NAME
Crypt::SDTree - Subset Difference Encryption/Revocation Scheme
ABSTRACT
Implementation of a broadcast encryption/revocation scheme
DESCRIPTION
This library implements a broadcast encryption and revocation scheme. The basic scheme that is implemented here was proposed by Naor et al. in the paper "Revocation and Tracing Schemes for Stateless Receivers".
To be more detailed, this module allows encryption of a message to a group of users, where a subset of this group is considered to be revoked. All non-revoked users will be able to decrypt the message, while the revoked users will not. The receivers are stateless and do not have to update any state from session to session.
The functionality is split into two sub-packages. To encrypt or send data, please refer to Crypt::SDTree::Publish. To decrypt or receive data, please refer to Crypt::SDTree::Subscribe.
Please note that this module has not been reviewed by anyone other than myself. I am not sure that it actually is secure - while the theoretical basis should be sound it might leak key material or have other implementation defects.
Hence, please consult a cryptographer before using this for anything that is actually important.
AUTHOR
Bernhard Amann, <bernhard@icsi.berkeley.edu>
COPYRIGHT AND LICENSE
Copyright (C) 2010-2012 by Bernhard Amann
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA