高级检索
    王晓明 姚国祥 廖志委. 一个叛逆者追踪方案分析和改进[J]. 计算机研究与发展, 2013, 50(10): 2092-2099.
    引用本文: 王晓明 姚国祥 廖志委. 一个叛逆者追踪方案分析和改进[J]. 计算机研究与发展, 2013, 50(10): 2092-2099.
    Wang Xiaoming, Yao Guoxiang, and Liao Zhiwei. Cryptanalysis and Modification of a Traitor Tracing Scheme[J]. Journal of Computer Research and Development, 2013, 50(10): 2092-2099.
    Citation: Wang Xiaoming, Yao Guoxiang, and Liao Zhiwei. Cryptanalysis and Modification of a Traitor Tracing Scheme[J]. Journal of Computer Research and Development, 2013, 50(10): 2092-2099.

    一个叛逆者追踪方案分析和改进

    Cryptanalysis and Modification of a Traitor Tracing Scheme

    • 摘要: 最近,王青龙等人提出了一种新的基于双线性映射的公钥叛逆者追踪方案, 并称该方案具有完全抗共谋性、完全撤销性、完全恢复性和黑盒追踪性等优点.分析了王青龙等人的方案,指出该方案不能实现完全撤销功能,并对王青龙等人的方案进行了改进,提出了一个新的基于双线性映射的叛逆者追踪方案.为了减少存储、计算和通信开销,提出的方案使用多项式和过滤函数构建追踪方案.当发现叛逆者时,提出的方案能够在不更新合法用户密钥的前提下, 同时安全撤销多个叛逆者,实现了完全撤销,克服了王青龙等人方案的缺陷.方案的安全性基于离散对数问题和判定Diffie-Hellma问题为困难问题.安全性证明和性能分析表明提出的方案是安全的,能满足完全抗共谋性、完全可恢复性、黑盒追踪性和完会撤销性.同时,就存储、计算和通信开销而言,提出的方案比王青龙等人的方案低.

       

      Abstract: Recently, Wang et al. proposed a traitor tracing scheme based on bilinear map. They claimed that their scheme cloud achieve full collusion resistance, full revocation, full recoverability and black-box traceability, which is efficient in terms of the translation overhead and storage overhead in comparison with the previously proposed schemes. In this paper, we analyze their scheme and show that their scheme does not achieve full revocation. Then we modify their scheme and propose a new traitor tracing scheme based on bilinear map. In this scheme, we employ the polynomial function and the filter function as the basic means of constructing the traitor tracing procedures in order to minimize the storage, computational and communication costs. More importantly, when traitors are found, this scheme can safely revoke their private keys without updating the private keys of other receivers and deter the revoked users to recover the decryption key. Therefore, it can achieve full revocation, and thus overcomes the weakness in Wang et al.' scheme. The security of the proposed scheme is based on the difficult problems of solving bilinear discrete logarithm problem and decision Diffie-Hellman problem. The proof of security and analysis of performance show that the proposed scheme is secure and able to achieve full collusion resistance, full recoverability, black-box traceability and full revocation. Moreover, the scheme is better than Wang et al's scheme in terms of the storage, computation and communication costs.

       

    /

    返回文章
    返回