The home network is a major concern for the growth of digital and information society. Yet, how to guarantee the security of its digital content and protect the legal benefits for each section of the value chain becom...The home network is a major concern for the growth of digital and information society. Yet, how to guarantee the security of its digital content and protect the legal benefits for each section of the value chain becomes a crucial "bottleneck" in the home network development. The Digital Rights Management (DRM) technology provides total solution for usage, storage, transfer, and tracing the digital contents and rights. Its basic features are systematic and controllability. Considering the growth of the new media and services and the requirements of the Intellectual Property Rights (IPR) protection in a home network, it's necessary to solve consistency problems in usage, storage, and transfer of contents and rights. In addition, it is inevitable to conduct researches of key techniques such as end-to-end secure transmission, conditional access and play, and right description.展开更多
We propose a digital rights management (DRM) system based on mobile agent to protect the copyrights of content providers. In the system, the content provider creates a time limited blackbox out of an original agent ...We propose a digital rights management (DRM) system based on mobile agent to protect the copyrights of content providers. In the system, the content provider creates a time limited blackbox out of an original agent and dispatches it to the user end to enforce DRM functions. The blackbox is an agent that can resist the attacks from the malicious user in a certain time interval. Owing to digital rights redistribution support, the user whose rights belong to redistribution category can transfer his rights to other users. Moreover, by introducing public key infrastructure (PKI) and certificate authority (CA) role, the security of the session can be ensured. An analysis of system security and performance and a comparison with traditional DRM system is given.展开更多
The Electronic Text Centre of the OpenUniversity of Hong Kong(OUHK)has been in full operationsince early 2001.It currently houses 7,300+electronictexts,including free electronic titles,electronic titlespurchased direc...The Electronic Text Centre of the OpenUniversity of Hong Kong(OUHK)has been in full operationsince early 2001.It currently houses 7,300+electronictexts,including free electronic titles,electronic titlespurchased directly from the market,and about,1,000 locallyproduced electronic titles.The locally produced titles are notavailable in the market but require local digitization andnegotiation with publishers with regard to the right to use(RTU)them so as to meet the learning needs of the OUHKcommunity.Nearl...展开更多
This paper presents a digital rights management model, which considers the integrated factors including legality, communication security, integrity of the content, and trading fairness. The architecture of the model, ...This paper presents a digital rights management model, which considers the integrated factors including legality, communication security, integrity of the content, and trading fairness. The architecture of the model, the necessary protocol for the copyright control and content distribution, the authentication mechanism which offer consumption registration for content fair distribution, of the model are all provided. The scheme also provides distribution and evidence for using the copyright of digital content fairly and effectively. Finally, analysis shows the proposed model has both high security and good performance.展开更多
The online social networks(OSNs) offer attractive means for social interactions and data sharing, as well as raise a number of security and privacy issues. Although current solutions propose to encrypt data before s...The online social networks(OSNs) offer attractive means for social interactions and data sharing, as well as raise a number of security and privacy issues. Although current solutions propose to encrypt data before sharing, the access control of encrypted data has become a challenging task. Moreover, multiple owners may enforce different access policy to the same data because of their different privacy concerns. A digital rights management(DRM) scheme is proposed for encrypted data in OSNs. In order to protect users' sensitive data, the scheme allows users outsource encrypted data to the OSNs service provider for sharing and customize the access policy of their data based on ciphertext-policy attribute-based encryption. Furthermore, the scheme presents a multiparty access control model based on identity-based broadcast encryption and ciphertext-policy attribute-based proxy re-encryption, which enables multiple owners, such as tagged users who appear in a single data, customize the access policy collaboratively, and also allows the disseminators update the access policy if their attributes satisfy the existing access policy. Security analysis and comparison indicate that the proposed scheme is secure and efficient.展开更多
Media Commerce is now becoming a new trend which results fr om faster development of network bandwidth and high availability of multimedia t echnologies, how to protect media content from being used in a right-violat...Media Commerce is now becoming a new trend which results fr om faster development of network bandwidth and high availability of multimedia t echnologies, how to protect media content from being used in a right-violated w ay is one of most important issues to take into account. In this paper, a novel and efficient authorization and authentication Digital Rights Management (DRM) s chema is proposed firstly for secure multimedia delivery, then based on the sche ma, a real-time digital signature algorithm built on Elliptic Curve Cryptograph y (ECC) is adopted for fast authentication and verification of licensing managem ent, thus secure multimedia delivery via TCP/RTP can efficiently work with real -time transaction response and high Quality of Service (QoS) . Performance eval uations manifest the proposed schema is secure, available for real-time media s tream authentication and authorization without much effected of QoS. The propose d schema is not only available for Client/Server media service but can be easily extended to P2P and broadcasting network for trusted rights management.展开更多
In the Internet or cloud computing environments, service providers provide more and more content services. Users can use these convenient content services in daily life. The major data of the user are maintained by th...In the Internet or cloud computing environments, service providers provide more and more content services. Users can use these convenient content services in daily life. The major data of the user are maintained by the service providers except that some personal privacy data are stored at the client device. An attacker may try to invade the systems, and it will cause the damage of users and service providers. Also, users may lose their mobile devices and then it may cause the data disclosure problem. As a result, the data and privacy protection of users become an important issue in these environments. Besides, since many mobile devices are used in these environments, secure authentication and data protection methods must be efficient in these low resource environments. In this paper, we propose an efficient and privacy protection digital rights management(DRM)scheme that users can verify the valid service servers and the service servers can ensure the legal users. Since the key delegation center of the third party has the robust security protection, our proposed scheme stores the encrypted secret keys in the key delegation center. This approach not only can reduce the storage space of the user devices, but also can recover the encrypted secret keys in the key delegation center when a user loses her/his devices for solving the device losing problem.展开更多
Digital rights management(DRM) applications are usually confronted with threats like key extraction, code lifting, and illegal distribution. White-box cryptography aims at protecting software implementations of crypto...Digital rights management(DRM) applications are usually confronted with threats like key extraction, code lifting, and illegal distribution. White-box cryptography aims at protecting software implementations of cryptographic algorithms and can be employed into DRM applications to provide security. A general DRM solution based on white-box cryptography was proposed to address the three threats mentioned above. The method is to construct a general perturbation-enabled white-box compiler for lookup-table based white-box block ciphers, such that the white-box program generated by this compiler provides traceability along with resistance against key extraction and code lifting. To get a traceable white-box program, the idea of hiding a slight perturbation in the lookup-table was employed, aiming at perturbing its decryption functionality, so that each user can be identified. Security analysis and experimental results show that the proposed DRM solution is secure and practical.展开更多
Stream cryptosystems, which implement encryption by selecting parts of the block data and header information of the compressed video stream, achieve good real-time encryption with high flexibility. Chaotic random numb...Stream cryptosystems, which implement encryption by selecting parts of the block data and header information of the compressed video stream, achieve good real-time encryption with high flexibility. Chaotic random number generator-based approaches, for example, logistics maps, are comparatively promising approachs, but are vulnerable to attacks by nonlinear dynamic forecasting. A composite chaotic cryptography scheme was developed to encrypt the compressed video with the logistics map with a Z(2311) field linear congruential algorithm to strengthen the security of the mono-chaotic cryptography. The scheme maintained real-time performance and flexibility of the chaotic sequence cryptography. The scheme also in-tegrated asymmetrical public-key cryptography and encryption and identity authentification of control pa-rameters at the initialization phase. Encryption is performed in a layered scheme based on the importance of the data in a compressed video stream. The composite chaotic cryptography scheme has the advantage that the value and updating frequency of the control parameters can be changed online to satisfy the net-work requirements and the processor capability, as well as the security requirements. Cryptanalysis shows that the scheme guarantees robust security,provides good real-time performance,and has flexible im-plementation. Statistical evaluations and tests verify that the scheme is effective.展开更多
Digital Rights Management (DRM) is an important infrastructure for the digital media age. It is a part of the AVS (Audio and Video coding Standard) of China. AVS Trusted Decoder (ATD) that plays back digital med...Digital Rights Management (DRM) is an important infrastructure for the digital media age. It is a part of the AVS (Audio and Video coding Standard) of China. AVS Trusted Decoder (ATD) that plays back digital media program according to rights conditions is the core of AVS DRM architecture. Adaptation layers axe responsible for translating or negotiating between ATD and peripheral systems. The Packaging Adaptation Layer (PAL), Licensing Adaptation Layer (LAL) and Rendering Adaptation Layer (RAL) will help ATD to gain the interoperability in various DRM environments.展开更多
