Presentation is loading. Please wait.

Presentation is loading. Please wait.

Broadcast Encryption Scheme Based on Binary Cubes Alexey Urivskiy JSC «InfoTeCS», Moscow, Russia

Published byThomasina Sullivan Modified over 9 years ago

Similar presentations

Presentation on theme: "Broadcast Encryption Scheme Based on Binary Cubes Alexey Urivskiy JSC «InfoTeCS», Moscow, Russia"— Presentation transcript:

1 Broadcast Encryption Scheme Based on Binary Cubes Alexey Urivskiy JSC «InfoTeCS», Moscow, Russia alexey.urivskiy@mail.ru

2 What is Broadcast Encryption? Center Channel Message Privileged usersRevoked users Alexey Urivskiy ACCT'2014

3 Purpose Securely broadcast a message to an arbitrary dynamically changing subset of stateless receivers. Alexey Urivskiy ACCT'2014

4 Typical BE-Applications pay-TV systems; tactical radio; positioning systems; digital rights management solutions; etc. Alexey Urivskiy ACCT'2014

5 Preliminary Phase: Key Distribution 4 Center 1 2 3 Alexey Urivskiy ACCT'2014

6 1234

7 Broadcast Phase: Message Index = Information on which users are in which subset Ciphertexts = The Session Key encrypted on Key Encryption Keys (KEK) Encrypted message = The Message encrypted on the Session Key IndexCiphertextsEncrypted message HEADER BODY Alexey Urivskiy ACCT'2014

8 Performance Parameters Transmission overhead the header’s length User key block the number of KEKs of the user Processing complexity Security focus only on information-theoretic secure Alexey Urivskiy ACCT'2014

9 Designing a good BES? Provided the BES is secure computationally efficient given the network size the number of the revoked users to balance the size of the user key block and the transmission overhead Alexey Urivskiy ACCT'2014

10 Naive Scheme 1234 Alexey Urivskiy ACCT'2014

11 Properties Transmission overhead Largest possible User key block Smallest possible = 1 Key Processing complexity Low Alexey Urivskiy ACCT'2014

12 Trivial Scheme 1234 12 3 4 5 6 7 8 9 10 11 12 13 14 15 Alexey Urivskiy ACCT'2014

13 Properties Transmission overhead Smallest possible = 1 KEK User key block Largest possible Processing complexity Low Alexey Urivskiy ACCT'2014

14 The CuBES Cubes Based Broadcast Encryption Scheme Alexey Urivskiy ACCT'2014

15 Why we say ‘CUBES’? xyz 111 110 101 011 100 010 001 000 y x z (1,1,1) (0,1,1) (0,0,1) (1,0,1) (0,1,0)(0,0,0) (1,1,0) (1,0,0) Binary cube of dimension 3 Alexey Urivskiy ACCT'2014

16 1234 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 1 1 1 111 111 111 1 1 1 11 11 11 11 11 11 1 1 1 1 0 0 0 0 00 0 0 00 00 0 00 0 000 00 0 0 0 00 0 0 0 0 00 Binary cube of dimension 4 Alexey Urivskiy ACCT'2014

17 1234 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Properties for N users 2 N -1 keys in total 2 N-1 keys for every user 1 KEK to handle any configuration of revoked users Limitation: in practice N ≤ 20 Alexey Urivskiy ACCT'2014

18 Approach Partition users into small group. Apply the trivial scheme to every group. Apply a logical hierarchy to group of users – a tree-like construction. Alexey Urivskiy ACCT'2014

19 Hierarchy Example - 24 users Binary cube (keys) for 2 (virtual) users Binary cube (keys) for 3 (virtual) users Binary cube (keys) for 4 users User Alexey Urivskiy ACCT'2014

20 Users Key Block Example 3 Alexey Urivskiy ACCT'2014

21 1234 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 2 3 4 5 6 7 1 2 3 3 Users Key Block Example Alexey Urivskiy ACCT'2014

22 3 2 1414 1 2 4 5 7 9 1 1 2 4 6 1 Users Key Block Example Alexey Urivskiy ACCT'2014

23 Example 4x3x2 User’s storage 14 KEKs Coverage 5 KEKs Alexey Urivskiy ACCT'2014

24 Example 6x4 User’s storage 47 KEKs Coverage 4 KEKs Alexey Urivskiy ACCT'2014

25 Example 8x3 User’s storage 131 KEKs Coverage 3 KEKs Alexey Urivskiy ACCT'2014

26 Worst case analysis # Revoked users Coverage, # KEKs Alexey Urivskiy ACCT'2014

27 Scheme Transmission overhead, KEKs User key block, KEKs 8x8x4x4x4x4x4x4x4 ~82000304 9x9x6x6x6x5x4x3 ~ 78500 629 10x10x7x7x6x6x6 ~ 76000 1242 Users: N=2 20 Revoked users: r=2 16 CuBES Example Alexey Urivskiy ACCT'2014

