Identity-based traitor tracing (IBTT) scheme can be utilized to identify a private (decryption) key of any identity that is illegally used in an identity-based broadcast encryption scheme. In PKC'07, Abdalla et al. proposed the first IBTT construction with short private key. In CCS'08, Boneh and Naor proposed a public-key traitor tracing, which can be extended to IBTT with short ciphertext. With a further exploration, in this paper, we propose the first IBTT with short private key and short ciphertext. Private key and ciphertext are both order of O(l 1+l 2), where l 1 is the bit length of codeword of fingerprint codes and l 2 is the bit length of group element. To present our IBTT scheme, we introduce a new primitive called identity-based set encryption (IBSE), and then describe our IBTT scheme from IBSE and fingerprint codes based on the Boneh-Naor paradigm. Our IBSE scheme is provably secure in the random oracle model under the variant of q-BDHE assumption. © 2012 Springer-Verlag.
Available at: http://works.bepress.com/ymu/3/