Cloud computing provides a convenient way of content trading and sharing. In this paper, we propose a secure and privacy-preserving digital rights management (DRM) scheme using homomorphic encryption in cloud comput...Cloud computing provides a convenient way of content trading and sharing. In this paper, we propose a secure and privacy-preserving digital rights management (DRM) scheme using homomorphic encryption in cloud computing. We present an efficient digital rights management framework in cloud computing, which allows content provider to outsource encrypted contents to centralized content server and allows user to consume contents with the license issued by license server. Further, we provide a secure content key distribution scheme based on additive homomorphic probabilistic public key encryption and proxy re-encryption. The provided scheme prevents malicious employees of license server from issuing the license to unauthorized user. In addition, we achieve privacy preserving by allowing users to stay anonymous towards the key server and service provider. The analysis and comparison results indicate that the proposed scheme has high efficiency and security.展开更多
The timing and Hamming weight attacks on the data encryption standard (DES) cryptosystem for minimal cost encryption scheme is presented in this article. In the attack, timing information on encryption processing is...The timing and Hamming weight attacks on the data encryption standard (DES) cryptosystem for minimal cost encryption scheme is presented in this article. In the attack, timing information on encryption processing is used to select and collect effective plaintexts for attack. Then the collected plaintexts are utilized to infer the expanded key differences of the secret key, from which most bits of the expanded secret key are recovered. The remaining bits of the expanded secret key are deduced by the correlations between Hamming weight values of the input of the S-boxes in the first-round. Finally, from the linear relation of the encryption time and the secret key's Hamming weight, the entire 56 bits of the secret key are thoroughly recovered. Using the attack, the minimal cost encryption scheme can be broken with 2^23 known plaintexts and about 2^21 calculations at a success rate a 〉 99%. The attack has lower computing complexity, and the method is more effective than other previous methods.展开更多
Resistance to ambiguity attack is an important requirement for a secure digital rights management (DRM) system. In this paper, we revisit the non-ambiguity of a blind watermarking based on the computational indistin...Resistance to ambiguity attack is an important requirement for a secure digital rights management (DRM) system. In this paper, we revisit the non-ambiguity of a blind watermarking based on the computational indistinguishability between pseudo random sequence generator (PRSG) sequence ensemble and truly random sequence ensemble. Ambiguity attacker on a watermarking scheme, which uses a PRSG sequence as watermark, is viewed as an attacker who tries to attack a noisy PRSG sequence. We propose and prove the security theorem for binary noisy PRSG sequence and security theorem for general noisy PRSG sequence. It is shown that with the proper choice of the detection threshold Th = α n (a is a normalized detection threshold; n is the length of a PRSG sequence) and n i≥ 1.39 × m/α^2 (m is the key length), the success probability of an ambiguity attack and the missed detection probability can both be made negligibly small thus non-ambiguity and robustness can be achieved simultaneously for both practical quantization-based and blind spread spectrum (SS) watermarking schemes. These analytical resolutions may be used in designing practical non-invertible watermarking schemes and measuring the non-ambiguity of the schemes.展开更多
基金China Next Generation Internet Project(No.CNGI-04-12-2A)
文摘The home network is a major concern for the growth of digital and information society. Yet, how to guarantee the security of its digital content and protect the legal benefits for each section of the value chain becomes a crucial "bottleneck" in the home network development. The Digital Rights Management (DRM) technology provides total solution for usage, storage, transfer, and tracing the digital contents and rights. Its basic features are systematic and controllability. Considering the growth of the new media and services and the requirements of the Intellectual Property Rights (IPR) protection in a home network, it's necessary to solve consistency problems in usage, storage, and transfer of contents and rights. In addition, it is inevitable to conduct researches of key techniques such as end-to-end secure transmission, conditional access and play, and right description.
基金the National Natural Science Foundation of China (60502024)the Electronic Development Fund of Ministry of Informa-tion Industry of China ([2007]329)the Natural Science Foundation of Hubei Province (2005ABA267)
文摘We propose a digital rights management (DRM) system based on mobile agent to protect the copyrights of content providers. In the system, the content provider creates a time limited blackbox out of an original agent and dispatches it to the user end to enforce DRM functions. The blackbox is an agent that can resist the attacks from the malicious user in a certain time interval. Owing to digital rights redistribution support, the user whose rights belong to redistribution category can transfer his rights to other users. Moreover, by introducing public key infrastructure (PKI) and certificate authority (CA) role, the security of the session can be ensured. An analysis of system security and performance and a comparison with traditional DRM system is given.
文摘The Electronic Text Centre of the OpenUniversity of Hong Kong(OUHK)has been in full operationsince early 2001.It currently houses 7,300+electronictexts,including free electronic titles,electronic titlespurchased directly from the market,and about,1,000 locallyproduced electronic titles.The locally produced titles are notavailable in the market but require local digitization andnegotiation with publishers with regard to the right to use(RTU)them so as to meet the learning needs of the OUHKcommunity.Nearl...
