A lot of encryption and watermarking schemes have been developed as countermeasures to protect copyrights of broadcast or multicast content from malicious subscribers (traitors) that make pirate receivers (PRs) to use the content illegally. However, solo use of these schemes does not necessarily work well. Traitor tracing encryption schemes are a type of broadcasting encryption and have been developed for broadcasting and multicast services. There are multiple distinct decryption keys for each encryption key, and each service subscriber is given a unique decryption key. Any subscriber that redistributes his or her decryption key to a third party or who uses it and maybe other keys to make a PR can be identified with using the tracing algorithm of the scheme that is used by the services. However, almost all previous schemes have the same weakness; that is, they are vulnerable to an attack (content comparison attack). This is a concrete example such that solo use of the scheme does not work well. The attack involves multiple distinct decryption keys and a content-data comparison mechanism. We have developed a method, called complementary traitor tracing method (CTT), that makes traitor tracing schemes secure against content comparison attacks. It makes it impossible for PRs to distinguish ordinary content data from test data and makes traitor tracing schemes effective against all PRs, even those with multiple distinct decryption keys. CTT is made with a simple combination of schemes that are absolutely necessary. It makes broadcasting or multicast services secure.

Digital fingerprinting is used to trace back illegal users, where unique ID known as digital fingerprints is embedded into a content before distribution. On the generation of such fingerprints, one of the important properties is collusion-resistance. Binary codes for fingerprinting with a code length of theoretically minimum order were proposed by Tardos, and the related works mainly focused on the reduction of the code length were presented. In this paper, we present a concrete and systematic construction of the Tardos's fingerprinting code using a chaotic map. Using a statistical model for correlation scores, the actual number of true-positive and false-positive detection is measured. The collusion-resistance of the generated fingerprinting codes is evaluated by a computer simulation.

Recently, several ID-based key sharing schemes have been proposed, where an initiation phase generates users' secret key associated with identities under the hardness of integer factorization. In this letter, we show that, unfortunately any key sharing scheme with this initiation phase is intrinsically insecure in the sense that the collusion of some users enables them to derive master private keys and hence, generating any user's secret key.

A novel adaptive reputation-based virtual organization formation is proposed. It restrains the bad performers effectively based on the consideration of the global experience of the evaluator and evaluates the direct trust relation between two grid nodes accurately by consulting the previous trust value rationally. It also consults and improves the reputation evaluation process in PathTrust model by taking account of the inter-organizational trust relationship and combines it with direct and recommended trust in a weighted way, which makes the algorithm more robust against collusion attacks. Additionally, the proposed algorithm considers the perspective of the VO creator and takes required VO services as one of the most important fine-grained evaluation criterion, which makes the algorithm more suitable for constructing VOs in grid environments that include autonomous organizations. Simulation results show that our algorithm restrains the bad performers and resists against fake transaction attacks and badmouth attacks effectively. It provides a clear advantage in the design of a VO infrastructure.

In 2006, Tanaka has proposed an efficient variant of Maurer-Yacobi's identity-based non-interactive key sharing scheme. In Tanaka's scheme, the computational complexity to generate each user's secret information is much smaller than that of Maurer-Yacobi's scheme. Tanaka's original key sharing scheme does not provide completeness, and so Tanaka has corrected the original scheme to provide completeness. In this paper, we show that Tanaka's corrected key sharing scheme is not secure against collusion attacks. That is, two users can collaborate to factorize a system modulus with their secret information and thus break the key sharing scheme.

The code length of Tardos's collusion-secure fingerprint code is of theoretically minimal order with respect to the number of adversarial users (pirates). However, the constant factor should be further reduced for practical implementation. In this article, we improve the tracing algorithm of Tardos's code and propose a 2-secure and short random fingerprint code, which is secure against collusion attacks by two pirates. Our code length is significantly shorter than that of Tardos's code and its tracing error probability is practically small.

Digital watermarking used for fingerprinting may receive a collusion attack; two or more users collude, compare their data, find a part of embedded watermarks, and make an unauthorized copy by masking their identities. In this paper, assuming that at most c users collude, we give a characterization of the fingerprinting codes that have the best security index in a sense of "(c,p/q)-secureness" proposed by Orihara et al. The characterization is expressed in terms of intersecting families of sets. Using a block design, we also show that a distributor of data can only find asymptotically a set of c users including at least one culprit, no matter how good fingerprinting code is used.

