Digital communication technology offers convenient ways of distributing and copying data, but few means exist of protecting copyright controlled media against unauthorized access or re-distribution.
Some copyright owners have a strong economic interest of protecting their rights and this has lead to an increasing demand for Digital Rights Management (DRM). Generally, the protecting of copyright restricted data transmitted over an insecure channel requires cryptographic mechanisms such as authorization of legal users and encryption of the data. The management of the rights involves establishing trust relations, managing cryptographic keys and charging as well as a specification of the allowed utilization of the media.
A special difficulty arises in wireless networks or other communication systems exposed to disturbances. Due to the broadcast nature, eavesdropping is potentially very easy, which calls for encryption. But in this case, sensitive authentication information and/or encrypted data may be corrupted by errors during the transmission, which could break or distort the communication. Particularly sensitive data comprise real-time or other streaming media where there is little or no time to repair or re-send corrupted data. Moreover, encryption may have an impact on bandwidth economy, and may computationally overload a thin client such as a cellular telephone.
In the case of severely restricted storage capacity of the receiving device, e.g. a cellular telephone or a so-called “personal digital assistant” (PDA), it is not feasible to include DRM solutions that require large storage capacity. For the same reason it is not suitable or not even possible to have several different DRM solutions in one device. Therefore, a DRM solution should make as much use as possible of some pre-existing security architecture. On the other hand, the restricted environment in such a device also has benefits that should be exploited in a DRM solution. First, the limited storage restrictions are likely to prevent storage of the entire streaming data for later extraction. Second, it is not particularly easy to extract the digital contents from the device in any other shape; i.e. we may consider the device to be, or can with small means be turned into or include a so-called “tamper resistant module”.
Most existing DRM solutions are partly based on “security by obscurity”, i.e. the methods used are kept secret from the users. This makes it difficult to establish a trust in the solution from the point of view of the users. Second, though this obscurity admittedly makes attacks more difficult, this is only true as long as the obscurity is maintained. History has repeatedly shown that when someone eventually manages to reverse-engineer the solution, or when there is a “leak”, security of the system is immediately compromised. Hence, a solution based on publicly known algorithms and protocols as far as possible has great benefits.