Mixed Functional Encryption: Applications to Traitor Tracing

          @misc{ scivideos_15508,
            doi = {},
            url = {https://simons.berkeley.edu/talks/mixed-functional-encryption-applications-traitor-tracing},
            author = {},
            keywords = {},
            language = {en},
            title = {Mixed Functional Encryption: Applications to Traitor Tracing},
            publisher = {The Simons Institute for the Theory of Computing},
            year = {2020},
            month = {mar},
            note = {15508 see, \url{https://scivideos.org/Simons-Institute/15508}}
          }
          

Abstract

The notion of traitor tracing (TT) was introduced by Chor, Fiat, and Naor in the early 90s with the goal of solving the accountability problem in broadcast systems. In a TT system for N users, every user has his/her own secret key. Content providers can encrypt messages using a public key, while each user can decrypt using his/her secret key. Suppose some of the N users collude to construct a pirate decoding box. The most notable property of such systems is the presence of a special algorithm, called Trace, which can identify at least one of the secret keys used to construct the pirate decoding box. Although TT has numerous applications beyond broadcast TV systems, all previous TT systems either had large ciphertexts, or relied on non-standard assumptions. Recently, in a joint work with Venkata Koppula and Brent Waters, we introduced a new form of functional encryption (FE) that we called Mixed FE, and using Mixed FE we built the first fully collusion resistant compact TT scheme provably secure under the learning with errors (LWE) assumption. In this talk, we revisit the notion of Mixed FE and discuss some applications of the concept in introducing tracing capabilities in a wide variety of encryption systems.