Titel: Fingercasting-Joint Fingerprinting and Decryption of Broadcast Messages
Abstract:
The talk discusses a stream cipher that provides confidentiality,
traceability and renewability in the context of broadcast encryption.
The cipher is as secure as the generic pseudo-random sequence on which
it operates. This encryption scheme, termed fingercasting scheme,
achieves joint decryption and fingerprinting of broadcast messages in
such a way that an adversary cannot separate both operations or
prevent them from happening simultaneously. The scheme is a
combination of a broadcast encryption scheme, a fingerprinting scheme
and an encryption scheme inspired by the Chameleon cipher. It is the
first to provide a formal security proof and a non-constant lower
bound for resistance against collusion of malicious users, i.e., a
minimum number of content copies needed to remove all fingerprints.
The inductive security proof shows that by increasing a parameter of
the stream cipher, the statistical distance between the key stream and
a random key stream becomes arbitrarily small. The scheme is efficient
and includes parameters that allow, for example, to trade-off storage
size for computation cost at the receiving end.