Title: A critical analysis and improvement of advanced access content system drive-host authentication

Authors: Jiayuan Sui, Douglas R. Stinson

Addresses: David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, N2L 3G1, Canada. ' David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, N2L 3G1, Canada

Abstract: This article presents a critical analysis of the Advanced Access Content System drive-host authentication scheme. A few weaknesses are identified which could lead to various attacks on the scheme. In particular, we observe that the scheme is susceptible to unknown key-share and man-in-the-middle attacks. Modifications (based on the ISO and the SIGMA protocols) of the scheme are suggested in order to provide better security. A proof of security of the modified scheme based on the ISO protocol is also presented. The modified schemes achieve better efficiency than the original scheme.

Keywords: AACS; advanced access content systems; key agreement; mutual authentication; cryptography; unknown key-share attacks; man-in-the-middle attacks; MiMA; security.

DOI: 10.1504/IJACT.2009.023464

International Journal of Applied Cryptography, 2009 Vol.1 No.3, pp.169 - 180

Available online: 24 Feb 2009 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article