Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
An optimal class of symmetric key generation systems
Proc. of the EUROCRYPT 84 workshop on Advances in cryptology: theory and application of cryptographic techniques
Public-key systems based on the difficulty of tampering (Is there a difference between DES and RSA?)
Proceedings on Advances in cryptology---CRYPTO '86
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
A Realization Scheme for the Identity-Based Cryptosystem
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
| Hi-index | 0.00 |
We describe a weakness in the High Bandwidth Digital Content Protection (HDCP) scheme which may lead to practical attacks. HDCPi s a proposed identity-based cryptosystem for use over the Digital Visual Interface bus, a consumer video bus used to connect personal computers and digital display devices. Public/private key pairs are assigned to devices by a trusted authority, which possesses a master secret. If an attacker can recover 40 public/private key pairs that span the module of public keys, then the authority's master secret can be recovered in a few seconds. With the master secret, an attacker can eavesdrop on communications between any two devices and can spoof any device, both in real time. Additionally, the attacker can produce new key pairs not on any key revocation list. Thus the attacker can completely usurp the trusted authority's power. Furthermore, the protocol is still insecure even if all devices' keys are signed by the central authority.