Cooperating broadcast and cellular conditional access system for digital television

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The lack of interoperability between Pay‐TV service providers and a horizontally integrated business transaction model have compromised the competition in the Pay‐TV market. In addition, the lack of interactivity with customers has resulted in high churn rate and improper security measures have contributed into considerable business loss. These issues are the main cause of high operational costs and subscription fees in the Pay‐TV systems. This paper presents a novel end‐to‐end system architecture for Pay‐TV systems cooperating mobile and broadcasting technologies. It provides a cost‐effective, scalable, dynamic and secure access control mechanism supporting converged services and new business opportunities in Pay‐TV systems. It enhances interactivity, security and potentially reduces customer attrition and operational cost. In this platform, service providers can effectively interact with their customers, personalise their services and adopt appropriate security measures. It breaks up the rigid relationship between a viewer and set‐top box as imposed by traditional conditional access systems, thus, a viewer can fully enjoy his entitlements via an arbitrary set‐top box. Having thoroughly considered state‐of‐the‐art technologies currently being used across the world, the thesis highlights novel use cases and presents the full design and implementation aspects of the system. The design section is enriched by providing possible security structures supported thereby. A business collaboration structure is proposed, followed by a reference model for implementing the system. Finally, the security architectures are analysed to propose the best architecture on the basis of security, complexity and set‐top box production cost criteria

Cryptanalysis of the ISDB Scrambling Algorithm (MULTI2)

MULTI2 is the block cipher used in the ISDB standard for scrambling digital multimedia content. MULTI2 is used in Japan to se- cure multimedia broadcasting, including recent applications like HDTV and mobile TV. It is the only cipher specified in the 2007 Japanese ARIB standard for conditional access systems. This paper presents a theoretical break of MULTI2 (not relevant in practice), with shortcut key recovery attacks for any number of rounds. We also describe equivalent keys and linear attacks on reduced versions with up 20 rounds (out of 32), improv- ing on the previous 12-round attack by Matsui and Yamagishi. Practical attacks are presented on up to 16 rounds

Updated Standard for Secure Satellite Communications: Analysis of Satellites, Attack Vectors, Existing Standards, and Enterprise and Security Architectures

Satellites play a vital role in remote communication where traditional communication mediums struggle to provide benefits over associated costs and efficiency. In recent years, satellite communication has achieved utter interest in the industry due to the achievement of high data rates through the massive deployment of LEO satellites. Because of the complex diversity in types of satellites, communication methodologies, technological obstacles, environmental limitations, elements in the entire ecosystem, massive financial impact, geopolitical conflict and domination, easier access to satellite communications, and various other reasons, the threat vectors are rising in the threat landscape. To achieve resilience against those, only technological solutions are not enough. An effective approach will be through security standards. However, there is a considerable gap in the industry regarding a generic security standard framework for satellite communication and space data systems. A few countries and space agencies have their own standard framework and private policies. However, many of those are either private, serve the specific requirements of specific missions, or have not been updated for a long time. This project report will focus on identifying, categorizing, comparing, and assessing elements, threat landscape, enterprise security architectures, and available public standards of satellite communication and space data systems. After that, it will utilize the knowledge to propose an updated standard framework for secure satellite communications and space data systems

