Key management for encrypted broadcast

We consider broadcast applications where the transmissions need to be encrypted, such as direct broadcast digital TV networks or Internet multicasts. In these applications the number of encrypted TV programs may be very large, but the secure memory capacity at the set-top terminals (STT) is severely limited due to the need to withstand pirate attacks and hardware tampering. Despite this, we would like to allow the service provider to offer different packages of programs to the users. A user who buys a package should be able to view every program belonging to that package, but nothing else. A flexible scheme should allow for packages of various sizes to be offered, from a single program up to all the programs. We suggest two novel schemes to manage the encryption keys for these applications. The schemes are highly flexible, and understandable to users, yet require very few keys to be stored in the STTs’ secure memory. The computational power required of the STTs is very low. The security of these schemes is as good or better than that offered by current technology.

[1]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[2]  Jean-Jacques Quisquater,et al.  Cryptology for digital TV broadcasting , 1995, Proc. IEEE.

[3]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[4]  Avishai Wool,et al.  Long-Lived Broadcast Encryption , 2000, CRYPTO.

[5]  Solomon W. Golomb,et al.  Shift Register Sequences , 1981 .

[6]  Avishai Wool,et al.  Key management for restricted multicast using broadcast encryption , 2000, TNET.

[7]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[8]  Bob Briscoe,et al.  MARKS: Zero Side Effect Multicast Key Management Using Arbitrarily Revealed Key Sequences , 1999, Networked Group Communication.

[9]  Ramarathnam Venkatesan,et al.  Design of practical and provably good random number generators , 1995, SODA '95.

[10]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[11]  Jacques Stern,et al.  An Efficient Pseudo-Random Generator Provably as Secure as Syndrome Decoding , 1996, EUROCRYPT.

[12]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[13]  Carlo Blundo,et al.  Space Requirements for Broadcast Encryption , 1994, EUROCRYPT.

[14]  Douglas R. Stinson,et al.  Trade-offs Between Communication and Storage in Unconditionally Secure Schemes for Broadcast Encryption and Interactive Key Distribution , 1996, CRYPTO.

[15]  Wen-Tsuen Chen,et al.  Secure Broadcasting Using the Secure Lock , 1989, IEEE Trans. Software Eng..

[16]  Moni Naor,et al.  Efficient cryptographic schemes provably as secure as subset sum , 1989, 30th Annual Symposium on Foundations of Computer Science.

[17]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[18]  Li Gong New protocols for third-party-based authentication and secure broadcast , 1994, CCS '94.

[19]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[20]  Bruce Schneier,et al.  Building PRFs from PRPs , 1998, CRYPTO.

[21]  Matthew J. Moyer,et al.  A survey of security issues in multicast communications , 1999, IEEE Network.

[22]  Avishai Wool,et al.  On location-restricted services , 1999 .

[23]  Stafford E. Tavares,et al.  Flexible Access Control with Master Keys , 1989, CRYPTO.

[24]  Ralph Howard,et al.  Data encryption standard , 1987 .

[25]  Andrew M. Odlyzko,et al.  Discrete Logarithms in Finite Fields and Their Cryptographic Significance , 1985, EUROCRYPT.

[26]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[27]  Jessica Staddon,et al.  Combinatorial Bounds for Broadcast Encryption , 1998, EUROCRYPT.

[28]  Douglas R. Stinson,et al.  Generalized Beimel-Chor Schemes for Broadcast Encryption and Interactive Key Distribution , 1998, Theor. Comput. Sci..

[29]  Garrett Birkhoff,et al.  A survey of modern algebra , 1942 .

[30]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[31]  O. Antoine,et al.  Theory of Error-correcting Codes , 2022 .

[32]  Gian-Carlo Rota,et al.  THE NUMBER OF SUBSPACES OF A VECTOR SPACE. , 1969 .

[33]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[34]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[35]  Michael Luby,et al.  Pseudorandomness and cryptographic applications , 1996, Princeton computer science notes.