1. No category

M262 Putting Computers Systems to Work

T325: Technologies for digital media
Second semester – 2011/2012
Block 2 – Intellectual Property and Security Issues
Arab Open University – Spring 2012
1
INTELLECTUAL PROPERTY
RIGHTS
Arab Open University – Spring 2012
2
• Digital technologies made easier the production and
distribution of works (music, films, etc.)
• Large proportion of incomes of entertainment industry
comes from selling copies of digital work
• Entertainment industry feels threatened by illegal copying
and distribution
• The way intellectual property rights are interpreted and
enforced will have a significant impact on how digital
works are distributed in the future, both in an electronic
form or in a storage medium
Introduction
Arab Open University – Spring 2012
3
• Intellectual property (IP) takes several different forms
• IP-Related laws attempt to balance the interests of
different parties.
• There is no universally agreed balance
• Laws change to reflect the changes in the views of
dominant players and changes in technologies.
• Intellectual property (IP) can allow you to own things you
create in a similar way to owning physical property.
Introduction
Arab Open University – Spring 2012
4
• The term ‘intellectual property’ is commonly used to
refer to the actual invention or creative work, and also to
the rights associated with the works.
• Types of intellectual property
• Copyright : protects material, such as literature, art, music,
sound recordings, films and broadcasts.
• Designs : protect the visual appearance or eye appeal of
products.
• Patents : protect the technical and functional aspects of
products and processes.
• Trademarks : protect signs that can distinguish the goods
and services of one trader from those of another.
What is Intellectual Property (IP)?
Arab Open University – Spring 2012
5
• Comparison of Intellectual Property to physical
property is highly contentious.
• knowledge is non-rivalrous.
• If I have an idea and I tell it to another person, then I can
still have that idea -- we are not rivals in the possession of
the same idea.
• This is not the case with rivalrous objects; if I give someone
a pair of my shoes, then I can no longer wear those same
shoes.
• Intellectual property is treated in law differently to
physical property:
• Certain exclusive rights awarded to owners of intellectual
property are time limited, after which the works are
considered to be in the public domain.
Intellectual Property vs. Physical Property
Arab Open University – Spring 2012
6
• Intellectual property rights can be described as an attempt
to establish a trade-off between rewarding individuals and
benefiting society
• The owners of intellectual property can be organizations,
not only individuals
• Three main stakeholders:
• Creators, commerce and the public.
• Intellectual property is characterized as a bundle of rights.
• Examples of the rights associated with a novel : to produce
a printed edition for sale in particular countries, to translate
it, to film it, to adapt it for the stage, and so on.
• The word ‘instrument’ describes the recognized forms of
intellectual property.
Definition of intellectual property
Arab Open University – Spring 2012
7
• Rights can be disposed
• Example: pass some of these rights to a publisher through a
signed contract
• Economic exploitation of the novel is only possible by
someone who holds the right to do so.
• Rights can be fragmented and traded
• Allows many freelance creators (novelists, lone inventors or
software creators) to generate money from their work
• Copyright between Employee and Employer
• contracts of employment usually state that the rights in any
creative work done as part of their employment are
automatically the property of their employer.
Definition of intellectual property
Arab Open University – Spring 2012
8
• Exceptions to copyright legislation are generally a
recognition that users or consumers should be able to do
certain things with copyrighted works, to a limited extent
or in special circumstances, that copyright legislation
forbids when performed on a larger scale or in other
circumstances.
• The exceptions to copyright legislation generally come
under the heading of ‘fair dealing’.
• research and private study.
• criticism, review and news reporting.
• incidental inclusion of copyright material.
Rights and exceptions of copyright
Arab Open University – Spring 2012
9
• The Creative Commons movement has looked for a
remedy that does not discard the concept of copyright.
• The movement envisages copyright as a set of explicit
permissions rather than an implicit prohibition.
