption scheme to make sure that only authorised users can access the content. When a clone device is recovered, the |trace| component detects the pirate users that have compromised the secret keys in their devices and contributed to the clone device. In a pirate evolution attack, attackers release the compromised secret keys very slowly through a number of generations of pirate decoders that will take long time to disable them all. In this paper we will show an easy and efficient approach for the state-of-art subset difference based trace-revoke scheme to defend well against this attack. Our solution is deployed in AACS, the industry new content protection standard for high definition DVDs. We believe the pirate evolution tolerance bound should be considered carefully while designing a scheme. We formally analyse the trade off between the immunity to evolution attack and revocation efficiency.
Keywords: traitor tracing; broadcast encryption; pirate evolution attacks; cryptography; trace and revoke schemes; subset difference; content protection standards; high definition DVDs; revocation efficiency.
International Journal of Applied Cryptography, 2010 Vol.2 No.1, pp.23 - 34
Published online: 01 Jul 2010 *Full-text access for editors Access for subscribers Purchase this article Comment on this article