基金Supported by Scientific Research Common Programof Beijing Municipal Commission of Education( KM200610772008)the Graduate Innovation Fund of Xidian University(05001)
文摘This paper presents a digital rights management model, which considers the integrated factors including legality, communication security, integrity of the content, and trading fairness. The architecture of the model, the necessary protocol for the copyright control and content distribution, the authentication mechanism which offer consumption registration for content fair distribution, of the model are all provided. The scheme also provides distribution and evidence for using the copyright of digital content fairly and effectively. Finally, analysis shows the proposed model has both high security and good performance.
基金supported by the National Natural Science Foundation of China(60803157,90812001,61272519)
文摘The online social networks(OSNs) offer attractive means for social interactions and data sharing, as well as raise a number of security and privacy issues. Although current solutions propose to encrypt data before sharing, the access control of encrypted data has become a challenging task. Moreover, multiple owners may enforce different access policy to the same data because of their different privacy concerns. A digital rights management(DRM) scheme is proposed for encrypted data in OSNs. In order to protect users' sensitive data, the scheme allows users outsource encrypted data to the OSNs service provider for sharing and customize the access policy of their data based on ciphertext-policy attribute-based encryption. Furthermore, the scheme presents a multiparty access control model based on identity-based broadcast encryption and ciphertext-policy attribute-based proxy re-encryption, which enables multiple owners, such as tagged users who appear in a single data, customize the access policy collaboratively, and also allows the disseminators update the access policy if their attributes satisfy the existing access policy. Security analysis and comparison indicate that the proposed scheme is secure and efficient.
文摘Media Commerce is now becoming a new trend which results fr om faster development of network bandwidth and high availability of multimedia t echnologies, how to protect media content from being used in a right-violated w ay is one of most important issues to take into account. In this paper, a novel and efficient authorization and authentication Digital Rights Management (DRM) s chema is proposed firstly for secure multimedia delivery, then based on the sche ma, a real-time digital signature algorithm built on Elliptic Curve Cryptograph y (ECC) is adopted for fast authentication and verification of licensing managem ent, thus secure multimedia delivery via TCP/RTP can efficiently work with real -time transaction response and high Quality of Service (QoS) . Performance eval uations manifest the proposed schema is secure, available for real-time media s tream authentication and authorization without much effected of QoS. The propose d schema is not only available for Client/Server media service but can be easily extended to P2P and broadcasting network for trusted rights management.
基金the National Science Council(No.NSC102-2221-E-327-013-MY3)
文摘In the Internet or cloud computing environments, service providers provide more and more content services. Users can use these convenient content services in daily life. The major data of the user are maintained by the service providers except that some personal privacy data are stored at the client device. An attacker may try to invade the systems, and it will cause the damage of users and service providers. Also, users may lose their mobile devices and then it may cause the data disclosure problem. As a result, the data and privacy protection of users become an important issue in these environments. Besides, since many mobile devices are used in these environments, secure authentication and data protection methods must be efficient in these low resource environments. In this paper, we propose an efficient and privacy protection digital rights management(DRM)scheme that users can verify the valid service servers and the service servers can ensure the legal users. Since the key delegation center of the third party has the robust security protection, our proposed scheme stores the encrypted secret keys in the key delegation center. This approach not only can reduce the storage space of the user devices, but also can recover the encrypted secret keys in the key delegation center when a user loses her/his devices for solving the device losing problem.
基金supported by the National Key Research and Development Program of China (2017YFB0802000)the National Natural Science Foundations of China (61672412,61972457)the National Cryptography Development Fund of China (MMJJ20170104, MMJJ20180219)。
文摘Digital rights management(DRM) applications are usually confronted with threats like key extraction, code lifting, and illegal distribution. White-box cryptography aims at protecting software implementations of cryptographic algorithms and can be employed into DRM applications to provide security. A general DRM solution based on white-box cryptography was proposed to address the three threats mentioned above. The method is to construct a general perturbation-enabled white-box compiler for lookup-table based white-box block ciphers, such that the white-box program generated by this compiler provides traceability along with resistance against key extraction and code lifting. To get a traceable white-box program, the idea of hiding a slight perturbation in the lookup-table was employed, aiming at perturbing its decryption functionality, so that each user can be identified. Security analysis and experimental results show that the proposed DRM solution is secure and practical.
