Jeff Bilger - CSE P 590TU - Winter 2006 The Role of Cryptography in Combating Software Piracy.

Slides:

Advertisements

Similar presentations

TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.

Advertisements

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Sri Lanka Institute of Information Technology

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

Software Certification and Attestation Rajat Moona Director General, C-DAC.

Sec final project A Preposition Secret Sharing Scheme for Message Authentication in Broadcast Networks 王怡君.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Chapter 4  Hash Functions 1 Overview  Cryptographic hash functions are functions that: o Map an arbitrary-length (but finite) input to a fixed-size output.

CSE331: Introduction to Networks and Security Lecture 18 Fall 2002.

CS1001 Lecture 24. Overview Encryption Encryption Artificial Intelligence Artificial Intelligence Homework 4 Homework 4.

CS 591 C3S C ryptography & S teganography S ecure S ystem By: Osama Khaleel.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Lecture 2: Message Authentication Anish Arora CSE5473 Introduction to Network Security.

Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.

CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.

Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.

Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Digital Signatures Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013.

Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.

Acknowledgements: William Stallings.William Stallings All rights Reserved Session 4 Public Key Cryptography (Part 2) Network Security Essentials Application.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

Crypto Bro Rigby. History

Introduction to Stream Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.

CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.

1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Cryptography By, Anthony Lonigro & Valentine Mbah.

LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.

Encryption and Security Dylan Anderson Michael Huffman Julie Rothacher Dylan Anderson Michael Huffman Julie Rothacher.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,

BASIC CRYPTOGRAPHIC CONCEPTS. Public Key Cryptography  Uses two keys for every simplex logical communication link.  Public key  Private key  The use.

Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.

WEP Protocol Weaknesses and Vulnerabilities

Network Security David Lazăr.

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

Public Key Encryption.

Based on Bruce Schneier Chapter 8: Key Management Dulal C Kar.

無線網路安全 WEP. Requirements of Network Security Information Security Confidentiality Integrity Availability Non-repudiation Attack defense Passive Attack.

Lecture 2: Introduction to Cryptography

Cryptography and Network Security Chapter 12 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.

Potential vulnerabilities of IPsec-based VPN

By Sandeep Gadi 12/20/  Design choices for securing a system affect performance, scalability and usability. There is usually a tradeoff between.

CIS 325: Data Communications1 Chapter Seventeen Network Security.

Intro to Cryptography Lesson Introduction

CS426Fall 2010/Lecture 51 Computer Security CS 426 Lecture 5 Cryptography: Cryptographic Hash Function.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

INCS 741: Cryptography Overview and Basic Concepts.

Biometric Encryption Base RSA Algorithm Supervisor: Ass. Prof. Dr. Dang Tran Khanh Student: Dung Ngo Dinh.

1/18 Talking to Strangers: Authentication in Ad-Hoc Wireless Networks Dirk Balfanz 외 2 명 in Xerox Palo Alto Research Center Presentation: Lee Youn-ho.

Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.

- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

Web Applications Security Cryptography 1

CIT 380: Securing Computer Systems

Hardware Protection Against Software Piracy

Presentation transcript:

Jeff Bilger - CSE P 590TU - Winter 2006 The Role of Cryptography in Combating Software Piracy

Jeff Bilger - CSE P 590TU - Winter 2006 Introduction Rationale for anti-piracy measures: economics Early anti-piracy schemes –Obfuscation (simple XORing) –Copy protection (unformatted sectors) –Checksums –Result? We’ll cover –Why crypto is well suited –What can cause crypto to fail –Examples

Jeff Bilger - CSE P 590TU - Winter 2006 Why Cryptography? Premise (if cost exceeds benefit..) –Crypto can significantly increase the cost.. Digital Signatures –Authenticity (source verification – both ways) –Execution control (proprietary HW) Encryption –Obfuscation –Transmit sensitive information over insecure channels One Way Hashes –Integrity (tamper detection) Key Exchange –Allows distributed security

Jeff Bilger - CSE P 590TU - Winter 2006 What can cause crypto to fail? Brute force attacks? –infeasible Bugs Engineering trade-offs –Cost –Capabilities of target platform (CPU, RAM, ROM) Poor Engineering decisions –Poor choices in crypto primitives (SHA-1) Poor key management –PRFs that are not very random –Key value (dictionary attack) –Insecure key storage / transfer Secure vs. insecure systems –Debuggers/monitors

Jeff Bilger - CSE P 590TU - Winter 2006 Example: Alternate Reality 1985 BC multi-encryption cipher –Leventhall/Seville crypto (Dr. Carl Meyer of Lucifer and DES fame) 1.8MHz CPU / 48K bytes RAM Poor key storage Bug in key seed generation algorithm Considered one of the toughest anti- piracy measures to crack of its time

Jeff Bilger - CSE P 590TU - Winter 2006 Example: Xbox 2001 Conical case The MS business model Same secret key on all Xbox devices Secret boot code located on custom chip, not CPU. Communication required over a bus Bus was not encrypted ROM size limitation on custom chip required implementation trade offs –Utilized constant checksum instead of a hash! Hacker captured keys and boot code over the bus Since boot code was not hashed, it could be modified

Jeff Bilger - CSE P 590TU - Winter 2006 Example: Xbox improvements MS changed RC4 secret key Fixed some bugs Constant checksum replaced with hash using TEA –Oops Other non-cryptographic attacks as well (Visor & MIST)

Jeff Bilger - CSE P 590TU - Winter 2006 Example: Valve’s Steam Platform 2004 Content delivery/DRM platform Combines cryptography and online registration Among other things, allows Valve to quickly detect and address incidents of piracy

Jeff Bilger - CSE P 590TU - Winter 2006 Conclusions Can’t stop piracy Cryptography can make it more costly to crack software Secure vs. insecure systems Engineering trade offs/poor decisions Distributed solutions are a good model