Standardization and renewability
Hagai Bar-El
info at hbarel.com
Wed Aug 3 10:58:13 EDT 2005
Dear Colleagues,
I am currently in the process of writing a short position paper about
standardization of broadcast renewability schemes. Along with the
usual challenges that need to be addressed when defining renewability
methods (methods that allow a system to survive successful attacks,
basically by changing itself throughout its lifecycle), I am trying
to tackle what I consider to be the biggest problem of standardizing
a renewability scheme, which is that evolving a standard is too slow
and cumbersome of a process to be incorporated into another process
that is all about prompt response. Simply put, if a broadcast
mechanism is broken there is no time for the standardization
committee to re-define it - too much content will be lost by the time
the job is done.
Up till now I could come up with three approaches to solve this problem:
1. Limit renewability to keying.
2. Generalize the scheme (like the SPDC concept, or MPEG IPMP), more
or less by making the standard part general, with non-standard "profiles".
3. Standardize sets of key management methods at once, so to have
spares for immediate switching.
If any one of you has any other approach towards solving this issue I
will be glad if he posts it on the list. Also, if any one of you
would like to get a copy of this paper when it's done, please let me
know by e-mailing me directly.
Regards,
Hagai.
---
Hagai Bar-El - Information Security Analyst
T/F: 972-8-9354152 Web: www.hbarel.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list