• Most intellectual property rights are covered by civil law,
however, Because of the large impact intellectual
property infringement has on the economy in the UK,
some infringements of intellectual property rights when
done on a large scale are criminal offences  Selling a
fake DVD!
• The term of copyright is at present too long
• Some economists argue that the optimal term of copyright is
at most 7 years, other consider a term of 25 years
•More on intellectual property
Arab Open University – Spring 2012
10
• Creators can choose among or a combination of four
license elements
Arab Open University – Spring 2012
11
Software piracy -results of 2006
Global Software
Piracy Study,
figures for
European Union
countries
12
SECURITY
Arab Open University – Spring 2012
13
• Now, we shall look at some of the technologies employed
to make infringement of copyright more difficult.
• Security of intellectual property involves both access
control and copy control.
• Some of the restrictions imposed by copyright holders go
beyond the exclusive rights provided by copyright laws
 licenses
• In most forms of security attack the attackers do not have
access to the unprotected versions of the data being
protected. However, attackers of copyrighted works may
have legitimate access to unprotected versions of works
 Purchasing a DVD
Introduction
Arab Open University – Spring 2012
14
•
•
•
•
Principles of encryption
Vulnerability to attack
Integrity
Authentication
Security techniques
Arab Open University – Spring 2012
15
• An encryption algorithm and all its possible keys,
plaintexts and cipher texts is known as a cryptosystem or
cryptographic system.
Principles of encryption
Arab Open University – Spring 2012
16
• Cryptography is the art and science of keeping messages
secret.
• Requirements for cryptography: It should be
computationally infeasible to derive:
• Plaintext from the cipher text without knowledge of the
decryption key
• Cipher text from the plaintext without knowledge of the
encryption key.
• Types of cryptographic systems
• Symmetric or shared key systems systems
• Asymmetric or Public key systems.
Cryptography
Arab Open University – Spring 2012
17
• Sharing a single secret key between the two
communicating entities  used for both encryption and
decryption.
• In practice, the encryption and decryption keys are often
different but it is relatively straightforward to calculate
one key from the other
Symmetric key systems
Arab Open University – Spring 2012
18
• Derive a formula for the number of shared keys needed in
a system of “n” communicating entities.
• Each entity in the network of “n” entities requires a
separate key to use for communications with every other
entity in the network, so the number of keys required by
each entity is: (n -1)
• But each entity shares a key with another entity, so the
number of shared keys for each entity is: (n-1)/2
 In a system of “n” communicating entities the number
of shared keys required is: n x (n-1)/2
Symmetric key systems - Activity
Arab Open University – Spring 2012
19
• Encryption can be done either on blocks of data or on
continuous streams
• Two types of symmetric key systems
• Block cipher
• Stream cipher
Symmetric key systems
Arab Open University – Spring 2012
20
• A block cipher operates on groups of bits: typically
groups of 64.
• If the final block of the plaintext message is shorter than
64 bits, it is padded with some regular pattern of 1s and
0s to make a complete block.
• Block ciphers encrypt each block independently
• A block of plaintext will always encrypt to the same
block of cipher text provided that the same algorithm and
key are used
Symmetric key systems – Block cipher
Arab Open University – Spring 2012
21
• A stream cipher [unlike a block cipher] generally operates
on one bit of plaintext at a time, although some stream
ciphers operate on bytes.
• A component called a key stream generator generates a
sequence of bits, usually known as a key stream.
• In the simplest form of stream cipher, a modulo-2 adder
(exclusive-OR or XOR gate) combines each bit in the
plaintext with each bit in the key stream to produce the
cipher text.
• Stream ciphers can be classified as
• Synchronous
• Self-synchronizing
Symmetric key systems – Stream cipher
Arab Open University – Spring 2012
22
Encryption
Decryption
Symmetric key systems – Stream cipher
Arab Open University – Spring 2012
23
• In a synchronous stream cipher, the key stream output is a
function of a key, ONLY, and is generated independently
of the plaintext and the cipher text.
