Standardization and renewability

Hagai Bar-El info at hbarel.com
Wed Aug 3 10:58:13 EDT 2005


Dear Colleagues,

I am currently in the process of writing a short position paper about 
standardization of broadcast renewability schemes. Along with the 
usual challenges that need to be addressed when defining renewability 
methods (methods that allow a system to survive successful attacks, 
basically by changing itself throughout its lifecycle), I am trying 
to tackle what I consider to be the biggest problem of standardizing 
a renewability scheme, which is that evolving a standard is too slow 
and cumbersome of a process to be incorporated into another process 
that is all about prompt response. Simply put, if a broadcast 
mechanism is broken there is no time for the standardization 
committee to re-define it - too much content will be lost by the time 
the job is done.

Up till now I could come up with three approaches to solve this problem:

1. Limit renewability to keying.
2. Generalize the scheme (like the SPDC concept, or MPEG IPMP), more 
or less by making the standard part general, with non-standard "profiles".
3. Standardize sets of key management methods at once, so to have 
spares for immediate switching.

If any one of you has any other approach towards solving this issue I 
will be glad if he posts it on the list. Also, if any one of you 
would like to get a copy of this paper when it's done, please let me 
know by e-mailing me directly.

Regards,
Hagai.

---
Hagai Bar-El - Information Security Analyst
T/F: 972-8-9354152 Web: www.hbarel.com


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list