28 Coverage, # KEKs # Revoked users 8x8x4x4x4x4x4x4x49x9x6x6x6x5x4x310x10x7x7x6x6x6 Alexey Urivskiy ACCT'2014

29 Thank you! Questions? Alexey Urivskiy ACCT'2014

Download ppt "Broadcast Encryption Scheme Based on Binary Cubes Alexey Urivskiy JSC «InfoTeCS», Moscow, Russia"

Similar presentations

Explicit Exclusive Set Systems with Applications to Broadcast Encryption David Woodruff Joint with Craig Gentry and Zulfikar Ramzan To appear in FOCS 2006.

Explicit Exclusive Set Systems with Applications to Broadcast Encryption David Woodruff Joint with Craig Gentry and Zulfikar Ramzan To appear in FOCS 2006.
Scalable Content-Addressable Network Lintao Liu 2001.11.19.

Scalable Content-Addressable Network Lintao Liu
1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang

1 Efficient Self-Healing Group Key Distribution with Revocation Capability by Donggang Liu, Peng Ning, Kun Sun Presented by Haihui Huang
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5.3 Group Key Distribution Acknowledgment: Slides on.
Self-Healing in Wireless Networks. The self-healing property is expected in many aspects in wireless networks: – Encryption algorithms – Key distribution.

Self-Healing in Wireless Networks. The self-healing property is expected in many aspects in wireless networks: – Encryption algorithms – Key distribution.
Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.

Group Protocols for Secure Wireless Ad hoc Networks Srikanth Nannapaneni Sreechandu Kamisetty Swethana pagadala Aparna kasturi.
Su Youn Lee, Su Mi Lee and Dong Hoon Lee 2007.1.24 Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.

Su Youn Lee, Su Mi Lee and Dong Hoon Lee Current Trends in Theory and Practice of Computer Science Baekseok College of Cultural Studies GSIS.
Secure Content Delivery in Information-Centric Networks: Design, Implementation, and Analyses Computer Science Department New Mexico State University,

Secure Content Delivery in Information-Centric Networks: Design, Implementation, and Analyses Computer Science Department New Mexico State University,
Locally Decodable Codes

Locally Decodable Codes
Broadcast Encryption – an overview Niv Gilboa – BGU 1.

Broadcast Encryption – an overview Niv Gilboa – BGU 1.
Coverage Algorithms Mani Srivastava & Miodrag Potkonjak, UCLA [Project: Sensorware (RSC)] & Mark Jones, Virginia Tech [Project: Dynamic Sensor Nets (ISI-East)]

Coverage Algorithms Mani Srivastava & Miodrag Potkonjak, UCLA [Project: Sensorware (RSC)] & Mark Jones, Virginia Tech [Project: Dynamic Sensor Nets (ISI-East)]
1 A Fully Collusion Resistant Broadcast, Trace and Revoke System Brent Waters SRI International Dan Boneh Stanford.

1 A Fully Collusion Resistant Broadcast, Trace and Revoke System Brent Waters SRI International Dan Boneh Stanford.
Broadcast Encryption and Traitor Tracing 2001. 12. 2001507 Jin Kim.

Broadcast Encryption and Traitor Tracing Jin Kim.
Computer Science 1 Efficient Self-healing Group Key Distribution With Revocation Capability Archana Rajagopal CSC 774 Presentation Based on Original Slides.

Computer Science 1 Efficient Self-healing Group Key Distribution With Revocation Capability Archana Rajagopal CSC 774 Presentation Based on Original Slides.
Key Management Schemes for Stateless Receivers Based on Time Varying Heterogeneous Logical Key Hierarchy Miodrag Mihaljevic ASIACRYPT 2003 December 1,

Key Management Schemes for Stateless Receivers Based on Time Varying Heterogeneous Logical Key Hierarchy Miodrag Mihaljevic ASIACRYPT 2003 December 1,
Information Security for Sensors Overwhelming Random Sequences and Permutations Shlomi Dolev, Niv Gilboa, Marina Kopeetsky, Giuseppe Persiano, and Paul.

Information Security for Sensors Overwhelming Random Sequences and Permutations Shlomi Dolev, Niv Gilboa, Marina Kopeetsky, Giuseppe Persiano, and Paul.
Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.

Secure Multicast (II) Xun Kang. Content Batch Update of Key Trees Reliable Group Rekeying Tree-based Group Diffie-Hellman Recent progress in Wired and.
ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Shalini Bhavanam. Key words: Basic Definitions Classification of Networks Types of networks Network Topologies Network Models.

Shalini Bhavanam. Key words: Basic Definitions Classification of Networks Types of networks Network Topologies Network Models.

Similar presentations

Ads by Google