Application of Fault Analysis to Some Cryptographic Standards

Cryptanalysis methods can be classified as pure mathematical attacks, such as linear and differential cryptanalysis, and implementation dependent attacks such as power analysis and fault analysis. Pure mathematical attacks exploit the mathematical structure of the cipher to reveal the secret key inside the cipher. On the other hand, implementation dependent attacks assume that the attacker has access to the cryptographic device to launch the attack. Fault analysis is an example of a side channel attack in which the attacker is assumed to be able to induce faults in the cryptographic device and observe the faulty output. Then, the attacker tries to recover the secret key by combining the information obtained from the faulty and the correct outputs. Even though fault analysis attacks may require access to some specialized equipment to be able to insert faults at specific locations or at specific times during the computation, the resulting attacks usually have time and memory complexities which are far more practical as compared to pure mathematical attacks. Recently, several AES-based primitives were approved as new cryptographic standards throughout the world. For example, Kuznyechik was approved as the standard block cipher in Russian Federation, and Kalyna and Kupyna were approved as the standard block cipher and the hash function, respectively, in Ukraine. Given the importance of these three new primitives, in this thesis, we analyze their resistance against fault analysis attacks. Firstly, we modified a differential fault analysis (DFA) attack that was applied on AES and applied it on Kuzneychik. Application of DFA on Kuznyechik was not a trivial task because of the linear transformation layer used in the last round of Kuznyechik. In order to bypass the effect of this linear transformation operation, we had to use an equivalent representation of the last round which allowed us to recover the last two round keys using a total of four faults and break the cipher. Secondly, we modified the attack we applied on Kuzneychik and applied it on Kalyna. Kalyna has a complicated key scheduling and it uses modulo 264 addition operation for applying the first and last round keys. This makes Kalyna more resistant to DFA as com- pared to AES and Kuznyechik but it is still practically breakable because the number of key candidates that can be recovered by DFA can be brute-forced in a reasonable time. We also considered the case where the SBox entries of Kalyna are not known and showed how to recover a set of candidates for the SBox entries. Lastly, we applied two fault analysis attacks on Kupyna hash function. In the first case, we assumed that the SBoxes and all the other function parameters are known, and in the second case we assumed that the SBoxes were kept secret and attacked the hash function accordingly. Kupyna can be used as the underlying hash function for the construction of MAC schemes such as secret IV, secret prefix, HMAC or NMAC. In our analysis, we showed that secret inputs of Kupyna can be recovered using fault analysis. To conclude, we analyzed two newly accepted standard ciphers (Kuznyechik, Kalyna) and one newly approved standard hash function (Kupyna) for their resistance against fault attacks. We also analyzed Kalyna and Kupyna with the assumption that these ciphers can be deployed with secret user defined SBoxes in order to increase their security

3D Wavelet-Based Video Codec with Human Perceptual Model

This thesis explores the use of a human perceptual model in video compression, channel coding, error concealment and subjective image quality measurement. The perceptual distortion model just-noticeable-distortion (JND) is investigated. A video encoding/decoding scheme based on 3D wavelet decomposition and the human perceptual model is implemented. It provides a prior compression quality control which is distinct from the conventional video coding system. JND is applied in quantizer design to improve the subjective quality ofcompressed video. The 3D wavelet decomposition helps to remove spatial and temporal redundancy and provides scalability of video quality. In order to conceal the errors that may occur under bad wireless channel conditions, a slicing method and a joint source channel coding scenario that combines RCPC with CRC and uses the distortion information toallocate convolutional coding rates are proposed. A new subjective quality index based on JND is proposed and used to evaluate the overall performance at different signal to noise ratios (SNR) and at different compression ratios.Due to the wide use of arithmetic coding (AC) in data compression, we consider it as a readily available unit in the video codec system for broadcasting. A new scheme for conditional access (CA) sub-system is designed based on the cryptographic property of arithmetic coding. Itsperformance is analyzed along with its application in a multi-resolution video compression system. This scheme simplifies the conditional access sub-system and provides satisfactory system reliability

5G Security Challenges and Solutions: A Review by OSI Layers

The Fifth Generation of Communication Networks (5G) envisions a broader range of servicescompared to previous generations, supporting an increased number of use cases and applications. Thebroader application domain leads to increase in consumer use and, in turn, increased hacker activity. Dueto this chain of events, strong and efficient security measures are required to create a secure and trustedenvironment for users. In this paper, we provide an objective overview of5G security issues and theexisting and newly proposed technologies designed to secure the5G environment. We categorize securitytechnologies usingOpen Systems Interconnection (OSI)layers and, for each layer, we discuss vulnerabilities,threats, security solutions, challenges, gaps and open research issues. While we discuss all sevenOSIlayers, the most interesting findings are in layer one, the physical layer. In fact, compared to other layers,the physical layer between the base stations and users’ device presents increased opportunities for attackssuch as eavesdropping and data fabrication. However, no singleOSI layer can stand on its own to provideproper security. All layers in the5G must work together, providing their own unique technology in an effortto ensure security and integrity for5G data

