Abstract:A broadcast encryption allows the sender to securely distribute content to a dynamically changing group of users over a broadcast channel. A public key tracing and revocation scheme can combine the public key encryption with the traitor tracing algorithm. This paper proposes a fully public key tracing and revocation scheme. The salient feature of the scheme is that the secret keys of the users are chosen by the users themselves, while in the previous public key broadcast encryption schemes, the broadcaster publishes the encryption key and distributes the individual secret keys to the users. The scheme deals with the setting of stateless receivers. When the traitors are found, the sender can revoke them without involvement of the remaindering receivers. The encryption algorithm in the scheme is semantically secure against adaptive chosen cipher-text attacks based on the DDH assumption.