1. Field
This disclosure is generally related to the distribution of encrypted digital content. More specifically, this disclosure is related to processing encrypted content in a network with intermediate storage by performing decryption using a re-encryption key to transform master-encrypted content into user-specific encrypted content.
2. Related Art
The proliferation of mobile computing and cellular networks is making digital content more mobile than ever, including content such as song, videos, and movies. Content-centric network (CCN) architectures have been designed to facilitate accessing such digital content, including content that requires protection under digital rights management (DRM). Thus, it is necessary for such network architectures to include security features for accessing and distributing the digital content.
A consumer who wishes to download a song from a content producer, such as iTunes, requests the song. As part of its DRM scheme, the iTunes server sends the user an encrypted copy of the song, which the user decrypts using his own specific key. The encrypted copy of the song may pass through and be cached at an intermediate storage device on the network. If a second consumer wishes to download the same song, he requests the song from iTunes, and the iTunes server returns a differently encrypted copy of the song, which the second consumer decrypts using his own specific key. Because the consumers each use their own specific user key to decrypt the song, the system, by way of the iTunes server, creates and sends a separately encrypted version of the song for each consumer. The system cannot simply access and send to the second consumer the previously encrypted copy of the requested song which has already been cached in the intermediate storage device. This does not take advantage of the content-centric network architecture best suited for DRM.
One solution would be to provide each consumer with the same decryption key such that the previously encrypted copy of the song could be cached at the intermediate storage and sent back upon request by subsequent consumers. This would allow subsequent consumers to therefore utilize the cached copy of the encrypted song in the intermediate storage, and eliminate the need for the content producer to encrypt and send another copy of the same song. This solution would leverage the CCN infrastructure and its inherent in-networking caching capabilities. Unfortunately, providing the same key to all users contradicts the very purpose of user-specific encryption and increases the risk of security breaches within the CCN.