Preventing users from sharing their decryption capabilities is a notoriously difficult problem. It naturally arises in the context of paid services or of access to confidential information. Traitor tracing schemes were introduced to tackle this issue, but this approach is contingent on the detection of rogue decryption devices. Kiayias and Tang were the first to address the problem pre-emptively: they introduced leakage-deterring encryptions scheme, in which a secret valuable to a user is embedded in her public key, and can be recovered by anyone with access to a decryption device. Users are thereby dissuaded from sharing their decryption capabilities lest they share their valuable secret as well.
In this talk, Kiayias and Tang’s model and construction will be first discussed, as well as their respective shortcomings. Secondly, a new model, guaranteeing full user-privacy and overcoming the aforementioned shortcomings, will be exposed. Lastly, efficient constructions proved secure in the new model are to be presented. This solves the problem of devising an efficient and privacy-friendly leakage-deterring encryption scheme.