Authorisation Issues for Mobile Code in Mobile Systems

This thesis is concerned with authorisation issues for mobile code in mobile systems. It is divided into three main parts. Part I covers the development of a policy-based framework for the authorisation of mobile code and agents by host systems. Part II addresses the secure download, storage and execution of a conditional access application, used in the secure distribution of digital video broadcast content. Part III explores the way in which trusted computing technology may be used in the robust implementation of OMA DRM version 2. In part I of this thesis, we construct a policy-based mobile code and agent authorisation framework, with the objective of providing both mobile devices and service providers with the ability to assign appropriate privileges to incoming executables. Whilst mobile code and agent authorisation mechanisms have previously been considered in a general context, this thesis focuses on the special requirements resulting from mobile code and agent authorisation in a mobile environment, which restrict the types of solutions that may be viable. Following the description and analysis of a number of architectural models upon which a policy-based framework for mobile code and agent authorisation may be constructed, we outline a list of features desirable in the definitive underlying architecture. Specific implementation requirements for the capabilities of the policy and attribute certificate specification languages and the associated policy engine are then extracted. Candidate policy specification languages, namely KeyNote (and Nereus), Ponder (and (D)TPL) and SAML are then examined, and conclusions drawn regarding their suitability for framework expression. Finally, the definitive policy based framework for mobile code and agent authorisation is described. In the second part of this thesis, a flexible approach that allows consumer products to support a wide range of proprietary content protection systems, or more specifically digital video broadcast conditional access systems, is proposed. Two protocols for the secure download of content protection software to mobile devices are described. The protocols apply concepts from trusted computing to demonstrate that a platform is in a sufficiently trustworthy state before any application or associated keys are securely downloaded. The protocols are designed to allow mobile devices to receive broadcast content protected by proprietary conditional access applications. Generic protocols are first described, followed by an analysis of how well the downloaded code is protected in transmission. How the generic protocols may be implemented using specific trusted computing technologies is then investigated. For each of the selected trusted computing technologies, an analysis of how the conditional access application is protected while in storage and while executing on the mobile host is also presented. We then examine two previously proposed download protocols, which assume a mobile receiver compliant with the XOM and AEGIS system architectures. Both protocols are then analysed against the security requirements defined for secure application download, storage and execution. We subsequently give a series of proposed enhancements to the protocols which are designed to address the identified shortcomings. In the final section of this thesis, we examine OMA DRM version 2, which defines the messages, protocols and mechanisms necessary in order to control the use of digital content in a mobile environment. However, an organisation, such as the CMLA, must specify how robust implementations of the OMA DRM version 2 specification should be, so that content providers can be confident that their content will be safe on OMA DRM version 2 devices. We take the requirements extracted for the robust implementation of the OMA DRM version 2 specification and propose an implementation which meets these requirements using the TCG architecture and TPM/TSS version 1.2 commands

On Security and Privacy for Networked Information Society : Observations and Solutions for Security Engineering and Trust Building in Advanced Societal Processes