• A single bit error in the cipher text will result in only a
single bit error in the decrypted plaintext
Synchronous stream cipher
Arab Open University – Spring 2012
24
• In a self-synchronizing cipher, the key stream is a
function of the key and several bits [n] of the cipher
output.
• Because the key stream outputs depend on the previous
“n” bits of the plaintext or the cipher text, the encryption
and decryption key stream generators are automatically
synchronized after “n” bits.
• However, a single bit error in the cipher text results in an
error burst with a length dependent on the number of
cipher output bits used to compute the key stream.
Self-synchronising cipher
Arab Open University – Spring 2012
25
Self-synchronising cipher
Arab Open University – Spring 2012
26
Symmetric key systems: Examples of
Commercial systems
Arab Open University – Spring 2012
27
• Asymmetric or public key systems are based on encryption
techniques whereby data that has been encrypted by one key
can [ONLY] be decrypted by a different, seemingly unrelated,
key.
• One of the keys is known as the public key and the other is
known as the private key  related to each other
mathematically  The relationship is complex  it is
computationally infeasible to calculate one key from the other.
• Each communicating entity will have its own key pair:
• private key will be kept secret
• public key will be made freely available
• Using asymmetric key systems with “n” communicating
entities, the number of key pairs required is “n”.
Asymmetric key systems
Arab Open University – Spring 2012
28
Asymmetric key systems: Examples of
Commercial Systems
Arab Open University – Spring 2012
29
• All the symmetric and public key algorithms listed
previously share the fundamental property that their
secrecy lies in the key and not in the algorithm.
• This is generally known as Kerchoff’s Principle, after the
Dutchman who first proposed it in the nineteenth century.
• This means that the security of any system using
encryption should not be compromised by knowledge of
the algorithm used.
Vulnerability to attack
Arab Open University – Spring 2012
30
• Cryptanalysis is the science of breaking a cipher without
knowledge of the key (and often the algorithm) used.
• Its goal is either to recover the plaintext of the message or to
deduce the decryption key so that other messages encrypted
with the same key can be decrypted.
• One of the more obvious attacks is to try every possible key
(i.e. the finite set of possible keys, known as the key space)
until the result yields some intelligible data.
• This kind of attack is known as a Brute Force Attack.
• Clearly, the greater the key space, the greater the immunity to
a brute force attack.
Cryptanalysis
Arab Open University – Spring 2012
31
• Assuming you could process 1012 key attempts per
second, calculate how long it would take to search the
keyspace of a 56-bit key. Compare this with the time
needed to search the keyspace of a 128-bit key.
• A keyspace of 56 bits provides 256 = 7.2 x 1016 possible
keys. At a rate of 1012 keys per second it would take
approximately 7.2 x 104 s or about 20 h to try every key.
• A keyspace of 128 bits provides 2128 = 3.4 x 1038
possible keys. This would take approximately 3.4 x 1026 s
or about 1019 years. (Note: the lifetime to date of the
universe is thought to be of the order of 1010 years!)
Cryptanalysis - Activity
Arab Open University – Spring 2012
32
• Which of the two types of cryptographic systems is
better : Symmetric or Asymmetric?
• A major advantage of asymmetric key systems over
symmetric key systems is that no exchange of a secret
key is required between communicating entities.
• In practice, public key cryptography is rarely used for
encrypting [entire] messages for the following reasons:
• Security: it is vulnerable to chosen plaintext attacks.
• Speed: encrypting data with public key algorithms generally
takes about 1000 times longer than with symmetric key
algorithms.
• Instead, a combination of symmetric and asymmetric
key systems is often used
Hybrid systems
Arab Open University – Spring 2012
33
• Integrity: relates to assurance that there has been no
unauthorized modification of a message and that the
version received is the same as the version sent
• Why encryption alone does not provide a completely
workable solution for integrity ?
