Abstract: Cryptanalysis of a traitor tracing scheme shows that it exists follow security deficiencies: the revoked traitor can decrypt new ciphertext under the help of legitimate user; legitimate users can forge effective decryption key if they conspire. This paper proposes forgery attack scheme and gives the reason why it is attacked. This paper points out one mistake in designation of the scheme, which explains it is not feasible in the actual operation.

Key words: traitor racing, RSA algorithm, colluding attack

摘要： 对一种叛逆者追踪方案提出安全性分析，指出它存在的安全缺陷有被撤销的叛逆者可以在合法用户的帮助下继续解密新密文及合法用户可以合谋伪造有效的解密密钥。提出伪造攻击方案，并给出方案被攻击的原因。指出方案的一个设计错误，说明该方案在实际操作上是不可行的。

关键词: 叛逆者追踪, RSA算法, 合谋攻击

CLC Number: 

• TN918