基金Supported by the National Key Research Technology Project of the Ministry of Information Industry of China
文摘Stream cryptosystems, which implement encryption by selecting parts of the block data and header information of the compressed video stream, achieve good real-time encryption with high flexibility. Chaotic random number generator-based approaches, for example, logistics maps, are comparatively promising approachs, but are vulnerable to attacks by nonlinear dynamic forecasting. A composite chaotic cryptography scheme was developed to encrypt the compressed video with the logistics map with a Z(2311) field linear congruential algorithm to strengthen the security of the mono-chaotic cryptography. The scheme maintained real-time performance and flexibility of the chaotic sequence cryptography. The scheme also in-tegrated asymmetrical public-key cryptography and encryption and identity authentification of control pa-rameters at the initialization phase. Encryption is performed in a layered scheme based on the importance of the data in a compressed video stream. The composite chaotic cryptography scheme has the advantage that the value and updating frequency of the control parameters can be changed online to satisfy the net-work requirements and the processor capability, as well as the security requirements. Cryptanalysis shows that the scheme guarantees robust security,provides good real-time performance,and has flexible im-plementation. Statistical evaluations and tests verify that the scheme is effective.
文摘Digital Rights Management (DRM) is an important infrastructure for the digital media age. It is a part of the AVS (Audio and Video coding Standard) of China. AVS Trusted Decoder (ATD) that plays back digital media program according to rights conditions is the core of AVS DRM architecture. Adaptation layers axe responsible for translating or negotiating between ATD and peripheral systems. The Packaging Adaptation Layer (PAL), Licensing Adaptation Layer (LAL) and Rendering Adaptation Layer (RAL) will help ATD to gain the interoperability in various DRM environments.
基金supported by the National Natural Science Foundation of China (60803157, 90812001, 61272519)
文摘Cloud computing provides a convenient way of content trading and sharing. In this paper, we propose a secure and privacy-preserving digital rights management (DRM) scheme using homomorphic encryption in cloud computing. We present an efficient digital rights management framework in cloud computing, which allows content provider to outsource encrypted contents to centralized content server and allows user to consume contents with the license issued by license server. Further, we provide a secure content key distribution scheme based on additive homomorphic probabilistic public key encryption and proxy re-encryption. The provided scheme prevents malicious employees of license server from issuing the license to unauthorized user. In addition, we achieve privacy preserving by allowing users to stay anonymous towards the key server and service provider. The analysis and comparison results indicate that the proposed scheme has high efficiency and security.
基金supported by the National Basic Research Program of China (2007CB807902, 2007CB807903)the Education Innovation Foundation of Institution and University of Beijing (2004).
文摘The timing and Hamming weight attacks on the data encryption standard (DES) cryptosystem for minimal cost encryption scheme is presented in this article. In the attack, timing information on encryption processing is used to select and collect effective plaintexts for attack. Then the collected plaintexts are utilized to infer the expanded key differences of the secret key, from which most bits of the expanded secret key are recovered. The remaining bits of the expanded secret key are deduced by the correlations between Hamming weight values of the input of the S-boxes in the first-round. Finally, from the linear relation of the encryption time and the secret key's Hamming weight, the entire 56 bits of the secret key are thoroughly recovered. Using the attack, the minimal cost encryption scheme can be broken with 2^23 known plaintexts and about 2^21 calculations at a success rate a 〉 99%. The attack has lower computing complexity, and the method is more effective than other previous methods.
基金Supported by the National Natural Science Foundation of China (Grant Nos.90604008,60633030,60403045)Natural Science Foundation of Guangdong Province (Grant No.04009742)the National Basic Research Program of China (Grant No.2006CB303104)
文摘Resistance to ambiguity attack is an important requirement for a secure digital rights management (DRM) system. In this paper, we revisit the non-ambiguity of a blind watermarking based on the computational indistinguishability between pseudo random sequence generator (PRSG) sequence ensemble and truly random sequence ensemble. Ambiguity attacker on a watermarking scheme, which uses a PRSG sequence as watermark, is viewed as an attacker who tries to attack a noisy PRSG sequence. We propose and prove the security theorem for binary noisy PRSG sequence and security theorem for general noisy PRSG sequence. It is shown that with the proper choice of the detection threshold Th = α n (a is a normalized detection threshold; n is the length of a PRSG sequence) and n i≥ 1.39 × m/α^2 (m is the key length), the success probability of an ambiguity attack and the missed detection probability can both be made negligibly small thus non-ambiguity and robustness can be achieved simultaneously for both practical quantization-based and blind spread spectrum (SS) watermarking schemes. These analytical resolutions may be used in designing practical non-invertible watermarking schemes and measuring the non-ambiguity of the schemes.
