Gossip Codes for Fingerprinting: Construction, Erasure Analysis and Pirate Tracing

This work presents two new construction techniques for q-ary Gossip codes from tdesigns and Traceability schemes. These Gossip codes achieve the shortest code length specified in terms of code parameters and can withstand erasures in digital fingerprinting applications. This work presents the construction of embedded Gossip codes for extending an existing Gossip code into a bigger code. It discusses the construction of concatenated codes and realisation of erasure model through concatenated codes.Comment: 28 page

Properties and evaluation of fingerprinting codes

The concept of data fingerprinting is of paramount importance in the framework of digital content distribution. This project deals with fingerprinting codes, which are used to prevent dishonest users from redistributing copyrighted material. After introducing some basic notions of coding and fingerprinting theory, the project is divided in two parts. In the first part, we present and analyze some of the main existing fingerprinting codes and we also discuss some new constructions. The study is specifically focused on the estimation of the minimum length of the codes, given the design parameters of the system: number of users to allocate, maximum size of the collusions and probability of identification error. Also, we present some theoretical results about the new code construction studied. Finally, we present several simulations, comparing the different codes and estimating what is the minimum-length code in each region. The second part of the project is devoted to the study of the properties of Reed-Solomon codes in the context of fingerprinting. Codes with the traceability (TA) property are of remarkable significance, since they provide an efficient way to identify traitors. Codes with the identifiable parent property (IPP) are also capable of identifying traitors, requiring less restrictive conditions than the TA codes at the expense of not having an efficient decoding algorithm, in the general case. Other codes that have been widely studied but possess a weaker traitor-tracing capability are the secure frameproof codes (SFP). It is a well-known result that TA implies IPP and IPP implies SFP. The converse is in general false. However, it has been conjectured that for Reed-Solomon codes all three properties are equivalent. In this paper we investigate this equivalence, and provide a positive answer for families of Reed-Solomon codes when the number of traitors divide the size of the code fieldAward-winnin

Improved Constructions of Frameproof Codes

Frameproof codes are used to preserve the security in the context of coalition when fingerprinting digital data. Let $M_{c,l}(q)$ be the largest cardinality of a $q$-ary $c$-frameproof code of length $l$ and $R_{c,l}=\lim_{q\rightarrow \infty}M_{c,l}(q)/q^{\lceil l/c\rceil}$. It has been determined by Blackburn that $R_{c,l}=1$ when $l\equiv 1\ (\bmod\ c)$, $R_{c,l}=2$ when $c=2$ and $l$ is even, and $R_{3,5}=5/3$. In this paper, we give a recursive construction for $c$-frameproof codes of length $l$ with respect to the alphabet size $q$. As applications of this construction, we establish the existence results for $q$-ary $c$-frameproof codes of length $c+2$ and size $\frac{c+2}{c}(q-1)^2+1$ for all odd $q$ when $c=2$ and for all $q\equiv 4\pmod{6}$ when $c=3$. Furthermore, we show that $R_{c,c+2}=(c+2)/c$ meeting the upper bound given by Blackburn, for all integers $c$ such that $c+1$ is a prime power.Comment: 6 pages, to appear in Information Theory, IEEE Transactions o

A Concise Bounded Anonymous Broadcast Yielding Combinatorial Trace-and-Revoke Schemes

Broadcast Encryption is a fundamental primitive supporting sending a secure message to any chosen target set of $N$ users. While many efficient constructions are known, understanding the efficiency possible for an ``Anonymous Broadcast Encryption\u27\u27 (ANOBE), i.e., one which can hide the target set itself, is quite open. The best solutions by Barth, Boneh, and Waters (\u2706) and Libert, Paterson, and Quaglia (\u2712) are built on public key encryption (PKE) and their ciphertext sizes are, in fact, $N$ times that of the underlying PKE (rate=$N$). Kiayias and Samary (\u2712), in turn, showed a lower bound showing that such rate is the best possible if $N$ is an independent unbounded parameter. However, when considering certain user set size bounded by a system parameter (e.g., the security parameter), the problem remains interesting. We consider the problem of comparing ANOBE with PKE under the same assumption. We call such schemes Anonymous Broadcast Encryption for Bounded Universe -- AnoBEB. We first present an AnoBEB construction for up to $k$ users from LWE assumption, where $k$ is bounded by the scheme security parameter. The scheme does not grow with the parameter and beat the PKE method. Actually, our scheme is as efficient as the underlying LWE public-key encryption; namely, the rate is, in fact, $1$ and thus optimal. The scheme is achieved easily by an observation about an earlier scheme with a different purpose. More interestingly, we move on to employ the new AnoBEB in other multimedia broadcasting methods and, as a second contribution, we introduce a new approach to construct an efficient ``Trace and Revoke scheme\u27\u27 which combines the functionalites of revocation and of tracing people (called traitors) who in a broadcasting schemes share their keys with the adversary which, in turn, generates a pirate receiver. Note that, as was put forth by Kiayias and Yung (EUROCRYPT \u2702), combinatorial traitor tracing schemes can be constructed by combining a system for small universe, integrated via an outer traceability codes (collusion-secure code or identifying parent property (IPP) code). There were many efficient traitor tracing schemes from traceability codes, but no known scheme supports revocation as well. Our new approach integrates our AnoBEB system with a Robust IPP code, introduced by Barg and Kabatiansky (IEEE IT \u2713). This shows an interesting use for robust IPP in cryptography. The robust IPP codes were only implicitly shown by an existence proof. In order to make our technique concrete, we propose two explicit instantiations of robust IPP codes. Our final construction gives the most efficient trace and revoke scheme in the bounded collusion model

A construction of traceability set systems with polynomial tracing algorithm

© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes,creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.A family F of w-subsets of a finite set X is called a set system with the identifiable parent property if for any w-subset contained in the union of some t sets, called traitors, of F at least one of these sets can be uniquely determined, i.e. traced. A set system with traceability property (TSS, for short) allows to trace at least one traitor by minimal distance decoding of the corresponding binary code, and hence the complexity of tracing procedure is of order O(M), where M is the number of users or the code's cardinality. We propose a new construction of TSS which is based on the old Kautz-Singleton concatenated construction with algebraic-geometry codes as the outer code and Guruswami-Sudan decoding algorithm. The resulting codes (set systems) have exponentially many users (codevectors) M and polylog(M) complexity of code construction and decoding, i.e. tracing traitors. This is the first construction of traceability set systems with such properties.Peer ReviewedPostprint (author's final draft