1. Field of the Invention
The invention relates to data encryption and decryption, and more particularly to a method and system for enhancing data encryption using multiple-key lists.
2. Description of the Related Art
Data delivery comprises on-line delivery and off-line delivery. The on-line delivery process transmits contents to consumers via a network. The off-line delivery process preloads contents in a specific storage medium, such as a compact disc, a digital versatile disc, or a flash memory device like a memory card or a universal serial bus (USB) disc.
FIG. 1 is a schematic view of a conventional method for data encryption and decryption for digital rights management.
When digital rights management of content is implemented on a storage medium, the content is first encrypted and it is determined whether or not a decryption key is hidden in the storage medium (step S101). If the decryption key is not hidden in the storage medium, the decryption key is required to be downloaded from a remote server via a network, such as internet (step S102). If the decryption key is hidden in the storage medium, an electronic device (such as a personal computer or a mobile phone) retrieves the decryption key to perform content decryption (step S103) and accesses the content when the decryption is complete (step S104).
Since the decryption key is hidden in the storage medium, it is an important object to protect the decryption key from being illegally detected and retrieved. Typically, content preloaded in DVD or SD card is protected by the method “Content Protection for Pre-recorded Media” (CPRM). The decryption key for such an encryption is represented by a 64-bit key block, comprising storage medium information (such as product type, manufacturer, and so on). The key block is stored in a hidden area of the storage medium, which cannot be accessed by ordinary consumers. The access of the key block must be implemented on an electronic device. Content must be encrypted using the key block that can be used in an authorized electronic device. Additionally, the manufacturer for the electronic device is required to join an industry association, such as the Secured Disk Association (SDA), to be authorized and be able to retrieve the key block from hidden area of SD card.
The described decryption key protection has some drawbacks. Content providers and manufacturers for electronic devices must join in an industry association with defined industry agreements whereby each member must comply with, such as the SDA. Thus, completely protecting the decryption key and provided content. However, such associations and agreements are not easily created and defined, like the competition between the Blu-ray disc association and the HD DVD association. While the protection is beneficial, illegal hacker attacks still occur. Additionally, at times, there are differences in commercial benefits between content providers and the manufacturers for electronic devices, whereby protection schemes cannot be thoroughly abided by. Consequently, there might exist certain loopholes in the entire protection scheme. Furthermore, the decryption key is stored in a single hidden area. While the hidden area is inaccessible for the average consumer, those skilled in the art can access the hidden area. When the hidden area is accessed, the decryption key can be retrieved to compromise the encryption protected content.
Thus, a method for enhancing data encryption using multiple-key lists is desirable.