Journal of Broadcast Engineering (방송공학회논문지)

The Korean Institute of Broadcast and Media Engineers (한국방송∙미디어공학회)
권호 표지
DOI QR코드

DOI QR Code

Security Analysis of Broadcast Encryption System Based on 2-Subset Difference Method

2-SD 방식에 기반한 브로드캐스트 암호시스템의 안전성 분석

  • Lee, Jae Hwan (Department of Computer Science, College of Software, Sangmyung University) ;
  • Park, Jong Hwan (Department of Computer Science, College of Software, Sangmyung University)
  • 이재환 (상명대학교 소프트웨어대학 컴퓨터과학과) ;
  • 박종환 (상명대학교 소프트웨어대학 컴퓨터과학과)
  • Received : 2014.05.13
  • Accepted : 2014.07.28
  • Published : 2014.07.30
Download PDF
⟨ Previous Next ⟩

Abstract

Broadcast encryption is a cryptographic primitive that allows a sender to securely transmit a message to a set of receivers. The most influential broadcast encryption system was proposed in 2001 by Naor, Naor, Lotspiech, based on binary trees and the Subset Difference (SD) method. In 2006, Jang, Nyang, and Song suggested a new broadcast encryption system that can reduce transmission rate by 50% compared to the SD method, by introducing the so-called '2-SD' method. Their result was later given the registration of a patent in Korea (registration number: 100879083). Unfortunately, however, this paper shows that Jang et. al.'s broadcast encryption system is not secure against collusion attacks that are considered as being the basic security requirement in designing broadcast encryption.

브로드캐스트 암호시스템은 한명의 송신자가 다수의 수신자에게 메시지를 암호화하여 안전하게 전송하는 기법이다. 2001년 Naor, Naor, Lotspiech가 이진트리 하에서 Subset Difference(SD) 방식을 이용하여 제안한 브로드캐스트 암호시스템이 가장 효율적인 기법으로 알려지고 있다. 2006년 장지용, 양대헌, 송주석은 SD 방식을 변형한 2-SD 방식을 이용하여 새로운 브로드캐스트 암호시스템을 제안하였다. 장지용 등의 기법은 기존 Naor 등이 제안한 SD 방식에 비해 전송량을 거의 절반으로 줄일 수 있는 획기적인 기법이었으며, 2009년 대한민국에 특허로 등록되기까지 하였다(등록번호: 100879083). 그러나 본 논문에서는 장지용 등이 제안한 2-SD 방식의 브로드캐스트 암호시스템 안전성의 기본 전제인 공모공격(collusion attack)에 전혀 안전하지 않다는 것을 보인다.

Keywords

References

  1. A. Fiat and M. Naor, "Broadcast encryption," Proceedings of the CRYPTO'93, volume 773 of LNCS, pp. 480-491, Aug. 1993.
  2. D. Naor, M. Naor and J. Lotspiech, "Revocation and tracing schemes for stateless receivers," Proceedings of the CRYPTO 2001, vol. 2139 of LNCS, pp. 41-62, Feb. 2001.
  3. D. Halevy and A. Shamir, "The LSD broadcast encryption scheme," Proceedings of the CRYPTO 2002, vol. 2442 of LNCS, pp. 47-60, Aug. 2002.
  4. M.T. Goodrich, J.Z. Sun and R. Tamassia, "Efficient tree-based revocation in groups of low-state devices," Proceedings of the CRYPTO 2004, vol. 3152 of LNCS, pp. 511-527, Aug. 2004.
  5. S. Bhattacherjee and P. Sarkar, "Tree based symmetric key broadcast encryption", IACR Cryptology ePrint Archive, Report 2013/786, 2013.
  6. B. Chor, A. Fiat, and M. Naor, "Tracing traitors," Proceedings of the CRYPTO'94, vol. 839 of LNCS, pp. 257-270, Aug. 1994.
  7. Y. Dodis and N. Fazio, "Public key broadcast encryption for stateless receivers," Proceedings of the Digital Rights Management Workshop, vol. 2696 of Lecture Notes in Computer Science, pp. 61-80, 2002.
  8. ChongHee Kim, YongHo Hwang and PilJoong Lee, "An efficient public key trace and revoke scheme secure against adaptive chosen ciphertext attack," Proceedings of the ASIACRYPT 2003, vol. 2894 of LNCS, pp. 359-373, Nov/Dec. 2003.
  9. D. Boneh, C. Gentry and B. Waters, "Collusion resistant broadcast encryption with short ciphertexts and private keys," Proceedings of the CRYPTO 2005, vol. 3621 of LNCS, pp. 258-275, Aug.2005.
  10. D. Boneh and B. Waters, "A fully collusion resistant broadcast, trace, and revoke system," Proceedings of the ACM CCS 06, pp. 211-220, Oct/Nov. 2006.
  11. JiYong Jang, DaeHun Nyang, and JooSeok Song, "2-Subset Difference Scheme for Broadcast Encryption," Journal of the Korea Institute of Information Security and Cryptology, 16(4), pp. 1-5, Aug. 2006.
  12. K. Fukushima, S. Kiyomoto, Y. Miyake and K. Sakurai, "Revocation and tracing based on ternary tree: towards optimal broadcast encryption scheme," Proceedings of the IECTE 2011, vol. 314 of CCIS, pp. 233-248, 2012.

Cited by

  1. 2-Subset Difference Broadcast Encryption System Based on Secret Sharing Method vol.20, pp.4, 2015, https://doi.org/10.5909/JBE.2015.20.4.580