Pirate Evolution - Encryption for Digital Content

Cryptography Reference

In-Depth Information

Theorem 5.7. Let n ∈ N be the number of receivers. For a given R ⊆ [n],

any leaking incident Leaking corrupting t users in a single subset S ∈

Revoke(Φ CS ,R) = ψ enables an evolving pirate with respect to Leaking

so that PE R,GenDisable

P,Leaking

(t) ≥ 2t−2 + log(|S|/t).

Proof of Theorem 5.7 : We will count the number of nodes in the Steiner

tree Steiner(T,S) as it is the number of decoders P can construct with re-

spect to any leaking incident Leaking corrupting t users in S. Denoting

the number of nodes with depth i by c i ≥ 1 we have PE R,GenDisable

(t) =

P,Leaking

P log |S|

i=0 c i . It is clear that c i ≥ dc i+1 /2e and c log |S| = t. Then it holds that

c i ≥dc log |S| /2 log |S|−i e = dt/2 log |S|−i e, hence:

log |S|

X

dt/2 log |S|−i e

c i ≥

i=0

2 dlog te it holds that dt/2 log |S|−i e = 1 for all 0 ≤ i ≤ log|S|−

t

Since 1 ≥

dlog te.

log |S|

log |S|−dlog(t)e−1

X

PE R,GenDisable

P,Leaking

dt/2 log |S|−i e+

(t) =

c i ≥

1

i=0

i=log |S|−dlog(t)e

i=0

This yields the following:

(t) ≥ t· P dlog te

i=0

1/2 i + P log |S|−dlog(t)e−1

i=0

PE R,GenDisable

P,Leaking

1

≥ t· (2−1/2 dlog te ) + log(|S|/t) −1

≥ 2t−2 + log(|S|/t)

which completes the proof of the theorem.

Theorem 5.8. Let n ∈ N be the number of receivers. For a given R ⊆ [n],

there exists a leaking incident Leaking corrupting t users in a single subset

S ∈Revoke(Φ CS ,R) = ψ so that PE R,GenDisable

(t) ≥ t−1 + t log(|S|/t).

P,Leaking

Proof of Theorem 5.8 : It is su cient to describe a leaking incident Leaking

that satisfies PE R,GenDisable

P,Leaking (t) ≥ 2t−1 +t log(|S|/t). Consider the nodes of

the Steiner tree Steiner(T,S) and denote the number of nodes with depth i by

c i . We choose the leaking incident as follows: (1) any node of depth ≤blog tc

is an ancestor of at least one traitor, (2) for any depth > blog tc there exist

t nodes at this depth that are ancestors of a traitor. These conditions are

equivalent to saying c i = 2 i for all 0 ≤ i ≤blog tc, and c i = t otherwise. Such

case can be easily constructed as the Figure 5.5 illustrates. The sum P i=0

log |S| c i

will give us the number of pirate decoder generations with respect to the given

leaking incident:

Encryption for Digital Content

Search WWH ::

Custom Search

Home