90 likes | 316 Vues
Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014. Eugene Vasserman http://www.cis.ksu.edu/~eyv/CIS755_S14/. Administrative stuff. Project proposal due today (2 pages) Quiz II and Exam I pushed back slightly Quiz II next week. News! News!.
E N D
Class 9Physical Security and DRMCIS 755: Advanced Computer SecuritySpring 2014 Eugene Vasserman http://www.cis.ksu.edu/~eyv/CIS755_S14/
Administrative stuff • Project proposal due today (2 pages) • Quiz II and Exam I pushed back slightly • Quiz II next week
News! News! static OSStatus SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) { OSStatus err; ... if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail; ... fail: SSLFreeBuffer(&signedHashes); SSLFreeBuffer(&hashCtx); return err; }
Trusted computing base (TCB) • Software-level TCB • Hardware-enforced software constraints • Hardware-level TCB • TPM:
Physical security • Why use physical security? • Do Kerckhoffs’ principle or Shannon’s maxim apply? • Tamper evidence • Tamper resistance • Properties? Differences? • Assumptions? Trade-offs? • Real-world examples
Blu-Ray DRM References • “Broadcast encryption” • An Overview of the Advanced Access Content System (AACS). Henry, Sui, and Zhong. Technical report, 2007. http://cacr.uwaterloo.ca/techreports/2007/cacr2007-25.pdf • Revocation and Tracing Schemes for Stateless Receivers. Naor, Naor, and Lotspeich. Crypto, 2001. http://www.iacr.org/archive/crypto2001/21390040.pdf
Decryption Figure from the Overview tech report
Efficient keying and revocation Figures from the Overview tech report
Questions? Reading discussion