We propose a stream cipher that provides confidentiality, traceability and renewability in the context of broadcast encryption assuming that collusion-resistant watermarks exist. We prove it to be as secure as the generic pseudo-random sequence on which it operates. This encryption approach, termed fingercasting, achieves joint decryption and fingerprinting of broadcast messages in such a way that an adversary cannot separate both operations or prevent them from happening simultaneously. The scheme is a combination of a known broadcast encryption scheme, a well-known class of fingerprinting schemes and an encryption scheme inspired by the Chameleon cipher. It is the first to provide a formal security proof and a non-constant lower bound for resistance against collusion of malicious users (i.e.) a minimum number of content copies needed to remove all fingerprints. To achieve traceability, the scheme fingerprints the receivers’ key tables such that they embed a fingerprint into the content during decryption. The scheme is efficient and includes parameters that allow, for example, to trade-off storage size for computation cost at the receiving end.