Project 006138

Software System for Cryptographic Control of Dynamic Conditional Data Access


Leader: dr Miodrag Mihaljevi


Subject of research

The research objective is development of a software system for cryptographic control of dynamic conditional data access.

When cryptography is used for securing broadcasting communications or stored data, usually it is based on encryption/decryption employing a session-encrypting key (SEK) shared by the parties. Ensuring that only the valid members of the group have SEK at any given time instance is the key management problem. To make this updating possible, another set of keys called the key-encrypting keys (KEKs) should be involved so that it can be used to encrypt and deliver the updated SEK to the valid members of the group. Hence, the key management problem reduces to the problem of distributing KEKs to the members such that at any given time instance all the valid members can be securely updated with the new SEK.

The cryptographic keys management is usually a core issue of the digital rights management (DRM). Particularly, the keys management appears as the substantial issue regarding conditional access to data or contents delivered via broadcasting.

Broadcast encryption (BE) schemes define methods for encrypting content so that only privileged users are able to recover the content from the broadcast. Later on, this flagship BE application has been extended to another one media content protection.

Accordingly, the objective of research/development are the implementation aspects of certain recently published techniques for the conditional data access control based on the broadcast encryption concept, and related applications.

Description of the work

The proposed project includes implementation issues of the software dvelopment for the conditional data access employing the algorithms and the applications reported in the following papers.

[1] M. Mihaljevic, M. Fossorier and H. Imai,
"Secret-public storage trade-off for broadcast encryption
key management", ICICS 2004,
Lecture Notes in Computer Science, vol. 3269, pp. 375-387, October 2004.

[2] M. Mihaljevic, "Reconfigurable key management for
broadcast encryption",
IEEE Communications Letters, vol. 8, pp. 440-442, July 2004.

[3] M. Mihaljevic, "Key management schemes for stateless
receivers based on time varying heterogeneous logical
key hierarchy", ASIACRYPT 2003,
Lecture Notes in Computer Science, vol. 2894, pp. 137-154,
Dec. 2003.

[4] M. Mihaljevic, "Broadcast encryption schemes based on
the sectioned key tree", ICICS2003,
Lecture Notes in Computer Science, vol. 2836, pp. 158-169,
Oct. 2003.

[5] M. Mihaljevic and H. Imai,
"Novel method for implementation of certain key management schemes
to minimize secret storage", IEEE CCNC 2005,
Las Vegas, USA, January 2005, Proceedings, pp. xxx-yyy.
(accepted for publication)

[6] M. Mihaljevic, M.P.C. Fossorier and H. Imai,
"One-way mapping of keys and the overheads trade-off in key management
schemes for broadcast encryption",
Int. Symp. Inform. Theory and its Appl. - ISITA2004,
Parma, Italy, October 2004, Proceedings, pp. 486-491.

[7] M. Mihaljevic and H. Imai,
"A method for data access control in certain storage area networks",
7th Int. Symp. on Wireless Personal Multimedia Comm. - WPMC2004,
Albano Terme, Italy, September 2004, Proceedings, pp. V3:488-491.

Particularly note that the above references [1]-[7] are the published results of certain research activities within the project 1625 "Advanced Mathematical Methods for Cryptographic Security and Modelling of Information" (the fundamental research program of the Ministry for the period 2002 - 2005).


Research Goal

The main project goal is development of a software system which yields:
- implementation of the novel results reported in the references [1]-[7] (listed in the sections 11/12) on coditional data access employing cryptographic keys management and related applications;
- a prototype like background for further potential development of certain (dedicated) comercial software.

Accordingly, the partucular project goals include the following:
- design of the software system;
- development of the basic software structure;
- design of particular software modules;
- testing and upgrading of the system;
- optimization of the developed system.

The design and development of the basic structure of the software system are based on the concepts and algorithmic issues reported in [1]-[7].

Development of particular software modules follows certain elements reported in [1]-[7] and desired implementation requirements.

Importance of the Research

The proposed software development is of a direct importance for development of certain advanced commercial software packages for technical support of the conditional contents (data) access based on cryptographic techniques. It is assumed that the conditional access control is required because the contents are transmitted via public (not secured) communication channels or stored in the public storages so that anybody could pick-up the exposed data but the form of the exposed data should be such that only legitimate users could recover the related information/content.

The importance of the proposed software development originates, as well, from the following statements:
- the software development is based on the recently reported novel techniques for the cryptographic keys management suitable for the conditional data access control in broadcasting/multicasting and related scenarios;
- the proposed software system development should demonstrate the implementation characteristics of the novel methods and theirs applications reported in [1]-[7], and should be a prototype like background for further possible development of dedicated commercial software packages.

The advantages of the employed background methods reported in [1]-[7] include the following:
- the employed background techniques yield minimization of the required system overheads due to the conditional data access control mechanisms;
- they yield more flexible framework for preserving the system efficiency regarding the different data access control scenarios as well as the dynamics of these scenarios.

Particularly, the importance of the proposed software development is also a consequence of the importance and timeliness of the background results published in the high level international publications (IEEE Comm. Lett. and Lecture Notes in Computer Science).

Techno-Economical Analysis and Possibility of Return on Investment

The proposed software development appears as a direct contribution towards developing certain business oriented applications. A particular illustrative business problem can be considered via the following model:
- the business is related to the revenue collection for the contents/information delivery via public channels via broadcasting or multicasting so that only the legitimate users (the users which pay for the service) can recover the contents/information from the broadcast/multicast;
- the interest of the users vary in time, so that the set of legitimate users is a dynamical one;
- the technical support is required for dynamical control of the user's access privileges.

There is a number of entities with business interest for the proposed software development, and potentially this set includes the following entities:
- companies for development and production of specialized information systems;
- certain Internt providers;
- certain telecom departments;
- broadcasting or multicasting organizations;
- certain governmental institutions.

A business like goal of the proposed software development is to show basic implementation and performances of the novel techniques for conditional data access, and accordingly yield a background for potential development of dedicated business oriented software packages.

The proposed software development originates from the recently reported research results published in the highly ranked research publications (see the references [1]-[7]) and so, the proposed software development appears as an activity of interest for upgrading the technical components for certain information technology oriented businesses.

Taking into account all the above statements it appears that there are strong indications on the potential business interest and possibility for obtaining profits from the low cost investment into proposed software development.