The research objective is development of a software system for cryptographic control of dynamic conditional data access.
When cryptography is used for securing broadcasting communications or stored data, usually it is based on encryption/decryption employing a session-encrypting key (SEK) shared by the parties. Ensuring that only the valid members of the group have SEK at any given time instance is the key management problem. To make this updating possible, another set of keys called the key-encrypting keys (KEKs) should be involved so that it can be used to encrypt and deliver the updated SEK to the valid members of the group. Hence, the key management problem reduces to the problem of distributing KEKs to the members such that at any given time instance all the valid members can be securely updated with the new SEK.
The cryptographic keys management is usually a core issue of the digital rights management (DRM). Particularly, the keys management appears as the substantial issue regarding conditional access to data or contents delivered via broadcasting.
Broadcast encryption (BE) schemes define methods for encrypting content so that only privileged users are able to recover the content from the broadcast. Later on, this flagship BE application has been extended to another one – media content protection.
Accordingly, the objective of research/development are the implementation aspects of certain recently published techniques for the conditional data access control based on the broadcast encryption concept, and related applications.
The proposed project includes implementation issues of the
software dvelopment for the conditional data access employing the algorithms and
the applications reported in the following papers.
[1] M. Mihaljevic, M. Fossorier and H. Imai,
"Secret-public storage trade-off for broadcast encryption
key management", ICICS 2004,
Lecture Notes in Computer Science, vol. 3269, pp. 375-387, October 2004.
[2] M. Mihaljevic, "Reconfigurable key management for
broadcast encryption",
IEEE Communications Letters, vol. 8, pp. 440-442, July
2004.
[3] M. Mihaljevic, "Key management schemes for stateless
receivers based on time varying heterogeneous logical
key hierarchy", ASIACRYPT 2003,
Lecture Notes in Computer Science, vol. 2894, pp. 137-154,
Dec. 2003.
[4] M. Mihaljevic, "Broadcast encryption schemes based on
the sectioned key tree", ICICS2003,
Lecture Notes in Computer Science, vol. 2836, pp. 158-169,
Oct. 2003.
[5] M. Mihaljevic and H. Imai,
"Novel method for implementation of certain key management
schemes
to minimize secret storage", IEEE CCNC 2005,
Las Vegas, USA, January 2005, Proceedings, pp. xxx-yyy.
(accepted for publication)
[6] M. Mihaljevic, M.P.C. Fossorier and H. Imai,
"One-way mapping of keys and the overheads trade-off in key
management
schemes for broadcast encryption",
Int. Symp. Inform. Theory and its Appl. - ISITA2004,
Parma, Italy, October 2004, Proceedings, pp. 486-491.
[7] M. Mihaljevic and H. Imai,
"A method for data access control in certain storage area
networks",
7th Int. Symp. on Wireless Personal Multimedia Comm. -
WPMC2004,
Albano Terme, Italy, September 2004, Proceedings, pp.
V3:488-491.
Particularly note that the above references [1]-[7] are the published results of certain research activities within the project 1625 "Advanced Mathematical Methods for Cryptographic Security and Modelling of Information" (the fundamental research program of the Ministry for the period 2002 - 2005).
The main project goal is development of a software system
which yields:
- implementation of the novel results reported in the
references [1]-[7] (listed in the sections 11/12) on coditional data access
employing cryptographic keys management and related applications;
- a prototype like background for further potential development of certain (dedicated)
comercial software.
Accordingly, the partucular project goals include the
following:
- design of the software system;
- development of the basic software structure;
- design of particular software modules;
- testing and upgrading of the system;
- optimization of the developed system.
The design and development of the basic structure of the software system are based on the concepts and algorithmic issues reported in [1]-[7].
Development of particular software modules follows certain elements reported in [1]-[7] and desired implementation requirements.
The proposed software development is of a direct importance for development of certain advanced commercial software packages for technical support of the conditional contents (data) access based on cryptographic techniques. It is assumed that the conditional access control is required because the contents are transmitted via public (not secured) communication channels or stored in the public storages so that anybody could pick-up the exposed data but the form of the exposed data should be such that only legitimate users could recover the related information/content.
The importance of the proposed software development
originates, as well, from the following statements:
- the software development is based on the recently reported
novel techniques for the cryptographic keys management suitable for the
conditional data access control in broadcasting/multicasting and related
scenarios;
- the proposed software system development should
demonstrate the implementation characteristics of the novel methods and theirs
applications reported in [1]-[7], and should be a prototype like background for
further possible development of dedicated commercial software packages.
The advantages of the employed background methods reported
in [1]-[7] include the following:
- the employed background techniques yield minimization of
the required system overheads due to the conditional data access control
mechanisms;
- they yield more flexible framework for preserving the
system efficiency regarding the
different data access control scenarios as well as the dynamics of these
scenarios.
Particularly, the importance of the proposed software development is also a consequence of the importance and timeliness of the background results published in the high level international publications (IEEE Comm. Lett. and Lecture Notes in Computer Science).
The proposed software development appears as a direct
contribution towards developing certain business oriented applications. A
particular illustrative business problem can be considered via the following
model:
- the business is related to the revenue collection for the
contents/information delivery via public channels via broadcasting or
multicasting so that only the legitimate users (the users which pay for the
service) can recover the contents/information from the broadcast/multicast;
- the interest of the users vary in time, so that the set of
legitimate users is a dynamical one;
- the technical support is required for dynamical control of
the user's access privileges.
There is a number of entities with business interest for the
proposed software development, and potentially this set includes the following
entities:
- companies for development and production of specialized
information systems;
- certain Internt providers;
- certain telecom departments;
- broadcasting or multicasting organizations;
- certain governmental institutions.
A business like goal of the proposed software development is to show basic implementation and performances of the novel techniques for conditional data access, and accordingly yield a background for potential development of dedicated business oriented software packages.
The proposed software development originates from the recently reported research results published in the highly ranked research publications (see the references [1]-[7]) and so, the proposed software development appears as an activity of interest for upgrading the technical components for certain information technology oriented businesses.
Taking into account all the above statements it appears that there are strong indications on the potential business interest and possibility for obtaining profits from the low cost investment into proposed software development.