Privacy-Enhanced Content Distribution and Charging Scheme Using Group Signature

  • Takayuki Tobita
  • Hironori Yamamoto
  • Hiroshi Doi
  • Keigo Majima
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4298)


As the broadband IP networks have spread rapidly, the number of users of content distribution services has grown. In these services, it is desirable that the user’s usage history and their preferences provided are kept confidential in order to protect their privacy. On the other hand, the usage charges need to be calculated correctly based on the contents received by the user. In the above situation, it is not desirable to charge the user at the instant he or she receives it because the usage history can be deduced from the price of each content. In this paper, we propose a generic scheme for content distribution and charging; this scheme that satisfies this privacy requirement by keeping the usage history confidential. Furthermore, we present a new construction based on the group signature proposed by Ateniese et al. In this construction, the computation and communication costs depend only on the number of contents purchased and not on the total number of available content.


Privacy Group Signature Oblivious Transfer 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aiello, B., Ishai, Y., Reingold, O.: Priced Oblivious Transfer: How to Sell Digital Goods. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 119–135. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Abe, M., Ohkubo, M., Suzuki, K.: 1-out-of-n Signatures from a Variety of Keys. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 415–432. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  3. 3.
    Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Barić, N., Pfitzmann, B.: Collision-free accumulators and fail-stop signature schemes without trees. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 480–494. Springer, Heidelberg (1997)Google Scholar
  5. 5.
    Bellare, M., Namprempre, C., Pointcheval, D., Semanko, M.: The One-More-RSA-Inversion Problems and the Security of Chaum’s Blind Signature Scheme. Journal of Cryptology 16(3), 185–215 (2004)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Boneh, D.: The decision Diffie-Hellman problem. In: Buhler, J.P. (ed.) Algorithmic Number Theory. LNCS, vol. 1423, pp. 48–63. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Boyen, X., Shacham, H.: Short Group Signatures. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 41–55. Springer, Heidelberg (2004)Google Scholar
  8. 8.
    Boudot, F.: Efficient Proofs that a Committed Number Lies in an Interval. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 431–444. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Michels, M.: A group signature scheme with improved efficiency. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 160–174. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  10. 10.
    Camenisch, J., Michels, M.: Separability and efficiency for generic group signature schemes. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 413–430. Springer, Heidelberg (1999)Google Scholar
  11. 11.
    Camenisch, J., Stadlar, M.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)Google Scholar
  12. 12.
    Chan, A., Frankel, Y., Tsiounis, Y.: Easy Come-Easy Go Divisible Cash. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 561–575. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  13. 13.
    Cramer, R., Damgard, I., Schoenmakers, B.: Proofs of Partial Knowledge and Simplified Design of Witness Hiding Protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  14. 14.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A Secure and Optimally Efficient Multi-Authority Election Scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997)Google Scholar
  15. 15.
    Fujisaki, E., Okamoto, T.: Statistical zero knowledge protocols to prove modular polynomial relations. In: Džeroski, S., Lavrač, N. (eds.) Inductive Logic Programming. LNCS, vol. 1297, pp. 16–30. Springer, Heidelberg (1997)Google Scholar
  16. 16.
    Lipmaa, H.: On Diophantine Complexity and Statistical Zero-Knowledge Arguments. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 398–415. Springer, Heidelberg (2003)Google Scholar
  17. 17.
    Naor, M., Pinkas, B.: Oblivious transfer and polynomial evaluation. In: 31st ACM Symposium on Theory of Computing, pp. 145–254. ACM Press, New York (1999)Google Scholar
  18. 18.
    Ogata, W., Kurosawa, K.: Oblivious keyword search. Journal of Complexity 20(2-3), 356–371 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    Rabin, M.: How to exchange secrets by oblivious transfer. Technical Report TR 81, Aiken Computation Lab, Harvard University (1981)Google Scholar
  20. 20.
    Tobita, T., Yamamoto, H., Doi, H., Majima, K.: Efficient Content Distribution and Charging Scheme with Privacy (In Japanese). IPSJ SIG Technical Reports, 2006-CSEC-33, pp.19-24 (2006)Google Scholar
  21. 21.
    Yamamoto, H., Doi, H., Majima, K., Fujii, A.: A Content Distribution and Charging Scheme with Privacy (In Japanese). In: Proc. Computer Security Symposium 2005, pp. 451–456 (2005)Google Scholar
  22. 22.
  23. 23.
    Broadcast Technology No.12, NHK Science and Technical Research Laboratories (Autumn 2002),
  24. 24.
    ETSI TS 102 822-2 V1.3.1. Broadcast and On-line Services: Search, select, and rightful use of content on personal storage systems (”TV-Anytime”); Part 2: System description, etc.Google Scholar
  25. 25.
    ETSI TS 102 822-6-3 V1.1.1. Broadcast and On-line Services: Search, select, and rightful use of content on personal storage systems (”TV-Anytime”); Part 6: Delivery of metadata over a bi-directional network; Sub-part 3: Phase 2 - Exchange of Personal Profile, etc.Google Scholar

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Takayuki Tobita
    • 1
    • 4
  • Hironori Yamamoto
    • 2
  • Hiroshi Doi
    • 1
  • Keigo Majima
    • 3
  1. 1.Institute of Information Security, 2-14-1, Tsuruya-cho, Kanagawa-ku, Yokohama Kanagawa, 221-0835Japan
  2. 2.The University of Chuo, 1-13-27, Kasuga, Bunkyou-ku Tokyo, 112-8551Japan
  3. 3.NHK Science and Technical Research Laboratories, 1-10-11, Kinuta, Setagaya-ku Tokyo, 157-8510Japan
  4. 4.NEC Soft, Ltd., 1-18-7, Shinkiba, Koto-ku Tokyo, 136-8627Japan

Personalised recommendations