___________________
Chi-Wei Chiang, Anton Kozlov and Gene Itkis. Java Based Cryptographic Provider for Itkis-Reyzin Forward-Secure Signature Algorithm. BU-CS Technical Report.
G. Itkis and A. Maiss. Interactive Password Schemes.
G. Itkis and M. Lapkina. Project WebSafe.
A. Agarwal, G. Itkis and A. Shenoy. Simulation
of a Multicast Security Scheme Using MACs.
G. Itkis, A. Kogan, O. Polnarev, and M. Lapkina Client-Side Encryption on WebSafe Project.
G. Itkis, K. Pinkas and V. Punjabi. Websafe: a Secure and Efficient Solution for Storing Data on the Web.
H. Hamandi and G. Itkis. Secure Group Key Manager.
*C: Content Management and Protection Standard
Content Management and Protection (CMP) systems should ensure that only
authorized actions (uses of content) are performed with the content. Such
systems should therefore address authorization specification - how the
authorized actions are specified and distinguished from unauthorized ones - and
authorization enforcement - how unauthorized actions are prevented.
It is our belief that a CMP standard should focus on creating an infrastructure
within which diverse proprietary authorization specification and enforcement tools
can be effectively and dynamically deployed. The standard should specify the
least number of specific tools as is feasible in order to achieve this.
In this paper we outline a proposed top-level structure for such a standard.
This structure might be implemented differently in different contexts, over
different hardware platforms. Since CMP has to be addressed in a heterogeneous
environment, this common top-level structure should facilitate integration
between diverse tools and interfaces.
Secrets: Who Needs Them, When, and How
This white paper examines a central issue in Content Management and
Protection (sometimes referred to as copy protection), analyzing which types of
devices may have no unique secret keys (private keys) without seriously
compromising security. The paper considers scenarios for utilizing such
devices.
We conclude that some simple devices, such as DVD players, could function with
no unique secret keys without presenting a significant security threat, though
these devices would still need to support Public Key cryptography functions.
However, we conclude that it is essential for devices such as digital
televisions (dTVs) to contain unique secret keys. Without a private key, device
revocation is impossible; the compromise of any one of these ?unanimous?
devices (such as via a single leak by a disgruntled employee) would then be
likely to neutralize the entire security system.
The Role
of Revocation in Content Protection
This paper reviews the role of device/certificate revocation in content
management and protection (CMP) systems. Drawing on the experience of the
Pay-TV Conditional Access (CA) industry, which has a nearly perfect record of
controlling piracy, we argue that revocation is a necessary but not sufficient
component in combating piracy. The apparent tendency to limit active
anti-piracy measures to revocation is likely to cripple the security of CMP
systems. The paper extrapolates the lessons of the Pay-TV CA experience to
propose other content protection systems where security providers would be
allowed to play an active role and anti-piracy measures would include, but not
be limited to, revocation of compromised devices.
Copyright
Protection, Analysis and Authorization Chains, Response to DAVIC CFP
7, London, May. 1997.
This document analyzed different existing approaches to copyright
protection for digital audio/video content and their limitations. Presented a
new approach based on a framework enabling existing and future approaches and
solutions to be deployed and utilized in an effective and efficient fashion.
Asymmetric
MACs, presented
at CRYPTO-96 rump session.
Message Authentication Code (MAC) is a very efficient method of verification
of authenticity and integrity of messages. It uses a secret key shared by the
sender and the receiver. In the case of a broadcast, this presents a potential
problem: the sender and all the receivers share the same key, so one receiver
can impersonate the sender to all the other receivers. This problem could be
resolved using public key cryptography, but these schemes are orders of
magnitude less efficient than the symmetric techniques employed in MACs. We
define Asymmetric MACs (AMACs), give a construction converting any symmetric
MAC scheme into an asymmetric one. In an AMAC scheme all receivers have
different keys, thus no receiver can impersonate the sender to any other
receiver, and our AMAC construction is resilient even against the collusion attacks.