• Encryption process carries overheads in terms of resources
and for some applications it is preferable to send data in the
clear.
• Some network management protocols separate the
confidentiality and integrity functions, so encryption is not
always appropriate.
 Concise identity of the original message is needed to
check against the received message to reveal any possible
discrepancies between the two  Message digest
Integrity
Arab Open University – Spring 2012
34
• Message digest: consists of a small, fixed-length block of
data, also known as a hash value, which is a function of
the original message.
• The hash value is dependent on all the original data  it
will change even if only one bit of the data changes
• The hash value is calculated by applying a mathematical
function, known as a hash function, which converts a
variable-length string to a fixed-length string.
• It is easy to compute a hash value for a given input string,
but extremely difficult to deduce the input string from the
hash value  one-way hash functions
Integrity
Arab Open University – Spring 2012
35
• A message authentication code is similar to a one-way
hash function and has the same properties, but the
algorithm uses the additional ingredient of a secret key,
and therefore possession of the key to perform the check
is necessary.
• Authentication: the process of verifying an identity
claimed by or for a system entity
• Authentication is needed to provide some assurance about
the source of a message: did it originate from the location
it appears to have originated from?
Authentication
Arab Open University – Spring 2012
36
• Some additional assurance is required that irrevocable
binds together the true identity of a person with a public
key.
• This assurance can be provided by a trusted third party,
known as a certification authority  independent
companies (such as Verisign)
• The certification authority knows only the public key of
the entity and not the private key, which should of course
be kept secret at all times.
Authentication
Arab Open University – Spring 2012
37
• Certification authorities form part of what is known as a
Public Key Infrastructure (PKI)
• PKI: is a combination of services and encryption
techniques that together are used to protect the security of
data over networks.
• A PKI includes
• a registration authority, which checks and verifies the
credentials of a user before a digital certificate can be issued
• a certification authority that issues and verifies digital
certificates
• directory services for the publishing of public keys and
certificates
• certificate management and key management services.
Digital certificate
Arab Open University – Spring 2012
38
Public key infrastructure
Arab Open University – Spring 2012
39
• Three examples
• DVD player for pre-recorded DVDs: Content Scrambling
System (CSS)
• Digital video broadcast (DVB) conditional access
• Windows Media Player.
Media players
Arab Open University – Spring 2012
40
• Each DVD player has a set of secret player keys that can
be used to play any DVD
• 409 player keys is provided
• Has a table stored in a hidden area that has encrypted
versions of the disc key
• In addition, each disc has stored another version of the
disc key  encrypted with the disc key itself
• The DVD player will select one of its player keys and
decrypt the corresponding entry in the table  If the
result is the value of the disc key  DVD player has
correctly obtained the disc key
Content Scrambling System (CSS)
Arab Open University – Spring 2012
41
• Each disc also contains an encrypted version of the title
key for each work stored on the disc encrypted with the
disc key  Once the title key has been found it can be
used to decrypt the actual content of each sector of the
disc (MPEG-2 version of a film).
Content Scrambling System (CSS)
Arab Open University – Spring 2012
42
• Some digital television broadcasts are encrypted for pay TV
application  require smart cards
• The most common standard is digital video broadcasting
conditional access (DVB-CA).
• The scrambling system used to encrypt the MPEG-2 encoded
video signal is not a public system and information is available
through non-disclosure licences, which is contrary to the
Kerchoff principle
• The scrambling is based on a secret key and can only be descrambled with knowledge of the value of this key.
• A major difficulty is distributing this key securely to valid
subscribers
Digital Video Broadcasting Conditional Access
Arab Open University – Spring 2012
43
Digital Video Broadcasting Conditional Access
Arab Open University – Spring 2012
44
• Because of the characteristics of their personal keys it
may be possible to group subscribers together and the
same encrypted service key can be decrypted by all the
subscribers in a group, thereby reducing the number of
transmissions necessary.
