class 9 physical security and drm cis 755: advanced computer security spring 2014 eugene vasserman...

9

Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman http://www.cis.ksu.edu/~eyv/ CIS755_S14/

Upload: alessandro-edrington

Post on 15-Dec-2015

220 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Class 9Physical Security and DRM

CIS 755: Advanced Computer SecuritySpring 2014

Eugene Vasserman

http://www.cis.ksu.edu/~eyv/CIS755_S14/

Page 2: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Administrative stuff

• Project proposal due today (2 pages)

• Quiz II and Exam I pushed back slightly–Quiz II next week

Page 3: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

News! News!static OSStatus SSLVerifySignedServerKeyExchange(SSLContext *ctx, bool isRsa, SSLBuffer signedParams, uint8_t *signature, UInt16 signatureLen) { OSStatus err; ... if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail; ...fail: SSLFreeBuffer(&signedHashes); SSLFreeBuffer(&hashCtx); return err;}

Page 4: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Trusted computing base (TCB)

• Software-level TCB• Hardware-enforced software constraints• Hardware-level TCB• TPM:

Page 5: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Physical security

• Why use physical security?–Do Kerckhoffs’ principle or Shannon’s maxim

apply?

• Tamper evidence• Tamper resistance• Properties? Differences?• Assumptions? Trade-offs?• Real-world examples

Page 6: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Blu-Ray DRM References

• “Broadcast encryption”• An Overview of the Advanced Access Content

System (AACS). Henry, Sui, and Zhong. Technical report, 2007.

http://cacr.uwaterloo.ca/techreports/2007/cacr2007-25.pdf

• Revocation and Tracing Schemes for Stateless Receivers. Naor, Naor, and Lotspeich. Crypto, 2001.

http://www.iacr.org/archive/crypto2001/21390040.pdf

Page 7: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Decryption

Figure from the Overview tech report

Page 8: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Efficient keying and revocation

Figures from the Overview tech report

Page 9: Class 9 Physical Security and DRM CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Questions?

Reading discussion

Sasha Vasserman. Two triangles are similar if two pairs of corresponding angles are congruent

Bloque 1sd3y4 eyv

Class 13 Review CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

One-way indexing for plausible deniability in censorship ... · One-way indexing for plausible deniability in censorship resistant storage Eugene Vasserman, Victor Heorhiadi, Nicholas

Class 20 Usability CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Class 11 Enterprise Network Protection CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

EYV 2011 - VOLUNTEERING MATTERS Impact of Youth ... · PDF fileEYV 2011 - VOLUNTEERING MATTERS Impact of Youth Volunteering in Philippines April - October 2011 By Mimmi Viviana Clase

Combating Double-Spending Using Cooperative P2P Systems Author : Ivan Osipkov, Eugene Y. Vasserman, Nicholas Hopper, Yongdae Kim Source : International

Michael Schliep*, Eugene Vasserman, and Nicholas Hopper ...hoppernj/sym_gotr_pets18.pdfConsistentSynchronousGroupOﬀ-The-RecordMessagingwithSYM-GOTR 183 – Message RepudiationThere

45G9E FHCC?K 5A8 DH5?=GK =FFH9F =A (9AGE5? 5A8 ......,2)0 %"-)% /0)3)170158.21 06:17.21 *97.3 ,7/.5 d`fcTVd Rd Zd eYV TRdV Z_ S`eY JfddZR R_U eYV M\cRZ_V W`c ViR^a]V) A_ eYV M\cRZ_V

20 a 14 : 16 : 30 EM V —BE ! 03-6825-5503 37-18 eyV H P ... · 20 a 14 : 16 : 30 EM V —BE ! 03-6825-5503 37-18 eyV H P : http:l 12 : : 05 F453-0015 8-12 7— IF TEL: 052-452-6036

Milena Vasserman Roni Wiksman Argentina is in The flag of Argentina

Class 3 Cryptography Refresher II CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

8RjU` C`RU m 3ZdY`ad :eTYZ Xe` m 4G%( #BH @WWVcd Z eYV ... · a`eV_eZR] W`c R_ R__ViV hYZ]V eYV WfceYVc U`fS]V SVUc``^ YRd R gZVh `W eYV UV]ZXYeWf] cVRc XRcUV_ R_U eYV eYZcU SVUc``^

EYV 2011 - VOLUNTEERING MATTERS Impact of Youth ... · Several universities are members of AIESEC, an international youth run organisation present in 110 countries. It facilitates

Web Security Sankar Roy 1. Acknowledgement While preparing the presentation slides and the demo, I received help from Professor Eugene Vasserman Professor

GRAPEVIN TUSCANY’S E · eYV TYRcT`R] XcZ]]+ 3ZdeVTTR R]]R 7Z`cV_eZ_R E 3`_V deVR\ ]R^S ^ZiVU XcZ]] DaVTZR]ZkVU Z_ dVRW``U UZdYVd hZeY WcVdY WZdY VgVcj URj :_ eYV XcVV_ =fTTR T`f_ecjdZUV

Van Gogh I - jackooij.nl · Van Gogh I • • • • • • EYV Rce `W dV]]Z_X j`fc W]`cR 9VRU ^`Uf]V EYV Rce `W dV]]Z_X j`fc W]`cR DZUV ^`Uf]V "#! EYV Rce `W dV]]Z_X j`fc W]`cR

0*)$rbdi.bruylant.be/public/modele/rbdi/content/rbdi_2016... · 2016-09-26 · `eYVc h`cUd%eYV Z_ZeZR] RZ^ `W eYZd RceZT]V Zd e` R_R]jdV eYV VT`_`^ZT%d`TZR] R_U a`]ZeZTR] T`_eVie

7$ >65:2 D6CG6C - ReQuest Inc.request.com/documents/2016 ReQuest Product Portfolio.pdfdVcgVcd Z_e` R T`^aRTe a`hVcY`fdV HZeY eYV RSZ]Zej e` RUU f_]Z^ZeVU ?2D UVgZTVd eYV 7$ TR_ YR_U]V

318 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 12, …people.cs.vt.edu/~irchen/6204/pdf/Vasserman-TMC13.pdfVampire is active; nodes are safe while the Vampire sleeps. However, this

Z XhZeY Yf^R Z^a]R eRS]V^ZTc`TYZadW`cZ^^ZXcR ed · Re eYV 4R_RUR 4`f_TZ] W`c eYV 2ced, Rd Ac`XcR^^Z_X 4``cUZ_Re`c Re WV^Z_Zde ^VUZR Rce TV_ecV DefUZ` II R_U Rd 6UZe`c Z_ 4YZVW `W

EYV @WWZTZR] ?Vhd]VeeVc `W EYV 6 XZ VVcZ X DefUV …ess.uvic.ca/documents/stream_a/fishwrap/2000-09//2000-10-10.pdf · So come on out, have fun, and give that beat-up, striped down,

Voluntary Disclosure and Personalized Pricing · Voluntary Disclosure and Personalized Pricing∗ S. Nageeb Ali† Greg Lewis‡ Shoshana Vasserman§ December 5, 2019 Abstract A concern

Class 5 Channels and Preview CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Retrofitting Communication Security into a Publish ...people.cs.ksu.edu/~eyv/papers/mdcf-sehc14.pdf · Retrofitting Communication Security into a Publish/Subscribe Middleware Platform

Class 8 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

9^]cT]cb · @_ cV]ReZ‘_ e‘ eYV Z_T‘^V deReV^V_e W‘c -+,0 R_U W‘c eYV WZcde bfRceVc ‘W -+,1’ eYV V_ecj Z_e‘ W‘cTV ‘W 8R_\ ‘W JaRZ_ 9ZcTf]Rc 0*-+,/ Z_ eYV WZcde

Class 13 Introduction to Anonymity CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

5th edition July 11th > 17th 2017fidmarseille.org/pdf/CatalogueFIDCampus2017.pdf · dYV [`Z_VU eYV >`fZd >f^ZVcV dTY``] Z_ >j`_ EYV Îc h`c\VU Sd 6 A B hZeY S VTZS] Z_eVcV Z_ d`f_U

Class 4 Secure Channels and Practical Considerations CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

Class 19 Wrap-up and Review CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman eyv/CIS755_S14

Class 7 Network Protection and Digital Currency CIS 755: Advanced Computer Security Spring 2015 Eugene Vasserman eyv/CIS755_S15

Vampire attacks: Draining life from wireless ad-hoc …hoppernj/vampires_tmc.pdf1 Vampire attacks: Draining life from wireless ad-hoc sensor networks Eugene Y. Vasserman∗ and Nicholas