The Journal of the Korea Contents Association (한국콘텐츠학회논문지)

The Korea Contents Association (한국콘텐츠학회)
권호 표지
DOI QR코드

DOI QR Code

Secure and Efficient Access Control Protocol in Digital Broadcasting System

디지털 방송에서 안전하고 효율적인 접근 제어 프로토콜

  • 이지선 (고려대학교 BK21 유비쿼터스 정보보호 사업단) ;
  • 김효동 (아주대학교 미디어학부)
  • Received : 2009.10.29
  • Accepted : 2009.12.15
  • Published : 2010.03.28
Download PDF
⟨ Previous Next ⟩

Abstract

IPTV is an emerging technology that combines both broadcasting and tele-communication technologies, and provides various multi-media contents to the service subscribers. In general, IPTV broadcasters transmit scrambled signals (multi-media contents) to the paying subscribers, and the users within the acknowledged network descramble the signals using the smart-card. That is, users are verified through communication between STB (Set-Top Box) and smart-card. In 2004, Jiang et al. proposed a secure protocol regarding the verification process. The method has been modified and enhanced by several following research works. However, all the methods that have been proposed so far required modular exponentiation operations which may raise the smart-card costs. In this paper, we propose a new efficient mutual authentication and session-key establishment protocol using only hash functions and exclusive-or operations, and show that the proposed protocol is still secure under various security attacks.

IPTV(Internet Protocol Television)는 다양한 멀티미디어 콘텐츠를 인터넷을 통하여 TV로 제공하는 방송과 통신이 융합된 기술이다. 방송을 송신하는 측은 멀티캐스트 방식으로 스크램블된 방송콘텐츠를 전송하고, 수신료를 지불한 가입자만이 인증 과정을 거쳐 스크램블된 방송콘텐츠를 디스크램블하여 수신 할 수 있어야 한다. 일반적으로, 가입자 인증은 TV에 연결된 셋톱박스 (STB, Set-Top Box)와 스마트카드 기반으로 이루어지는데, 2004년 Jiang et al.이 관련 프로토콜을 제안하였고, 이 후에 여러 논문에서 보다 효율적인 프로토콜들이 제안되었다. 하지만, 이 프로토콜들은 모두 메모리와 계산 능력에 제한이 있는 스마트카드에 부담을 주는 모듈라 멱승 계산을 하도록 되어 있다. 본 논문에서는 해쉬함수와 exclusive-or 연산만을 이용한 효율적인 셋톱박스와 스마트 카드 간의 인증 및 키 교환 프로토콜을 제안하고, 제안하는 프로토콜이 다양한 공격에 안전함을 보인다.

Keywords

References

  1. 박종열, 문진영, 백의현, “IPTV 융합 서비스를 위한 보안 기술 동향,” 전자통신동향분석, 제23권, 제5호, 2008(10).
  2. W.-S. Juang, "Efficient Password Authenticated Key Agreement Using Smart Cards," Computers & Security 23, pp.167-173, 2004. https://doi.org/10.1016/j.cose.2003.11.005
  3. Y.-C. Chen and L.-Y. Yeh, “An Efficient Nonce-based Authentication Scheme with Key Agreement,” Applied Mathematics and Computation 169, pp.982-994, 2005. https://doi.org/10.1016/j.amc.2004.11.004
  4. W.-G. Shieh and J.-M. Wang, "Efficient Remote Mutual Authentication and Key Agreement," Computers &Security 25, pp.72-77, 2006. https://doi.org/10.1016/j.cose.2005.09.008
  5. W.-G. Shieh and W.-B. Horng, "Efficient and Complete Remote Authentication Scheme with Smart Cards," IEEE International Conference on Intelligence and Security Informatics, pp.122-127, 2008. https://doi.org/10.1109/ISI.2008.4565041
  6. G. Yang, D. S. Wong, H. Wang, and X. Deng, "Two-factor Mutual Authentication Based on Smart Cards and Passwords," Journal of Computer and System Sciences 74, pp.1160-1172, 2008. https://doi.org/10.1016/j.jcss.2008.04.002
  7. T. Jiang, "Key Distribution Baesd on Hierarchical Access Control for Conditional Access System in DTV Broadcast," IEEE Trans. on Consumer Electronics, Vol.50, No.3, pp.882-886, 2004. https://doi.org/10.1109/TCE.2004.1341695
  8. T.-W. Hou, J.-T. Lai, and C.-L. Yeh, "Based on Cryptosystem Secure Communication between Set-top Box and Smart card in DTV Broadcasting," TENCON 2007, IEEE Region 10 Conference, pp.1-5, 2007. https://doi.org/10.1109/TENCON.2007.4428786
  9. E.-J. Yoon and K. Yoo,, "Robust Key Exchange Protocol between Set-top Box and Smart Card in DTV Broadcasting," Informatica, Vol.20, No.1, pp.139-150, 2009.
  10. S.-H. Lee, N.-S. Park, S.-K. Kim, and J.-Y. Choi, "Cryptanalysis of Secure Key Exchange Protocol Between STB and Smart Card in IPTV Broadcasting," ISA 2009, LNCS 5576, pp.797-803, 2009. https://doi.org/10.1007/978-3-642-02617-1_81
  11. W. Kanjanarin and T. Amomraksa, "Scambling and Key Distribution Scheme for Digital Television," IEEE International Conference on Networks, pp.140-145, 2001. https://doi.org/10.1109/ICON.2001.962331
  12. F. Kamperman and B. V. Rijnsoever, "Conditional Access System Interoperability through Software Downloading," IEEE Trans. on Consumer Electronics, Vol.47, No.1, pp.47-53, 2001. https://doi.org/10.1109/30.920419