• The MPEG data for pictures, sound and data are
multiplexed with the encrypted entitlement messages and
are fed into the scrambler.
• However, only the protected picture, sound and data
messages are scrambled, otherwise the receivers will not
be able to access free broadcast programmes and the
encrypted entitlement messages
Digital Video Broadcasting Conditional Access
Arab Open University – Spring 2012
45
• The Microsoft version of DRM
is incorporated in Windows
Media files.
• These files have the file
extension ‘.wma’ for audio,
‘.wmv’ for video, and ‘.asf’
for streaming audio and video.
Basic process for delivering
package Windows Media files
and issuing licences
Windows Media Player
Arab Open University – Spring 2012
46
• Uses a proprietary system to package the digital work in a
secure container, and users cannot access the digital work
in a container without obtaining a licence.
• The secure container comprises an encrypted version of
the digital work, information about the work and how a
licence can be obtained to access the work.
• The licence includes a decryption key to access the digital
work and any conditions on users’ access to the work,
e.g. any limitation on how long they can access the work.
• The licences issued to users may include information
about their computers and thereby limit access to
individual machines.
Windows Media Player
Arab Open University – Spring 2012
47
DIGITAL RIGHTS MANAGEMENT
Arab Open University – Spring 2012
48
• DRM is considered as a set of technologies that
controls the access and use of digital works
• DRM should not be thought of simply as a collection of
technologies.
• The success of a DRM system depends on its technology,
intellectual property laws and business model of the
application
• DRMs have two functions:
• Accountant: DRM ‘watermarks’ can track usage
electronically to report information back to collecting
societies to ensure distribution of royalties is fair
• Policeman: DRM can limit the access to content, for
example, to prevent copying.
Introduction
Arab Open University – Spring 2012
49
• DRM will never be entirely effective, but can remove
temptation for the ‘casual copier’.
• DRMs can almost invariably be circumvented, a legal
framework is needed to prevent unauthorized copying at a
commercial scale
•
(Report of All Party Internet Group (APIG) on DRM published in June 2006)
Introduction
Arab Open University – Spring 2012
50
• People incentives
• Will people buy digital works that have technological restrictions
on their use rather than obtaining a free version that does not have
any technological restrictions?
• Price discrimination
• Non-implementation of fair dealing exceptions
• DRMs can prevent uses permitted under fair dealing exceptions,
and DRM tools do not necessarily expire when the copyright
expires.
• Collateral damages
• DRMs can damage users’ computers and can put limits on what
users can and can’t do with the products
• Non implementation of accessibility features
• DRMs can prevent activities permitted under the exceptions
Problems with DRM solutions
Arab Open University – Spring 2012
51
• Difference between DRM and Copyright laws approaches
• Copyright law  ‘everything that is not forbidden is
permitted’
• DRM  ‘everything that is not permitted is forbidden’
• DRM has been strengthened by recent changes to the law.
• The US Digital Millennium Copyright Act of 1998 and the
2001 EU Copyright Directive make it illegal to bypass
DRM technology, even if the person doing so would
otherwise have the legal right to access the information
behind the digital fence.
DRM and Copyright laws
Arab Open University – Spring 2012
52
• DRM technologies faces a number of obstacles
• Bypassing DRM technologies: it has become commonplace
for new DRM to be cracked (albeit illegally) shortly after its
release and the circumvention codes to be widely distributed
on the internet
• Consumer non-satisfaction: consumers may become
increasingly frustrated with DRM that restricts usage and
presents problems (i.e., as hardware and software need
changing or updating).
DRM Technologies - Obstacles
Arab Open University – Spring 2012
53
ACTIVITY 3.2: THE DARKNET AND THE FUTURE OF
CONTENT PROTECTION (ARTICLE)
Arab Open University – Spring 2012
54
• A darknet is collection of networks and technologies used
to share digital content.
• It is not a separate physical network but an application
and protocol layer riding on existing networks.
