Protection of digital content transferred between computers over a network is important for many organizations. Organizations attempt to secure this protection by implementing some form of digital rights management (DRM) process. The DRM process often involves encrypting the piece of content (e.g., encrypting the binary form of the content) in order to restrict usage to those who have been granted a right to the content. Content in this situation involves alphanumeric material, auto material such as music, and video material. It also involves of course combinations thereof, including text material.
A typical application is in the distribution of video and audio content where the sender is typically a central server and the ultimate recipient is a player, such as a digital audio and/or video player. Many such players however do not themselves have Internet or other network access, but instead connect to a computer which is also under control of the receiving party. The computer typically controls the distribution of content from the sender or server and downloads the received material to the player which is the actual recipient in terms of equipment. In this case the computer may be regarded as an untrusted or untrustworthy intermediary. That is, for unauthorized access a hacker may try to obtain access through the intermediary. In a typical situation the intermediary is further a weak point in terms of data security since many times the riskier operations in terms of, for instance, cryptography key handling take place at the intermediary (computer) rather than at the player. Hence there is a significant issue with so-called untrusted intermediaries.
Typically of course the distributed content is encrypted and the encryption involves use of keys. Protecting of transmission of these keys is very important. One way for hackers to obtain access to the keys is through the intermediary. Hence the keys themselves are typically distributed in some sort of encrypted form and thereby have some sort of encryption scheme applied to them.
Therefore the present inventors have determined that there is a need for improved security as regards message transmission where an untrusted intermediary is involved.