Remotely keyed encryption with Java cards: a secure and efficient method to encrypt multimedia streams

Multimedia data streams often require encryption; examples include digital pay-TV and workstation video conferencing. The secret key should be carried in a personal device such as a smart card or an i-button. However, the processor on such a device is too slow to encrypt/decrypt the multimedia stream in real time. We show that remotely keyed encryption can be used to solve the problem: for each block of multimedia data, the host sends a data-dependent challenge to the card, the card computes a session key based on the challenge and the secret key and sends it back to the host. Encryption/decryption of the main data stream is then entirely done on the (fast) host. The secret key never leaves the card. We also present experimental performance results for our scheme using an i-button programmed in Java and a PC as the host.

[1]  Bruce Schneier,et al.  Improved Cryptanalysis of Rijndael , 2000, FSE.

[2]  Stefan Lucks,et al.  The Sum of PRPs Is a Secure PRF , 2000, EUROCRYPT.

[3]  Stefan Lucks,et al.  Neue Ergebnisse zur Sicherheit des Verschlüsselungsstandards AES , 2002, Datenschutz und Datensicherheit.

[4]  Stefan Lucks,et al.  How to Make DES-based Smartcards fit for the 21-st Century , 2000, CARDIS.

[5]  Stefan Lucks,et al.  Sicherheitsprobleme bei Authentifizierung und Verschlüsselung in GSM-Netzen , 1998 .

[6]  Stefan Lucks,et al.  On the Minimal Hardware Complexity of Pseudorandom Function Generators , 2001, STACS.

[7]  Stefan Lucks,et al.  Faster Luby-Rackoff Ciphers , 1996, FSE.

[8]  Stefan Lucks,et al.  Improved Cryptanalysis of the Self-Shrinking Generator , 2001, ACISP.

[9]  Stefan Lucks,et al.  Security on Your Hand: Secure Filesystems with a "Non-Cryptographic" JAVA-Ring , 2000, Java Card Workshop.

[10]  Stefan Lucks,et al.  Bias in the LEVIATHAN Stream Cipher , 2001, FSE.

[11]  Stefan Lucks,et al.  Standardmäßige Wave-LAN Unsicherheit , 2001, Datenschutz und Datensicherheit.

[12]  Stefan Lucks,et al.  Sicherheit des GSM- Verschlüsselungsstandards A5 , 2000, Datenschutz und Datensicherheit.

[13]  J. Christensen Doctoral thesis , 1970 .

[14]  Stefan Lucks,et al.  A Variant of the Cramer-Shoup Cryptosystem for Groups of Unknown Order , 2002, ASIACRYPT.

[15]  Stefan Lucks,et al.  How to Ring a Swan: Adding Tamper Resistant Authentication to Linux IPSec , 2000 .

[16]  Stefan Lucks BEAST: A Fast Block Cipher for Arbitrary Blocksizes , 1996, Communications and Multimedia Security.

[17]  Stefan Lucks,et al.  Open Key Exchange: How to Defeat Dictionary Attacks Without Encrypting Public Keys , 1997, Security Protocols Workshop.

[18]  Wolfgang Effelsberg,et al.  Combining Authentication and Light-Weight Payment for Active Networks , 2000, SMARTNET.

[19]  Stefan Lucks,et al.  Attacking Seven Rounds of Rijndael under 192-bit and 256-bit Keys , 2000, AES Candidate Conference.

[20]  Rüdiger Weis A protocol improvement for High-bandwidth encryption using non-encrypting Smart Cards , 1999, Conference on Information Security Management & Small Systems Security.

[21]  Stefan Lucks,et al.  Sichere, Standardisierte, Symmetrische Verschlüsselung auf Basis von DES und AES , 1999, PIK Prax. Informationsverarbeitung Kommun..

[22]  Stefan Lucks,et al.  Fast encryption for set-top technologies , 1998, Electronic Imaging.

[23]  Stefan Lucks,et al.  Remotely Keyed Encryption Using Non-Encrypting Smart Cards , 1999, Smartcard.

[24]  Stefan Lucks,et al.  Stand der Faktorisierungsforschung , 2000, Datenschutz und Datensicherheit.

[25]  Joan Feigenbaum,et al.  A formal treatment of remotely keyed encryption , 1998, SODA '99.

[26]  Stefan Lucks On Security of the 128-Bit Block Cipher DEAL , 1999, FSE.

[27]  Stefan Lucks,et al.  The Performance of Modern Block Ciphers in Java , 1998, CARDIS.

[28]  Stefan Lucks,et al.  "All your key bit are belong to us" the true story of black box cryptography , 2002 .

[29]  Matt Blaze,et al.  High-Bandwidth Encryption with Low-Bandwidth Smartcards , 1996, FSE.

[30]  Stefan Lucks,et al.  Die dritte AES-Konferenz in New York - Vor der Entscheidung über den DES Nachfolger , 2000, Datenschutz und Datensicherheit.

[31]  Stefan Lucks Systematische Entwurfsmethoden für praktikable Kryptosysteme , 1997 .

[32]  Stefan Lucks On the Security of Remotely Keyed Encryption , 1997, FSE.

[33]  Stefan Lucks The Saturation Attack - A Bait for Twofish , 2000, FSE.

[34]  Wolfgang Effelsberg,et al.  How to Make a Digital Whiteboard Secure - Using Java-Cards for Multimedia Applications , 2000, IDMS.