People at your new job are deeply impressed that you worked through this
book. As the first job assignment you are asked to design a digital pay-TV system
which uses encryption to prevent service theft through wire tapping. As key exchange
protocol, a strong Diffie–Hellman with, e.g., 2048-bit modulus is being used.
However, since your company wants to use cheap legacy hardware, only DES is
available for data encryption algorithm. You decide to use the following key derivation
approach:
K(i) =
f
(KAB
_
i).
(13.1)
where
f
is an irreversible function.
1. First we have to determine whether the attacker can store an entire movie with
reasonable effort (in particular, cost). Assume the data rate for the TV link is
1 Mbit/s, and that the longest movies we want to protect are 2 hours long. How
many Gbytes (where 1M = 106 and 1G = 109) of data must be stored for a 2-hour
film (don’t mix up bit and byte here)? Is this realistic?
2. We assume that an attacker will be able to find a DES key in 10 minutes using
a brute-force attack. Note that this is a somewhat optimistic assumption from an
attacker’s point of view, but we want to provide some medium-term security by
assuming increasingly faster key searches in the future.
How frequently must a key be derived if the goal is to prevent an offline decryption
of a 2-hour movie in less than 30 days?