A New Secure Key Exchange Protocol Between STB and Smart Card in DTV Broadcasting

Abstract

The Smart Card Security Users Group (SCSUG) consortium developed the security specifications using the new international security standard ISO/IEC 15408, which is known as the Common Criteria. ISO 10202 standards have been established for the security of financial transaction systems that use integrated circuit cards (IC cards or smart cards). The smart card originates from the IC memory card which has been in the industry for about 10 years. The main characteristics of a smart card are its small size and low-power consumption. The merits of a smart card regarding password authentication are its simplicity and its efficiency in terms of the log-in and authentication processes. Secure communication between set-top box (STB) and smart card is directly related with the benefit of service providers and the legal rights of users, while key exchange is the essential part of secure communication. In 2004, Jiang et al. [1] proposed a key exchange protocol for STB and smart card based on Schnorr's digital signature protocol and one-way hash function. The current paper, however, demonstrates that Jiang et al.'s protocol is vulnerable to an impersonation attack and does not provide perfect forward secrecy. Furthermore, we present a new secure key exchange protocol based on one-way hash function and Diffie-Hellman key exchange algorithm in order to isolate such problems.