Quote:
Originally Posted by FoxDisc
You are using the term "master tree" here to refer to only one of those 22 level trees- the one that the software players use. We don't know which one other players use. FMalibu and I used the term "master tree" to refer to the full tree that starts 8 levels higher and includes all 512 of the trees at level 22 that you are referring to. The LA could have given device keys for those upper levels, but didn't, Thus each device, when it is given device keys, gets them from only one of those lower level 512 trees. The LA has them for the full master tree. You may want to use some term for a device tree at level 22 that is different from the term "master tree" that includes all 512 of those device trees.
|
Good clarification. Note however I am using the term "master tree" in the same sense spec uses it. Spec says that a set of Device Keys can derive any key of master tree (except a handful of them). The tree you call "master tree" doesn't comply this.
Quote:
|
You may want to use the term "subtree" to refer to a tree of nodes below an upper node. A group of devices in a subtree, i.e., below a single node would be a "subset of devices" or just a "subset." A big subset of devices defined by all devices below an upper node S minus a smaller subset of all devices below a lower child node D would be a "subset-difference set of devices" or just an "S-D set."
|
Once again I am following spec. The keys of any subtree are different than the keys of the master tree. A subtree is not "a portion of the master tree", it is another tree with another keys.
Quote:
|
Each of the 512 subtrees that starts at level 22 matches up to 2 to the 22nd power possible devices inside that subtree (all located at the bottom). The MKB has an S-D set for each of those subtrees that includes all of the possible devices in that subtree except one - the one on the lower left corner of the tree, so the subtree for the S set starts at the 22 level and the subtree for the D set starts at level 0 (on the lower left) and includes only one device.
|
Your opinion about the 512 MKB entries has a problem: the very first PK any attacker in the wide world got (arnezami's PK) is valid to decrypt the very first C-value of MKB. A great coincidence, isn it?
They are still on master tree, just because they have not revoked yet a noncontiguous group of keys. First MKB entry belongs to master tree, the rest of entries are just not used nowadays. So any device (except one that has never been sold) can derive the appropiate DK to get later the PK.