• Examples: peer-to-peer file sharing, CD and DVD
copying, and key or password sharing on email and
newsgroups.
• Two types
(a) - “Sneaker Net”
(b) - The World Wide Web
Http
Http
• Fully distributed
• Centralized
FTP
PC
Web
Search
Engine
PC
FTP
http
Search
PC
PC
PC
(c) - Napster
PC
PC
PC
(d) - Gnutella
PC
PC
PC
PC
Napster
Search
Engine
Darknet
TCP /
Napster
Protocol
PC
PC
gnutella
Search
Engine
TCP/UDP
Gnutella
Protocol
PC
PC
PC
PC
PC
PC
PC
PC
PC
PC
Arab Open University – Spring 2012
55
• Input: facilities for injecting new objects into the darknet
• Transmission: distribution network that carries copies of
objects to users
• Output: ubiquitous rendering devices, which allow users
to consume objects
• Database: search mechanism to enable users to find
objects
• Storage: that allows the darknet to retain objects for
extended periods of time.
• Functionally, this is mostly a caching mechanism that
reduces the load and exposure of nodes that inject objects.
Darknet Technological and infrastructure
requirements
Arab Open University – Spring 2012
56
Fully distributed
• Strengths
Centralized
• Single point of failure
• No single point of failure
• Weaknesses
• Free riding
• Lack of anonymity
Fully distributed darknets
Arab Open University – Spring 2012
57
• DRM systems: BOBE (break-once, break everywhere)resistant.
• Suppliers anticipate (and the assumptions of the darknet predict)
that individual instances (clients) of all security-systems, whether
based on hardware or software, will be subverted.
• If a client of a system is subverted, then all content protected by
that DRM client can be unprotected.
• If the break can be applied to any other DRM client of that class
so that all of those users can break their systems, then the DRMscheme is BOBE-weak.
• If, on the other hand, knowledge gained breaking one client
cannot be applied elsewhere, then the DRM system is BOBEstrong.
• DRM renewability: Vendors recognize the possibility of exploits,
and build systems that can be field-updated
BOBE: Break Once Break Everywhere
Arab Open University – Spring 2012
58
• DRM technology components
• License evaluation: software or hardware within the system
that evaluates the license against a requested action,
determines if that action conforms to the terms of the
license, and either allows or blocks that action from
occurring.
• Authentication component to identify the licensee: The
licensee could be a human user or a piece of hardware or
software.
• A way to associate licenses with content.
Activity 3.10: “If piracy is the problem, is DRM the
answer?”
Arab Open University – Spring 2012
59
• Two types of content :
• Managed content : content that is associated with a license
using some technological means
• Unmanaged content: content that does not have a license
associated with it
• If users can somehow convert a managed piece of content
into an unmanaged form, then they can use it in unlimited
ways. In particular, they can share it with other
unauthorized users  Illegitimately transformed
content Dissociated content.
Activity 3.10: “If piracy is the problem, is DRM the
answer?”
Arab Open University – Spring 2012
60
• Secure Container Methods
• Distributing and storing content in an encrypted form and
protecting it indirectly by managing the keys used to decrypt the
content
• Problem: convert managed content to dissociated content The
Analog hole
• Fuzzy Hashing
• fuzzy hashing attempts to compute an identical hash for two
pieces of content if they are perceptually equivalent.
• Ordinary vs. Draconian
• Ordinary DRM: devices handle both managed and unmanaged
content simultaneously.
• Draconian DRM, in which devices that handle managed content
do not handle unmanaged content at all
DRM techniques
Arab Open University – Spring 2012
61
• Based on XML (extensible markup language)
MPEG-21 Rights expression language
Arab Open University – Spring 2012
62
MPEG-21 Rights expression language
Arab Open University – Spring 2012
63
DIGITAL WATERMARKING
Arab Open University – Spring 2012
64
• Digital watermarking refers to techniques for
embedding marks in digital works.
