class 9 physical security and drm cis 755: advanced computer security spring 2014 eugene vasserman...
TRANSCRIPT
![Page 1: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/1.jpg)
Class 9Physical Security and DRM
CIS 755: Advanced Computer SecuritySpring 2014
Eugene Vasserman
http://www.cis.ksu.edu/~eyv/CIS755_S14/
![Page 2: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/2.jpg)
Administrative stuff
• Project proposal due today (2 pages)
• Quiz II and Exam I pushed back slightly–Quiz II next week
![Page 3: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/3.jpg)
News! News!static OSStatus SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) { OSStatus err; ... if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail; ...fail: SSLFreeBuffer(&signedHashes); SSLFreeBuffer(&hashCtx); return err;}
![Page 4: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/4.jpg)
Trusted computing base (TCB)
• Software-level TCB• Hardware-enforced software constraints• Hardware-level TCB• TPM:
![Page 5: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/5.jpg)
Physical security
• Why use physical security?–Do Kerckhoffs’ principle or Shannon’s maxim
apply?
• Tamper evidence• Tamper resistance• Properties? Differences?• Assumptions? Trade-offs?• Real-world examples
![Page 6: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/6.jpg)
Blu-Ray DRM References
• “Broadcast encryption”• An Overview of the Advanced Access Content
System (AACS). Henry, Sui, and Zhong. Technical report, 2007.
http://cacr.uwaterloo.ca/techreports/2007/cacr2007-25.pdf
• Revocation and Tracing Schemes for Stateless Receivers. Naor, Naor, and Lotspeich. Crypto, 2001.
http://www.iacr.org/archive/crypto2001/21390040.pdf
![Page 7: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/7.jpg)
Decryption
Figure from the Overview tech report
![Page 8: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/8.jpg)
Efficient keying and revocation
Figures from the Overview tech report
![Page 9: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14](https://reader030.vdocuments.net/reader030/viewer/2022032702/56649ca55503460f94965e75/html5/thumbnails/9.jpg)
Questions?
Reading discussion