Separating encryption and key issuance in digital rights management systems

Abstract

Secure distribution of digital goods is now a significantly important issue for protecting publishers' copyrights. In this paper, we study a useful primitive for constructing a secure and efficient digital rights management system (DRM) where a server which encrypts digital content and one which issues the corresponding decryption key works independently, and existing schemes lack this property. We first argue the desired property necessary of an encryption scheme for constructing an efficient DRM, and formally define an encryption scheme as split encryption scheme containing such property. Also, we show that an efficient split encryption scheme can be constructed from any identity-based scheme. However, since currently there is no identity-based encryption scheme which is based on well-known computational assumption and/or provable security without the random oracle, by reasonably tuning the system parameter, we show another construction of split encryption which is secure against chosen ciphertext attacks in the standard model assuming that the decision Diffie-Hellman problem is hard to solve. © 2003 Springer-Verlag Berlin Heidelberg.