Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS155a: E-Commerce Lecture 6: Sept. 25, 2001 Technical-Protection Services for Online Content Distribution.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS155a: E-Commerce Lecture 6: Sept. 25, 2001 Technical-Protection Services for Online Content Distribution."— Presentation transcript:

1 CS155a: E-Commerce Lecture 6: Sept. 25, 2001 Technical-Protection Services for Online Content Distribution

2 Symmetric-Key Crypto D(E(x, k), k) = x (decryption, encryption, plaintext, key) Alice and Bob choose k AB Alice: y <-- E(x, k AB ) (ciphertext) Alice --> Bob: y Bob: x <-- D(y, k AB ) (Eve does not know k AB )

3 Well Studied and Commercially Available –DES –IDEA –FEAL-n –RC5  AES Users must deal with key management

4 Public-Key Crypto D(E(x, PK u ), SK u ) = x (user’s Secret Key, user’s public key) Bob generates SK bob, PK bob Bob publishes PK bob Alice: Lookup PK bob y <-- E (x, PK bob ) Alice -->Bob: y Bob: x <-- D(y, SK bob ) (Eve does not know SK bob. )

5 Digital Signatures... Trickier than the paper “analogue” Doc 1 -JF Doc 2 -JF Doc n -JF

6 3-part Scheme Key Generation Procedure cc PK jf SK jf directory JF’s machine...

7 Signature Procedure DocSK jf SIG

8 Verification Procedure DocPK jf SIG Accept / Reject

9 Examples RSA El Gamal DSA McEliece

10 Watermarking Note similarity with and difference from digital signature scheme. Open Problem: Public-key watermarking. Watermark Insertion Watermark Detection Marked Object Accept or Reject Owner’s Key Unmarked Object Owner’s Key Object

11 Content Distributor Encrypted Content Player App. Player App. Paying Customer Player App. Thief (no k) kk

12 Common Elements of Many TPSs Mass-Market broadcast content –Anyone can get ciphertext, which is broadcast on low-cost channel (e.g., web page, broadcast TV). –Encrypted once. Decryption key k sent only to paying customers on lower-bandwidth, higher-cost channel.

13 Possible Realization for Web Pages Customer U and content-server use basic security protocol, e.g., SSL, to create “session key” K U and transfer payment from U to server. Server sends k’ = E(k, K U ) to U. U’s browser computes k = D (k’, K U ), downloads encrypted content, decrypts it using k, and displays it.

14 Possible Shortcomings Why can’t U print, save, or otherwise redirect displayed content? Why can’t a hacker steal k while it’s in use? Interaction of browser with other local- network software, e.g., back-up system?

15 Crypto. Theory Myth: Private Environments KDC Key Generation c K AB Alice Bob Alice Y E(X, K AB ) Bob X D(Y, K AB ) Y

16 Modern Computing Reality Alice Admin AjAj AiAi Bob Admin BmBm BlBl Eve Alice

17 Real Sources of Compromise Unwatched Terminals Administrative Staff Changes Misconfigurations OS Bugs Bad Random-Number Generators Not sophisticated break-ins!

18 Possible Realization for Pay-TV K ui is entered in i th “set-top box” when box is installed. E(k, K u1 ), …, E(k, K uN ) are broadcast with encrypted program. Shortcoming: One broken box can be used to steal all future programs.

19 Uses of Watermarking in TPSs Broadcast of marked object, controlled distribution of keys. (Same architecture as in broadcast of encrypted content... and same shortcomings.) Web crawlers can search for unauthorized copies of marked objects. Unauthorized modification of marked objects can be detected by “fragile watermarking schemes.” Special-purpose devices can refuse to copy marked objects.

20 Superdistribution Content is packaged with “terms and conditions” that are checked by a “rights- management system” and can be augmented by value-adding middlemen. Content Originator Redistributor Payment Clearing System End user End user End user End user

21 Reading Assignment for September 27, 2001 Appendix G of The Digital Dilemma (http://books.nap.edu/html/digital_dilemma/)http://books.nap.edu/html/digital_dilemma/ The OpenLaw DVD/DeCSS Forum FAQ List (http://eon.law.harvard.edu/openlaw/DVD/dvd-discuss- faq.html)http://eon.law.harvard.edu/openlaw/DVD/dvd-discuss- faq.html US v. Sklyarov FAQ from the Electronic Frontier Foundation (EFF) (http://www.eff.org/IP/DMCA/US_v_Sklyarov/us_v_sklyar ov_faq.html)http://www.eff.org/IP/DMCA/US_v_Sklyarov/us_v_sklyar ov_faq.html

Download ppt "CS155a: E-Commerce Lecture 6: Sept. 25, 2001 Technical-Protection Services for Online Content Distribution."

Similar presentations

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Asymmetric-Key Cryptography

Asymmetric-Key Cryptography
Lecture 3.3: Public Key Cryptography III CS 436/636/736 Spring 2012 Nitesh Saxena.

Lecture 3.3: Public Key Cryptography III CS 436/636/736 Spring 2012 Nitesh Saxena.
CS155b: E-Commerce Lecture 6: Jan. 25, 2001 Security and Privacy, Continued.

CS155b: E-Commerce Lecture 6: Jan. 25, 2001 Security and Privacy, Continued.
Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography

Cryptography in World War II Jefferson Institute for Lifelong Learning at UVa Spring 2006 David Evans Class 4: Modern Cryptography
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.

Lect. 11: Public Key Cryptography. 2 Contents 1.Introduction to PKC 2.Hard problems  IFP  DLP 3.Public Key Encryptions  RSA  ElGamal 4.Digital Signatures.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.

Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.

Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
CS155b: E-Commerce Lecture 2: Jan. 11, 2001 Course Overview.

CS155b: E-Commerce Lecture 2: Jan. 11, 2001 Course Overview.
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Similar presentations

Ads by Google