Title: A critical analysis and improvement of advanced access content system drive-host authentication
Authors: Jiayuan Sui, Douglas R. Stinson
Addresses: David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, N2L 3G1, Canada. ' David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, N2L 3G1, Canada
Abstract: This article presents a critical analysis of the Advanced Access Content System drive-host authentication scheme. A few weaknesses are identified which could lead to various attacks on the scheme. In particular, we observe that the scheme is susceptible to unknown key-share and man-in-the-middle attacks. Modifications (based on the ISO and the SIGMA protocols) of the scheme are suggested in order to provide better security. A proof of security of the modified scheme based on the ISO protocol is also presented. The modified schemes achieve better efficiency than the original scheme.
Keywords: AACS; advanced access content systems; key agreement; mutual authentication; cryptography; unknown key-share attacks; man-in-the-middle attacks; MiMA; security.
International Journal of Applied Cryptography, 2009 Vol.1 No.3, pp.169 - 180
Published online: 24 Feb 2009 *Full-text access for editors Access for subscribers Purchase this article Comment on this article