Renewable Cryptography - Copy Protection Technical Working Group

innocentsickAI and Robotics

Nov 21, 2013 (3 years and 8 months ago)

62 views

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Renewable
Cryptography

Presentation to the
Copy Protection
Technical Working Group
, July 18, 2002


Behzad Sadeghi

rTrust Technologies

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Renewable Cryptography



The ability of massively distributed systems
to change their underlying cryptosystems
infinitely in real time without hardware or
software upgrades

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Renewable Cryptography


NOT

a copy protection scheme


NOT

a digital rights management system



A core technology that addresses a critical
vulnerability at the heart of all copy
protection schemes and digital rights
management systems

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Massively Distributed Systems


Millions of devices in consumer hands


Thousands of backend servers


Occasional online connection with servers


Extreme price sensitivity


Content protection


Financial transactions

The ability of
massively distributed systems

to change their underlying
cryptosystems infinitely in real time without hardware or software upgrades

Renewable Cryptography

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Changing Underlying Cryptosystems


Security vs. Cryptography


Cryptography: core technology


Thousands of security products vs. only a
handful of cryptosystems


Cryptosystem compromise: wholesale
system
-
wide failure


NOT

the same as changing keys


The ability of massively distributed systems to
change their underlying
cryptosystems

infinitely in real time without hardware or software upgrades

Renewable Cryptography

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Infinitely


Current practice: Hardcode a single
cryptosystem throughout the entire system


Renewability: Maximize the number of
available cryptosystems


True Renewability: Provide an infinite
number of cryptosystems to choose from




The ability of massively distributed systems to change their underlying

cryptosystems
infinitely

in real time without hardware or software upgrades

Renewable Cryptography

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


In Real Time


Immediate response to cryptosystem
compromise


Periodic upgrades of underlying
cryptosystems to render crypto attacks
pointless


Specific to each device



The ability of massively distributed systems to change their underlying

cryptosystems infinitely
in real time

without hardware or software upgrades

Renewable Cryptography

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


No Hardware or Software Upgrades


Command
-
driven cryptosystem upgrades


Single crypto engine with fixed resource
requirements


No overhead on regular crypto operations
due to renewability


NOT

same as crypto
-
module replacement


The ability of massively distributed systems to change their underlying

cryptosystems infinitely in real time
without hardware or software upgrades

Renewable Cryptography

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Renewable Cryptography


DOES NOT

eliminate need to protect keys


DOES NOT

enhance totally offline systems


DOES NOT

keep hackers out


DOES NOT

protect data encrypted or
signed with compromised cryptosystems,
unless they are encrypted or signed again


DOES NOT

address key distribution


Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Renewable Cryptography


DOES

eliminate the possibility of
catastrophic failure of the entire system due
to core crypto compromise (DES, RC4 in
WEP, Koblitz Curves, RSA 700)


DOES

mitigate

long
-
term risks in global,
distributed systems


DOES

represent “Future of Cryptography”

Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Basic Cryptography


Public Key Cryptography


Digital Signatures


Light Payload Encryption


RSA, ECC


Secret Key Cryptography


Bulk Encryption


DES, 3DES, RC4, AES


Hash Functions


Data Integrity


SHA, MD5


Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Renewable Cryptography


Public Key Cryptography


Digital Signatures


Light Payload Encryption


RSA,
ECC


Secret Key Cryptography


Bulk Encryption


DES, 3DES, RC4,
AES Variant


Hash Functions


Data Integrity


SHA, MD5


Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Renewable Cryptography

Deployment Requirements


Complete Backward Compatibility


Complete Standards Compliance


Should decrease costs


Should increase performance


Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


rTrust

Renewable Cryptography Toolkit
TM


Supports all common cryptosystems


Fully standard
-
compliant


Supports all ECC curves


Embedded library from smart card to
mainframe


A single, small upfront licensing fee. No
runtime or unit royalties, ever.


Behzad Sadeghi
behzad.sadeghi@rtrust.com

(626) 405
-
8120




rTrust Technologies
www.rtrust.com


Behzad Sadeghi


Founder, Vice President Business Development

rTrust Technologies


behzad.sadeghi@rtrust.com


(626) 405
-
8120