Particular embodiments generally relate to cryptography.
Digital terminal adapter (DTA) devices may be used in networks, such as cable networks. A DTA device may be a device that converts a digital signal to another form, such as an analog signal. A computer chip that is installed in the DTA device may include a security mechanism, such as encryption keys. The keys are used to when communicating with network devices. For example, a cable head end may send content to the DTA devices using a multi-layer security scheme that may be based on public key infrastructure (PKI) technology or symmetric key cryptography, or a combination thereof.
A black box may refer to a cryptographic key server that is installed at a chip foundry for provisioning cryptographic keys to be programmed onto the chips. A black box vendor refers to a vendor that provides a black box. In general, a black box vendor may be different from a device manufacturer. However, a device manufacturer may also be a black box vendor. For example, the DTA devices may be manufactured by a black box vendor. The DTA devices are associated with a model type. For example, a model type is associated with a specific type of computer chip. Multiple DTA devices of the model type may be manufactured. Each DTA device includes the same type of computer chip. At some point, a device model type may become compromised due to hardware or software vulnerability. In this case, a very large group of devices of the same model type may need to have their keys revoked. Typically, it is unlikely that a specific device or small group of devices becomes compromised. In other examples, digital certificates may be installed in the computer chip and digital certificates can be revoked.
A certificate hierarchy may be used to revoke devices for a model type. An authorization certificate authority (CA) for each model type may be defined. Devices are then associated with individual device certificates that are chained to the CA certificate. Thus, whenever the CA certificate is revoked, that automatically revokes all the device certificates under that certificate tree for that CA certificate. While this scheme will revoke all individual device certificates, this solution needs to maintain a different CA for each device model type. This complicates the provisioning of the certificates at a manufacturing facility because the manufacturing facility needs to maintain and track all the different certificate authorities. Also, in cases where the security system is symmetric key based rather than PKI-based, this approach cannot be used.