Download presentation
Presentation is loading. Please wait.
1
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 1 License Protection with a Tamper-Resistant Token C.N. Chong (Jordan), B. Ren, J. Doumen, S. Etalle, P. H. Hartel and R. Corin Faculty of EEMCS University of Twente The Netherlands
2
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 2 Overview Introduction Objectives Security Requirements License Script License Protection Scheme Prototype Evaluation Conclusions and Future Work
3
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 3 Introduction Content protection is intended to enforce usage rights, which are specified by a license. A license often carries content key, metadata of the content, and some other sensitive information of the user. Therefore, it requires adequate protection.
4
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 4 Objectives To ensure confidentiality and integrity of a license or parts thereof, so that usage rights, keys, metadata can be protected. To enforce different usage rights on different parts of the content and license. To share and control the access on the content or license (or parts thereof) with other users, with flexibility.
5
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 5 Security Requirements We assume some of the system components can be trusted. We define some requirements for our license protection scheme: 1. License integrity 2. Frequent token interaction 3. Key confidentiality
6
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 6 License Script Language License Script is based on multiset rewriting and logic programming. Multiset rewriting can capture dynamic license evolution. Logic programming can capture the static terms and conditions on the licenses.
7
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 7 License Script License license(stock_price, [(canreset(S,B1,B2) :- S==provider, set_value(B1,viewed,0,B2)), (canupdate(S,B1,B2) :- S==provider, get_curr_time(T), set_value(B1,updated,T,B2)), (canview(S,B1,B2) :- get_value(B1,subject,Ss), is_member(S,Ss), get_value(B1,viewed,X), get_value(B1,maxviews,Y), X<=Y, X=X+1, set_value(B1,viewed,X,B2))], [maxviews=10, viewed=0, updated=01012004, subjects=[broker]]) Content Identifier Clauses (Prolog) Bindings Prolog Programs Primitive
![Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug License Script License license(stock_price, [(canreset(S,B1,B2) :- S==provider, set_value(B1,viewed,0,B2)), (canupdate(S,B1,B2) :- S==provider, get_curr_time(T), set_value(B1,updated,T,B2)), (canview(S,B1,B2) :- get_value(B1,subject,Ss), is_member(S,Ss), get_value(B1,viewed,X), get_value(B1,maxviews,Y), X<=Y, X=X+1, set_value(B1,viewed,X,B2))], [maxviews=10, viewed=0, updated= , subjects=[broker]]) Content Identifier Clauses (Prolog) Bindings Prolog Programs Primitive](http://images.slideplayer.com/26/8471446/slides/slide_7.jpg "Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug License Script License license(stock_price, [(canreset(S,B1,B2) :- S==provider, set_value(B1,viewed,0,B2)), (canupdate(S,B1,B2) :- S==provider, get_curr_time(T), set_value(B1,updated,T,B2)), (canview(S,B1,B2) :- get_value(B1,subject,Ss), is_member(S,Ss), get_value(B1,viewed,X), get_value(B1,maxviews,Y), X<=Y, X=X+1, set_value(B1,viewed,X,B2))], [maxviews=10, viewed=0, updated= , subjects=[broker]]) Content Identifier Clauses (Prolog) Bindings Prolog Programs Primitive")
8
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 8 License Protection Scheme We use a key tree and a hardware token. 4 components: application, reference monitor, token and provider. 2 protocols: Protocol A and Protocol B. Application Reference Monitor Token Provider Protocol B Protocol A
9
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 9 Protected Storage Mechanism Protected storage is a service to the host platform in which the trusted platform module (TPM) helps storing confidential data on unprotected storage media. We use protected storage in a form of a key tree.
10
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 10 Key Tree A child node is encrypted using the parent node. The root key is the “master key” for the whole tree. Keys are not exposed when the license is in use. We can selectively deploy the information of the license with other entities by using a key tree. rootkey skey1skey2 skey3skey4 data1 data2data3 data4
11
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 11 Protected License rootkey skey1skey2 skey3skey4 data1 data2data3 data4 license(stock_price, [(canreset(S,B1,B2) :- S==provider, set_value(B1,viewed,0,B2)), (canupdate(S,B1,B2) :- S==provider, get_curr_time(T), set_value(B1,updated,T,B2)), (canview(S,B1,B2) :- get_value(B1,subject,Ss), is_member(S,Ss), get_value(B1,viewed,X), get_value(B1,maxviews,Y), X<=Y, X=X+1, set_value(B1,viewed,X,B2))], [maxviews=10, viewed=0, updated=01012004, subjects=[broker]])
![Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug Protected License rootkey skey1skey2 skey3skey4 data1 data2data3 data4 license(stock_price, [(canreset(S,B1,B2) :- S==provider, set_value(B1,viewed,0,B2)), (canupdate(S,B1,B2) :- S==provider, get_curr_time(T), set_value(B1,updated,T,B2)), (canview(S,B1,B2) :- get_value(B1,subject,Ss), is_member(S,Ss), get_value(B1,viewed,X), get_value(B1,maxviews,Y), X<=Y, X=X+1, set_value(B1,viewed,X,B2))], [maxviews=10, viewed=0, updated= , subjects=[broker]])](http://images.slideplayer.com/26/8471446/slides/slide_11.jpg "Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug Protected License rootkey skey1skey2 skey3skey4 data1 data2data3 data4 license(stock_price, [(canreset(S,B1,B2) :- S==provider, set_value(B1,viewed,0,B2)), (canupdate(S,B1,B2) :- S==provider, get_curr_time(T), set_value(B1,updated,T,B2)), (canview(S,B1,B2) :- get_value(B1,subject,Ss), is_member(S,Ss), get_value(B1,viewed,X), get_value(B1,maxviews,Y), X<=Y, X=X+1, set_value(B1,viewed,X,B2))], [maxviews=10, viewed=0, updated= , subjects=[broker]])")
12
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 12 Protected License license(stock_price, [(canreset(S,B1,B2) :- cipher(“CJ…”,skey1)), (canupdate(S,B1,B2) :- cipher(“XY…”,skey3)), (canview(S,B1,B2) :- cipher(“AB…”,skey4))], [maxviews=cipher(“12…”,skey4), viewed=cipher(“AC…”,skey4), updated=01012004, skey1=cipher(“89…”,rootkey), skey2=cipher(“aC…”,rootkey), skey3=cipher(“CC…”,skey1), skey4=cipher(“XA…”,skey2), mac=cipher(“JK…”,rootkey), subjects=[(provider,rootkey), (broker,skey2), (alice,skey4)]]) Predicate that stores the encrypted value with the key Storage keys Message Authentication Code
![Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug Protected License license(stock_price, [(canreset(S,B1,B2) :- cipher( CJ… ,skey1)), (canupdate(S,B1,B2) :- cipher( XY… ,skey3)), (canview(S,B1,B2) :- cipher( AB… ,skey4))], [maxviews=cipher( 12… ,skey4), viewed=cipher( AC… ,skey4), updated= , skey1=cipher( 89… ,rootkey), skey2=cipher( aC… ,rootkey), skey3=cipher( CC… ,skey1), skey4=cipher( XA… ,skey2), mac=cipher( JK… ,rootkey), subjects=[(provider,rootkey), (broker,skey2), (alice,skey4)]]) Predicate that stores the encrypted value with the key Storage keys Message Authentication Code](http://images.slideplayer.com/26/8471446/slides/slide_12.jpg "Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug Protected License license(stock_price, [(canreset(S,B1,B2) :- cipher( CJ… ,skey1)), (canupdate(S,B1,B2) :- cipher( XY… ,skey3)), (canview(S,B1,B2) :- cipher( AB… ,skey4))], [maxviews=cipher( 12… ,skey4), viewed=cipher( AC… ,skey4), updated= , skey1=cipher( 89… ,rootkey), skey2=cipher( aC… ,rootkey), skey3=cipher( CC… ,skey1), skey4=cipher( XA… ,skey2), mac=cipher( JK… ,rootkey), subjects=[(provider,rootkey), (broker,skey2), (alice,skey4)]]) Predicate that stores the encrypted value with the key Storage keys Message Authentication Code")
13
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 13 Protocol A To send a protected license to the application. To send the public key of the application to the token. 1. A->T : {A,P,“name”} 2. T->A : {N,MAC(N,K (P,T) ),A,P,T,“name”}_K + eP 3. A->P : {A,{N,MAC(N,K (P,T) ),A,P,T,“name”}_K + eP } 4. P->A : {Lic,{N+1,A, K + eA }_K + eT } 5. A->T : {N+1,A, K + eA }_K + eT
14
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 14 Protocols: Protocol B To use the protected license. 1. A->T : {A,Lic,MAC(Lic,K (P,T) )} 2. T->A : {K ss1 }_K + eA 3. A->T : {Key,{D}_K st,“param”}_K ss1 } 4. T->R : {{D,SIG(D,K - sT )}_K ss2,{K ss1, K ss2 }_K + eR } 5. R->A : {D}_K ss1 6. A->T : {D’}_K ss1 7. T->A : {{D’}_ K st }_K ss1 8. A->T : {Lic’}_K ss1 9. T->A : {MAC(Lic’,K (P,T) )}_K ss1
15
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 15 Security Analysis CoProVe verification. Security requirements are fulfilled: License integrity: using MAC. Frequent token interaction: different parts of the content/license are encrypted using different keys. Key confidentiality: keys stored on the license are encrypted.
16
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 16 Prototype License Interpreter acts as a reference monitor. ECLiPSe. Meta-Interpreter. Rewrite Rules. Token (Java iButton) Application (Java) Reference Monitor (License Interpreter) Provider (Java) Serial Socket
17
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 17 Performance Evaluation Test 1: Level of the key tree It takes approximately 1.22 seconds to decrypt data of ≤128 bytes at level 10 of the key tree. Test 2: License Reconstruction It takes approximately 2.25 seconds to reconstruct the license for an arbitrary updated level in the key tree. Conclusion: suitable for shallow key trees and small licenses.
18
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 18 Conclusions A license is an important element of digital rights management (DRM). We propose a license protection scheme based on a tamper-resistant token and a key tree. We apply it to the License Script licenses. A prototype is built by using the Java iButton. Performance assessment and formal verification. It is secure (w.r.t. assumptions) and practical (for shallow key trees and small licenses).
19
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 19 Future Work To extend our business model of one token per provider to one token and many providers. To use a USB connection for performance improvement. To extend the protection scheme for protecting fancy media.
20
Workshop on Information Security Applications (WISA 2004) Jeju Island, Korea 23 Aug – 25 Aug 2004 20 Thank you for your attention! Questions? Answers?…
Similar presentations