In this paper, we deal with c-secure codes in a fingerprinting scheme, which encode user ID to be embedded into the contents. If a pirate copy appears, c-secure codes allow the owner of the contents to trace the source of the illegal redistribution under collusion attacks. However, when dealing in practical applications, most past proposed codes are failed to obtain a good efficiency, i.e. their codeword length are too large to be embedded into digital contents. In this paper, we propose a construction method of c-secure CRT codes based on polynomials over finite fields and it is shown that the codeword length in our construction is shorter than that of Muratani's scheme. We compare the codeword length of our construction and that of Muratani's scheme by numerical experiments and present some theoretical results which supports the results obtained by numerical experiments. As a result, we show that our construction is especially efficient in respect to a large size of any coalition c. Furthermore, we discuss the influence of the random error on the traceability and formally define the Weak IDs in respect to our construction.

In digital content distribution systems, digital watermarking (fingerprinting) technique provides a good solution to avoid illegal copying and has been studied very actively. c-Secure CRT Code is one of the most practical ID coding schemes for such fingerprinting since it is secure against collusion attacks and also secure even though random errors are furthermore added. But its usefulness is decreased in the case that random errors are added because the code length will be longer. In this paper, a new collusion attack with addition of random errors is introduced and show that c-Secure CRT Code is not sufficiently secure against the attack at first. Next, we analyze the problem and propose a new ID coding scheme, Randomized c-Secure CRT Code which overcomes the problem. As a result, this new scheme improves the error tracing probabilities against the proposed attack drastically. This new scheme has the same code length, so this is one of the most responsible fingerprinting codes for content distribution systems.

The c-Secure CRT code is a collusion-secure fingerprinting code whose code length is reduced by using the Chinese Remainder Theorem. The tracing algorithm for the c-secure CRT code drops its performance of traitor tracing when random errors are added to the codewords. In this paper, we show two approaches to enhance random-error-resilience to the tracing algorithm of the c-secure CRT code. The first approach is introducing thresholds for the distinction of the detected part of the embedded data called detected blocks. We propose a method to derive appropriate values of the thresholds on an assumption that the tracer can estimate the random error rate. This modification extends the capability of traitor tracing to the attacks in which the alteration rate of the detected blocks is not fixed to 0.5. The second approach is extending the scope of the search for the detected blocks. With numerical results by computer simulations, we confirmed an impressive improvement of random-error-resilience of a c-secure CRT code.

Fingerprinting is one of the digital watermarking techniques, and is becoming more important as a copyright protection technique. Fingerprinting must resist collusion attacks. As a security index, "c-secureness" has been proposed, but it has been known that there is indeed no c-secure code. In this paper, we introduce a new index to measure the resilience of fingerprinting for collusion attacks and obtain some upper bounds and a lower bound on the index.

Efficient ID-based key sharing schemes are desired worldwide in order to obtain secure communications on the Internet and other related networks, and Key Pre-distribution System (KPS) is one of the majority of such key sharing schemes. The remarkable property of KPS, is that, user need only input the partner's identifier to the secret KPS-algorithm in order to share a key between them. Although this is just a small part of many advantages KPS has in terms of efficiency, an enormous amount of memory is always required to achieve perfect security. While the conventional KPS methods can establish communication links between any pair of entities in a communication system, in most of the practical communication environment, such as in a broadcast system, not all links will be required. In this article, we achieved a desirable method to remove the unnecessary communication links between any pair of entities in a communication system. In our scheme, required memory size per entity was just proportional to the number of entities of the partner's, while that in conventional KPS, it is proportional to the number of entities of the whole communication system. As an example, if an entity communicates with only 1/r others, the memory requirement is reduced to 1/r of the conventional KPS's. Furthermore, it was proven that the obtained memory size was optimum. Overall, our scheme confirmed greater efficiency to achieve secure communication particularly suited in large-scale networks.

Credit-based electronic payment systems are considered to play important roles in future automated payment systems. Like most other types of payment systems, however, credit-based systems proposed so far generally involve computationally expensive cryptographic operations. Such a relatively heavy computational load is preventing credit-based systems from being used in applications which require very fast processing. A typical example is admission-fee payment at the toll gate of an expressway without stopping a vehicle that travels at a high speed. In this article, we propose a very fast credit-based electronic payment protocol for admission-fee payment. More specifically, we propose a payment system between a high-speed vehicle and a toll gate which uses only very simple and fast computations. The proposed system makes use of an optimized Key Pre-distribution System (or KPS) to obtain high resistance against collusion attacks.

We propose a new probabilistic ID-based non-interactive key sharing scheme that has non-separable secret-key functions and a non-separable common-key function. The proposed scheme uses the calculation over modulo-P, modulo-Q and over integer ring for realizing non-separability. This proposed scheme has a large threshold against linear attack by the collusive entities.

In this paper, we show a collusion attack on the novel and sophisticated ID-based non-interactive key sharing scheme proposed by Tanaka [2], [3]. It is based on a linear algebraic approach [4]. We discuss its complexity and provide numerical simulation results of the success probability in forging the shared keys.