Our society has developed into a networked information society, in which all aspects of human life are interconnected via the Internet — the backbone through which a significant part of communications traffic is routed. This makes the Internet arguably the most important piece of critical infrastructure in the world. Securing Internet communications for everyone using it is extremely important, as the continuing growth of the networked information society relies upon fast, reliable and secure communications. A prominent threat to the security and privacy of Internet users is mass surveillance of Internet communications. The methods and tools used to implement mass surveillance capabilities on the Internet pose a danger to the security of all communications, not just the intended targets. When we continue to further build the networked information upon the unreliable foundation of the Internet we encounter increasingly complex problems,which are the main focus of this dissertation. As the reliance on communication technology grows in a society, so does the importance of information security. At this stage, information security issues become separated from the purely technological domain and begin to affect everyone in society. The approach taken in this thesis is therefore both technical and socio-technical. The research presented in this PhD thesis builds security in to the networked information society and provides parameters for further development of a safe and secure networked information society. This is achieved by proposing improvements on a multitude of layers. In the technical domain we present an efficient design flow for secure embedded devices that use cryptographic primitives in a resource-constrained environment, examine and analyze threats to biometric passport and electronic voting systems, observe techniques used to conduct mass Internet surveillance, and analyze the security of Finnish web user passwords. In the socio-technical domain we examine surveillance and how it affects the citizens of a networked information society, study methods for delivering efficient security education, examine what is essential security knowledge for citizens, advocate mastery over surveillance data by the targeted citizens in the networked information society, and examine the concept of forced trust that permeates all topics examined in this work.Yhteiskunta, jossa elämme, on muovautunut teknologian kehityksen myötä todelliseksi tietoyhteiskunnaksi. Monet verkottuneen tietoyhteiskunnan osa-alueet ovat kokeneet muutoksen tämän kehityksen seurauksena. Tämän muutoksen keskiössä on Internet: maailmanlaajuinen tietoverkko, joka mahdollistaa verkottuneiden laitteiden keskenäisen viestinnän ennennäkemättömässä mittakaavassa. Internet on muovautunut ehkä keskeisimmäksi osaksi globaalia viestintäinfrastruktuuria, ja siksi myös globaalin viestinnän turvaaminen korostuu tulevaisuudessa yhä enemmän. Verkottuneen tietoyhteiskunnan kasvu ja kehitys edellyttävät vakaan, turvallisen ja nopean viestintäjärjestelmän olemassaoloa. Laajamittainen tietoverkkojen joukkovalvonta muodostaa merkittävän uhan tämän järjestelmän vakaudelle ja turvallisuudelle. Verkkovalvonnan toteuttamiseen käytetyt menetelmät ja työkalut eivät vain anna mahdollisuutta tarkastella valvonnan kohteena olevaa viestiliikennettä, vaan myös vaarantavat kaiken Internet-liikenteen ja siitä riippuvaisen toiminnan turvallisuuden. Kun verkottunutta tietoyhteiskuntaa rakennetaan tämän kaltaisia valuvikoja ja haavoittuvuuksia sisältävän järjestelmän varaan, keskeinen uhkatekijä on, että yhteiskunnan ydintoiminnot ovat alttiina ulkopuoliselle vaikuttamiselle. Näiden uhkatekijöiden ja niiden taustalla vaikuttavien mekanismien tarkastelu on tämän väitöskirjatyön keskiössä. Koska työssä on teknisen sisällön lisäksi vahva yhteiskunnallinen elementti, tarkastellaan tiukan teknisen tarkastelun sijaan aihepiirä laajemmin myös yhteiskunnallisesta näkökulmasta. Tässä väitöskirjassa pyritään rakentamaan kokonaiskuvaa verkottuneen tietoyhteiskunnan turvallisuuteen, toimintaan ja vakauteen vaikuttavista tekijöistä, sekä tuomaan esiin uusia ratkaisuja ja avauksia eri näkökulmista. Työn tavoitteena on osaltaan mahdollistaa entistä turvallisemman verkottuneen tietoyhteiskunnan rakentaminen tulevaisuudessa. Teknisestä näkökulmasta työssä esitetään suunnitteluvuo kryptografisia primitiivejä tehokkaasti hyödyntäville rajallisen laskentatehon sulautetuviiille järjestelmille, analysoidaan biometrisiin passeihin, kansainväliseen passijärjestelmään, sekä sähköiseen äänestykseen kohdistuvia uhkia, tarkastellaan joukkovalvontaan käytettyjen tekniikoiden toimintaperiaatteita ja niiden aiheuttamia uhkia, sekä tutkitaan suomalaisten Internet-käyttäjien salasanatottumuksia verkkosovelluksissa. Teknis-yhteiskunnallisesta näkökulmasta työssä tarkastellaan valvonnan teoriaa ja perehdytään siihen, miten valvonta vaikuttaa verkottuneen tietoyhteiskunnan kansalaisiin. Lisäksi kehitetään menetelmiä parempaan tietoturvaopetukseen kaikilla koulutusasteilla, määritellään keskeiset tietoturvatietouden käsitteet, tarkastellaan mahdollisuutta soveltaa tiedon herruuden periaatetta verkottuneen tietoyhteiskunnan kansalaisistaan keräämän tiedon hallintaan ja käyttöön, sekä tutkitaan luottamuksen merkitystä yhteiskunnan ydintoimintojen turvallisuudelle ja toiminnalle, keskittyen erityisesti pakotetun luottamuksen vaikutuksiin

A Heterogeneous Communications Network for Smart Grid by Using the Cost Functions

Smart Grids (SG) is an intelligent power grid in which the different SG node types with different communication requirements communicates different types of information with Control Stations (CS). Radio Access Technologies (RATs) due to its advantages are considered as the main access method to be used in order to have bidirectional data transferring between different node types and CS. Besides, spectrum is a rare source and its demand is increasing significantly. Elaborating a heterogeneous in order to fulfill different SG node types communication requirements effectively, is a challenging issue. To find a method to define desirability value of different RAT to support certain node types based on fitness degree between RAT communication characteristics and node type communication requirements is an appropriate solution. This method is implemented by using a comprehensive Cost Function (CF) including a communication CF (CCF) in combination with Energy CF (ECF). The Key Point Indicators which are used in the CCF are SG node type communication requirements. The existing trade of between Eb/N0 and spectral efficiency is considered as ECF. Based on the achieved CCF and ECF and their tradeoffs, SG node types are assigned to different RATs. The proposed assigning method is sensitive to the SG node types densities. The numerical results are achieved by using MATLAB simulation. The other different outcomes of the research output such as cognitive radio in SG and collectors effect number on data aggregation are discussed as well