Illegal copying, dissemination and distribution of digital content is prevalent in recent years, especially using the Internet. This illegal copying and distribution is an infringement of copyright protection laws and cause financial damages to the rightful owners of the content. It is therefore of great interest to find methods that would stop or at least reduces illegal copying and/or distribution of digital content without offending rightful usage.
Methods for usage rights enforcement of digital media, digital rights management (DRM) and content protection are known. One of the most powerful building blocks in this respect is content encryption, where each of the copies of a given content is encrypted with a unique key and the keys are securely sent to the rightful user. Using these methods, digital rights management can be achieved utilizing proper key management.
In many cases, the content is liable to be stored (before it is distributed to the final user (e.g., in a proxy server, streaming server or a content distribution network). Such servers or networks may not posses an adequate level of security and therefore may not be trusted. In such cases, the content should not reside unencrypted while stored in these servers. If one is going to use key management for digital rights management, then it is required to send a content
that is encrypted with one key, Ks, {EKs(P)}, to multiple users, U1, . . . UN, such that each user may posses a special key, K1, . . . KN. Using current methods, one should either first decrypt the content using the key Ks and then re-encrypt the content using one of the keys K1, . . . KN, {Ci=EKi(DKs(P))} or else encrypt the encrypted content, EKs(P), with the key Ki and send the doubly-encrypted content , {Cis=EKi(EKs(P))}, together with the two keys, Ks and Ki, to the final user. The first methods render the content un-encrypted before it is re-encrypted, while the second method supplies the final user the key Ks, which the user can thereafter send back to the storage server. Furthermore, both methods require an additional stage of encryption, which requires costly computational resources.
There is thus a recognized need for, and it would be highly advantageous to have, a method and system that allows encryption in an untrusted environment, which overcomes the drawbacks of current methods as described above.