• Digital watermarking does not make the encryption of
digital work more secure, but it does offer additional
protection of tying copyright information to the content in
a secure way.
• It may even be possible for the watermark to survive
digital to analogue conversion.
• Digital watermarking has applications other than
copyright protection.
• Watermarking is not a steganography technique
Introduction
Arab Open University – Spring 2012
65
• Watermarking vs. Steganography
• Steganography: attempts to hide the existence of messages
and is independent of the cover work
• The information contained in a watermark (the watermark
payload) is generally related to the work in which it is
embedded.
• The presence of a watermark is generally known, but the
techniques employed are robust to attempts to remove it.
Introduction
Arab Open University – Spring 2012
66
• Watermarking insertion
Watermarking digital media
Arab Open University – Spring 2012
67
• Watermarking extraction
Watermarking digital media
Arab Open University – Spring 2012
68
• Watermarking detection
Watermarking digital media
Arab Open University – Spring 2012
69
• Imperceptibility (or fidelity) of the watermarking process:
a human listener or viewer should not [be] able to hear or
see whether the cover signal has been watermarked.
• High capacity: The capacity should be high enough for
the intended application of the watermarking scheme.
• Reliability: false negative and bit error rates should be
low
• Robustness
• Tamper resistant (robust to attacks)
• Security should only rely on the secret of keys (following
the well known Kerckhoffs’ principles).
• Cost constraints of the application
Requirements for digital watermarking algorithms
Arab Open University – Spring 2012
70
• The watermark payload should be spread over a digital
work
• For example, a payload of 70 bits can be embedded in each
1 s fragment of a video stream.
• If we assume that a video stream is operating at 1 Mbit/s,
then, in effect, each watermark bit is spread over
approximately 14 000 bits of the original
Watermarking digital media
Arab Open University – Spring 2012
71
• Unauthorised embedding
• Commercial broadcasting
• Fake authenticity: insert a fake watermark after modifying the
work
• Unauthorised detection/extraction
• In some applications it is desirable that the presence of a
watermark cannot be detected without the owner’s authorisation
(Example: medical records)
• Unauthorised removal
• It is possible to distinguish between two types of attack by this
unauthorised action: masking and elimination.
• A masking attack modifies a watermarked work in an attempt to
fool a detector that a watermark is not embedded
• An elimination attack attempts to identify the watermark and
remove it so completely that the resultant work cannot be
distinguished from normally occurring unwatermarked works
Attacks on watermarks
Arab Open University – Spring 2012
72
• Known attacks against digital watermarking
•
•
•
•
Copy attack
Pathological distortion attack
Sensitivity analysis attack
Ambiguity attack
Security of watermarks
Arab Open University – Spring 2012
73
TEST YOUR KNOWLEDGE
(QUESTIONS FROM PREVIOUS EXAMS)
Arab Open University – Spring 2012
74
• Hashing a message and encrypting the message digest with the
sender private key ensures
a. Confidentiality
b. Integrity
c. Non replay
d. Availability
e. All of the above
• Which of the following intellectual property aspects cannot be
categorized as industrial property
a. Patents
b. Trademarks
c. Copyright
d. Designs
e. None of the above
(Final Exam – Fall 2011)
Multiple Choice questions
Arab Open University – Spring 2012
75
• Which of the following is incorrect
a. RSA is an asymmetric key system
b. DES is a symmetric key system
c. Cryptanalysis is the science of breaking a cipher without the
knowledge of the key
d. Hybrid cryptosystems have the security of asymmetric and the
speed of the symmetric key systems
e. MD5 is a hybrid encryption algorithm
• The principle that the secrecy of a cryptosystem lies in the key
and not in the algorithm is known as
a. De Morgan’s principle
b. Moore’s principle
c. RSA’s principle
d. Kerchoff’s principle
e. Schneir’s principle
(Fall 2010 – Final Exam)
Multiple Choice questions
Arab Open University – Spring 2012
76
• The process of verifying an identity claimed by or for a system
entity is called
a. Non repudiation
b. Confidentiality
c. Authentication
d. Identification
e. Integrity
• Which of the following is not included in a public key
infrastructure (PKI)?
