NIST imposes a few challenges to digital cinema as its security requirements migrate to more stringent standards. One of these challenges is with the multiuse of the media block certificate for both digital signatures and decryption of security keys contained in KDMs. But this problem has been solved, at least conceptually. (See last month’s report on this subject.)
Another security update problem is slowly rearing its head, and that’s the migration of signature algorithms from SHA1 to SHA256. No need to look these up in Wikipedia. All that’s needed in terms of understanding is that the algorithm is changing.
Digital signature works by adding additional data to a message (or file) that’s derived from the content of the message itself and the private key of the signer. Upon receipt of the message, the receiving machine can regenerate the additional data using the digital signature algorithm. It then uses the public key of the signer to check that the new additional data generated matches the data that arrived with the message. If they match, then the message is intact and unmodified. If not, then this is taken as evidence of tampering.
Digital signatures are used in several ways in digital cinema: in projector communications, in security key decryption, and in signing security logs. A change in algorithm could cause such mechanisms to be inoperable. In US government work, the migration to the newer algorithm is taken seriously, and the potential for inoperability is real. A recent government public briefing outlines the timeline for the migration, which began in January of this year, and the need for dual recognition of algorithms during the crossover period.
But government agencies are geared to practice the standards imposed on them. So they will employ SHA256 signatures, and require equipment upgrades so that their signatures are recognized. Studios, on the other hand, are less likely to quickly adopt new standards, even though they will impose compliance to the new standards on others. This behavior can be seen in the requirement of equipment to pass DCI Compliance testing, when the studios themselves distribute content that does not comply with DCI specs.
So while new equipment will be required to employ the newer SHA256 for FIPS compliance, it will also be required to support the older SHA1 for backwards compatibility. Knowing that significant numbers of equipment in the field are unlikely to be upgraded with the new algorithm, studios are equally unlikely to move away from the use of SHA1 for many years to come. This would require dual implementation of both algorithms for a long time, much longer than the US government would accept of its own agencies. All this, of course, has yet to be documented in the DCI spec.
Similarly, this behavior of causing others to meet new security requirements while also imposing backwards compatibility on equipment could become the standard operating procedure for new NIST-imposed security standards. Ironically, it will be the studios that will lag most in using updated NIST-approved security methods, even though it will be the studios that demand immediate adoption of these same methods by digital cinema equipment manufacturers.