Security in the context of digital data storage is still gaining importance. Was the subject at one time mainly relevant for computer servers, now its has spread via desktop PCs to all kinds of portable appliances, such as MP3 players, and mobile phones, as well as embedded storage devices, such as memory cards, USB keys, smart-cards, etc. At the same time the number of applications using data in the storage is increasing, as is the number of suppliers of the storage and/or applications. This makes it increasingly difficult to assess the security level. Against this background of an increasing number of different sensitive platforms running more and more software, the liabilities are increasing. In order to use any of the popular DRM (Digital Rights Managements) such as popular DRM applications like Windows Media DRM or Apples Fairplay, which are in use for music and/or video downloads a customer is bound to limitations, e.g. on which type or number of platforms the content may be rendered; a maximum duration for which the content may be rendered, restrictions on a number of copies that may be made, etc. A company that implements A DRM system may have to agree to robustness rules which typically demand minimum security levels, e.g. to ensure that the implementation can not be compromised with simple means. There can be stiff penalties for when security is broken.
One common problem in security sensitive applications is storage, such as magnetic storage (e.g. hard disk), optical storage (e.g. CD-type, DVD-Type, Blue Ray Disc-type, HD-DVD-type), electronic storage (e.g. Flash, M-RAMs, etc.). Some data needs to be stored persistently over longer periods of time. Yet the data in store may need to be protected against modification and/or reading. Traditionally, protective measures were built-in into the operating system and file system. Also in view of the fact that storage can be easily moved to platforms that do not obey such protective measures, cryptographic techniques are being applied to gain authenticity and/or confidentiality. The cryptographic techniques require cryptographic keys. Typically, a so-called master key is used from which a specific key can be derived for several applications, such as authentication or decryption/descrambling, or for several uses, e.g. different encryption of private information for specific purposes, or of different files or even of different records in a database, etc. Using keys in the conventional way introduces the risk that the keys may be found by reverse engineering, or cloning. Frequently, the secret cryptographic keys are embedded in the binary image of the computer program (application) that needs the secure store and encrypt and/or authenticate with that key. A particular risk occurs in systems where the cryptographic process is executed on a conventional processor. In such systems a representation of the key may be present in the main memory (typically RAM) in a plain (unencrypted/unprotected) form. Effort is being made to obfuscate such keys. However, obfuscating usually involves a significant adjustment of the current applications.
Recently, so-called Physical Uncloneable Functions (PUFs) were introduced by Pappu “Physical One-Way Functions” MIT, March 2001 as a cost-effective way of generating secure keys for cryptographic purposes. PUF are described for use as a hash function and for authentication purposes. Because through PUFs the data is stored essentially in a material rather than in a circuit, the technology can also be used as part of a device that needs authentication, such as a security sensor. Many further developments focus on developing different types of PUFs. The application of PUFs focuses on using PUFs as unique identifiers for smart-cards and credit cards or as a ‘cheap’ source for key generation (common randomness) between two parties, see P. Tuyls e.a. “Information-Theoretic Security Analysis of Physical Uncloneable Functions”, based on the very useful properties of PUF of the uniqueness of the responses and uncloneability of the PUF.
The approach indicated above of having the operating system keep the access to the data restricted only to the entities with some attributes (such as applications of the current user) has the problem that the user is vulnerable if bugs in the operating system are found, if other applications with the same privilege can have access to the data, or if the application that wrote the data in the first place can be changed to subvert the data. It is especially the last item that is particularly worrisome. On the Internet patches are distributed with which an application can be changed to circumvent certain restrictions. Especially in the gaming area this is very common.
Finally a problem with a secure storage is cloning the store. By copying a store from one device to another the user may get the same privileges as the original owner of the store.