2.1 Random Number Generator (RNG)
Description
The purpose is to generating
good random number.
Example Scenario
DTCPIP: AKE Challenge nonce
A(n),B(n) generation.
DTCPIP: Exchange Key
Generation.
OpenSSL Interface
RAND_seed
RAND_bytes
Reference
2.2 EC-DSA
Description
Elliptic Curve Digital
Signature Algorithm:
User A uses a private
a key to signature some data1 generating data1sig, User B uses public key to
verify if data1sig is truly the signature of data1 signed by A.
Example Scenario
DTCPIP: verifying
DTCPIP certification using DTLA public key
OpenSSL Interface
SHA1
ECDSA_SIG_new
EC_KEY_set_group ( the
parameter is a group of constant data )
EC_KEY_set_private_key
(Not used for verification)
EC_KEY_set_public_key
(Not used for signature)
ECDSA_do_verify
ECDSA_do_sign
Reference
2.3 EC-DH
Description
Elliptic curve
Diffie–Hellman ,allows two parties, each having an elliptic curve
public-private key pair, to establish a shared secret over an insecure channel.
Example Scenario
DTCPIP: generating the
Auth Key after certification key exchange.
CPSDK:
MDTCPIPAKEAbstract__makeMyFirstPhaseValue, MDTCPIPUtil__getSharedSecret
OpenSSL Interface
EC_KEY_new
EC_KEY_generate_key
(Create a random private/public key pair in the curve)
EC_KEY_get0_public_key
EC_KEY_get0_private_key
MDTCPIPUtil__ECPointToBuf
MDTCPIPUtil__BNToBuf
EC_POINT_new
EC_POINT_oct2point
EC_KEY_set_group
EC_KEY_set_private_key
ECDH_compute_key
Reference
http://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman
2.5 AES CBC Mode
Description
The Advanced
Encryption Standard (AES) is a symmetric-key encryption standard adopted by the
U.S. government. CBC (Cipher Block Chaining) mode is mainly used for media
content.
Example Scenario
DTCPIP: Content encryption and decryption
AACS content
encryption and decryption
OpenSSL Interface
EVP_aes_128_cbc
EVP_CipherInit_ex
EVP_CIPHER_CTX_set_padding
EVP_EncryptUpdate
EVP_DecryptUpdate
Reference
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
2.6 AES ECB Mode
Description
The Advanced
Encryption Standard (AES) is a symmetric-key encryption standard adopted by the
U.S. government. ECB (Electronic Codebook) mode of operation is maily for
perposes such as management of cryptographic keys.
The disadvantage of
this method is that identical plaintext blocks are encrypted into identical
ciphertext blocks; thus, it does not hide data patterns well
Example Scenario
DTCPIP: Content key generation
OpenSSL Interface
EVP_aes_128_ecb
EVP_CipherInit_ex
EVP_CIPHER_CTX_set_padding
EVP_EncryptUpdate
EVP_DecryptUpdate
Reference
http://en.wikipedia.org/wiki/Advanced_Encryption_Standard
2.7 AES CTR Mode
Description
The Advanced
Encryption Standard (AES) is a symmetric-key encryption standard adopted by the
U.S. government. CTR(Counter) mode turns a block cipher into a stream cipher.
It generates the next keystream block by
encrypting successive values of a "counter". The counter can be any
function which produces a sequence which is guaranteed not to repeat for a long
time, although an actual counter is the simplest and most popular.
Example Scenario
PlayReady: For ASF
package encryption and decryption.
OpenSSL Interface
NA
Reference
2.8 SHA-1
Description
Secure Hash Algorithm,
for the purpose of processing data to produce digital signatures.
Example Scenario
DTCPIP: used to
generate the digest of the buffer to verify the signature and to generate the
signature
OpenSSL Interface
SHA1
Reference
2.9 MAC
Description
Message Authentication
code. For purpose of protecting the integrity of information.
There are many methods
to generate MAC. One of mostly used is
SHA-1algorithm.
Example Scenario
DTCPIP: using SHA1 method
to generate MAC code during RTT verification.
OpenSSL Interface
SHA1
No comments:
Post a Comment