Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Renewable
Cryptography
Presentation to the
Copy Protection
Technical Working Group
, July 18, 2002
Behzad Sadeghi
rTrust Technologies
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Renewable Cryptography
•
The ability of massively distributed systems
to change their underlying cryptosystems
infinitely in real time without hardware or
software upgrades
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Renewable Cryptography
•
NOT
a copy protection scheme
•
NOT
a digital rights management system
•
A core technology that addresses a critical
vulnerability at the heart of all copy
protection schemes and digital rights
management systems
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Massively Distributed Systems
•
Millions of devices in consumer hands
•
Thousands of backend servers
•
Occasional online connection with servers
•
Extreme price sensitivity
•
Content protection
•
Financial transactions
The ability of
massively distributed systems
to change their underlying
cryptosystems infinitely in real time without hardware or software upgrades
Renewable Cryptography
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Changing Underlying Cryptosystems
•
Security vs. Cryptography
•
Cryptography: core technology
•
Thousands of security products vs. only a
handful of cryptosystems
•
Cryptosystem compromise: wholesale
system
-
wide failure
•
NOT
the same as changing keys
The ability of massively distributed systems to
change their underlying
cryptosystems
infinitely in real time without hardware or software upgrades
Renewable Cryptography
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Infinitely
•
Current practice: Hardcode a single
cryptosystem throughout the entire system
•
Renewability: Maximize the number of
available cryptosystems
•
True Renewability: Provide an infinite
number of cryptosystems to choose from
The ability of massively distributed systems to change their underlying
cryptosystems
infinitely
in real time without hardware or software upgrades
Renewable Cryptography
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
In Real Time
•
Immediate response to cryptosystem
compromise
•
Periodic upgrades of underlying
cryptosystems to render crypto attacks
pointless
•
Specific to each device
The ability of massively distributed systems to change their underlying
cryptosystems infinitely
in real time
without hardware or software upgrades
Renewable Cryptography
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
No Hardware or Software Upgrades
•
Command
-
driven cryptosystem upgrades
•
Single crypto engine with fixed resource
requirements
•
No overhead on regular crypto operations
due to renewability
•
NOT
same as crypto
-
module replacement
The ability of massively distributed systems to change their underlying
cryptosystems infinitely in real time
without hardware or software upgrades
Renewable Cryptography
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Renewable Cryptography
•
DOES NOT
eliminate need to protect keys
•
DOES NOT
enhance totally offline systems
•
DOES NOT
keep hackers out
•
DOES NOT
protect data encrypted or
signed with compromised cryptosystems,
unless they are encrypted or signed again
•
DOES NOT
address key distribution
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Renewable Cryptography
•
DOES
eliminate the possibility of
catastrophic failure of the entire system due
to core crypto compromise (DES, RC4 in
WEP, Koblitz Curves, RSA 700)
•
DOES
mitigate
long
-
term risks in global,
distributed systems
•
DOES
represent “Future of Cryptography”
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Basic Cryptography
•
Public Key Cryptography
•
Digital Signatures
•
Light Payload Encryption
•
RSA, ECC
•
Secret Key Cryptography
•
Bulk Encryption
•
DES, 3DES, RC4, AES
•
Hash Functions
•
Data Integrity
•
SHA, MD5
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Renewable Cryptography
•
Public Key Cryptography
•
Digital Signatures
•
Light Payload Encryption
•
RSA,
ECC
•
Secret Key Cryptography
•
Bulk Encryption
•
DES, 3DES, RC4,
AES Variant
•
Hash Functions
•
Data Integrity
•
SHA, MD5
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Renewable Cryptography
Deployment Requirements
•
Complete Backward Compatibility
•
Complete Standards Compliance
•
Should decrease costs
•
Should increase performance
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
rTrust
Renewable Cryptography Toolkit
TM
•
Supports all common cryptosystems
•
Fully standard
-
compliant
•
Supports all ECC curves
•
Embedded library from smart card to
mainframe
•
A single, small upfront licensing fee. No
runtime or unit royalties, ever.
Behzad Sadeghi
behzad.sadeghi@rtrust.com
(626) 405
-
8120
rTrust Technologies
www.rtrust.com
Behzad Sadeghi
Founder, Vice President Business Development
rTrust Technologies
behzad.sadeghi@rtrust.com
(626) 405
-
8120
Enter the password to open this PDF file:
File name:
-
File size:
-
Title:
-
Author:
-
Subject:
-
Keywords:
-
Creation Date:
-
Modification Date:
-
Creator:
-
PDF Producer:
-
PDF Version:
-
Page Count:
-
Preparing document for printing…
0%
Σχόλια 0
Συνδεθείτε για να κοινοποιήσετε σχόλιο