a. Certification Authority
b. Registration authorities
c. Directory services
d. Authentication authority
e. Certificate management and key management services
(Fall 2010 – Final Exam)
Multiple Choice questions
Arab Open University – Spring 2012
77
• When the copyright owner of a work is either unknown or
cannot be traced, the work is called
a. Lost
b. Orphan
c. Untraced
d. Unknown
e. Copy-left
• Which of the following is an exclusive right for copyright
owners in UK
a. Copy the work
b. Issue copies of the work to the public
c. Perform, show or play the work in public
d. Make an adaptation of the work
e. All of the above
Multiple Choice questions
Arab Open University – Spring 2012
78
• The category of intellectual property that protect the
technical and functional aspects of products and
processes is known as
a. Trade marks
b. Copyright
c. Designs
d. Patents
e. None of the above
Multiple Choice questions
Arab Open University – Spring 2012
79
• Explain the principle of hybrid cryptographic systems and
show their advantages against pure symmetric and asymmetric
systems. (Final Exam – Fall 2011)
• What are the four categories of Intellectual Property? Explain
each of them in one or two sentences.
• Explain the principle of symmetric and asymmetric encryption
systems. Compare them in terms of speed and security
• What is a hash function? What do we mean by one-way hash
function? And collision free hash function?
• Explain the difference between stream cipher and block cipher
• There are two main requirements for cryptography, explain
both of them.
Short questions
Arab Open University – Spring 2012
80
• Explain the principle of content scrambling system (CSS)
used in pre-recorded DVDs. In your answer, highlight the
use of the following keys: player keys, disc key and title
key. How they are stored and used to encrypt and decrypt
the content of the DVD. (Final Exam – Fall 2011)
• Security techniques relevant to technological protection
of intellectual property include encryption and
authentication, explain how they are applied (Final Exam
- Spring 2010)
• Assuming you could process 10^12 key attempts per
second, calculate how long it would take to search the
key space of a 56-bit key. Compare this with the time
needed to search the key space of a 128-bit key
Long Essay questions / Exercises
Arab Open University – Spring 2012
81
• The computing power of a certain machine is the number of instructions it can
execute per unit of time. The computing power of nowadays personal computers
(2011) is around 4500 MIPS (core i5 Intel processor or equivalent) where MIPS
stand for Millions Instructions per Second. In this exercise we will consider such
computing power in the calculations. Suppose that an algorithm to verify one 56bit DES key needs around 600 elementary instructions. Suppose that we have a
couple of clear text and encrypted text using DES and that we want to find the
encryption key using brute force attack; which means by testing all the keys once
after another.
• We suppose that all keys are equally probable.
• Note: large numbers can be expressed in the form of powers of 2
i. What time it takes for the machine mentioned above to test a key? (3 marks)
ii. What is the number of instructions necessary to find a DES key? Consider the
worst case scenario where all keys should be verified. (3 marks)
iii. What time it takes if the computing power of one billion (109) PCs worldwide
are grouped for this task? (we suppose that all the PCs have the same computing
power mentioned above) (2 marks)
iv. Calculate the time it takes to find a 112 bits triple-DES key supposing that the
number of instructions to test one 3-DES key is the double of a DES key. (2 marks)
Long Essay questions / Exercises
Arab Open University – Spring 2012
82
• Consider the following scenario :
• Alice challenges Bob by sending him some random number.
• Bob encrypts the random number using his own private key
and sends the result to Alice.
• Alice decrypts the message using Bob’s public key (suppose
that Alice has confidence that the public key does indeed
belong to Bob).
• What security service can be assured by this exchange?
Explain your answer.
Long Essay questions / Exercises
Arab Open University – Spring 2012
83

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz