1WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

WP 3 -- Security Technology And Multimedia Delivery

Computer Engineering and Networks Laboratory, ETH Zurich

Lukas Ruf

2WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Security Aspects

• Intellectual Property Rights

• Value of Information

• Authentication And Key Exchange

• Data Administration: Security & Protection

• Data Delivery

3WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Value of Informationvalue

time

value of

information

value of

information

time

value

value of

information

time

value

value of

information

time

value

Definition of applied security.

4WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Authentication And Key Exchange

• Symmetric Encryption– Kerberos 5, IETF Standard, arbitrated protocol

(trusted keyserver)

• Asymmetric Encryption– DASS, DEC, arbitrated protocol with public

keys of users.

5WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Data Administration: Security & Protection

• Administration– per university in a decentralized platform– per project in a centralized platform

• Data Protection– user data: privacy, small amount of data, high

security-level strong encryption (IDEA)– lecture data: public but w. IPR, huge amount of

data, low security-level weak encryption (DES)

6WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Data Delivery

• Secured network infrastructure– network-access restrictions

• inter-university intra-university

• Insecure network (e.g. Internet)– user authentication and validation

7WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Data Delivery -- Encryption

• multimedia data encryption– partial encryption protocol dependency, high

speed.– full encryption protocol independency, low

speed

Which is the encrypting Layer ?

8WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Cryptography in Universal

• Temporary valid session keys for symmetrical encryption based on an asymmetrical encryption keys.

• Hierarchical authentication scheme:– ISO: X.509– Kerberos v. 5– PGP

9WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Cryptography in Universal

• Obscuring technology (partial encryption) for audio/video data.

• Full encryption for static teaching aids.

• Algorithms according to the requirements,see presentation Security Techniques for IPR by T. Klobucar at WP1-Meeting

10WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

this page is itentionally left blank

11WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Multimedia Data DeliveryProcessing speed

• Timely limited usability

• Full encryption vs. partial encryption

• Strong vs. weak encryption

12WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Cryptography

• Symmetric:– identical key for encryption and decryption– DES, 3DES, IDEA, CAST, RCx, Blowfish– advantage: fast en/decrypting of data,

implementation available in hard- and software– disadvantage: key must be known to all

participants

13WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Cryptography

• Asymmetric:– public- and private-key to encrypt and decrypt– RSA, ElGamal, Rabin– advantage: different keys for encryption and

decryption.– disadvantage: very slow

14WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Key Exchange

• Required to distribute encryption keys

• Approaches:– Centralized: Trusted Keyserver

• stores locally all keys

• generates session keys upon request

• must be contacted for every session

– Decentralized:Public-Key-Infrastructure (PKI)(e.g. PGP’s Web of Trust)

15WP3 Presentation, ETH

Lukas Ruf, TIK April 6th 2000

Intellectual Property Rights (IPR)

• Protection schemes– anti-replay– timed validity/usability– digital watermarks, digital signatures

• Scope of IPR application

• Scope of data distribution