An Efficient and Secure Rights Sharing Method for DRM System Against Replay Attack

  • Donghyun Choi
  • Yunho Lee
  • Hogab Kang
  • Seungjoo Kim
  • Dongho Won
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4610)


In the past years there has been an increasing interest in developing DRM (Digital Rights Management) systems. The purpose of DRM is to protect the copyrights of content providers and to enable only designated users to access digital contents. From the consumers’ point of view, they have a tendency to go against complex and confusing limitations. Consumers want to enjoy contents without hassle and with as few limitations as possible. The concept of Authorized Domain (AD) was presented to remove such problems. However, the previous work on authorized domain has two problems. The first is that it requires a rather expensive revocation mechanism. The second is that the devices still can play contents which are previously obtained even though they are currently out of the authorized domain. On the contrary, our scheme prevents the content from being played by devices which are out of the domain for better security. Furthermore our scheme does not need to maintain a revocation list and can prevent replay attack.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ripley, M., Traw, C.B.S., Balogh, S., Reed, M.: Content Protection in the Digital Home. Intel Technology journal 49–56 (2002)Google Scholar
  2. 2.
    Eskicioglu, A.M., Delp, E.J.: An overview of multimedia content protection in consumer electronic devices. Signal Processing: Image Communication 681–699 (2001)Google Scholar
  3. 3.
    Eskicioglu, A.M., Town, J., Delp, E.J.: Security of Digital Entertainment Content from Creation to Consumption. Signal Processing: Image Communication 237–262 (2003)Google Scholar
  4. 4.
    Liu, Q., Safavi-Naini, R., Sheppard, N.P.: Digital rights management for content distribution. In: proceedings of the Australasian information security workshop conference on AISW frontiers, pp. 49–58 (2003)Google Scholar
  5. 5.
    Michiels, S., Verslype, K., Joosen, W., Decker, B.: Towards a Software Architecture for DRM. In: Proceedings of the Fifth ACM Workshop on Digital Rights Management, pp. 65–74 (2005)Google Scholar
  6. 6.
    van den Heuval, S., Jonker, W., Kamperman, F., Lenoir, P.: Secure Content Management in Authorized Domains. In: Proc. IBC, pp. 467–474 (2002)Google Scholar
  7. 7.
    Sovio, S., Asokan, N., Nyberg, K.: Defining Authorization Domains Using Cirtual Devices. In: SAINT Workshops, pp. 331–336 (2003)Google Scholar
  8. 8.
    Tuecke, S., Welch, V., Engert, D., Pearlman, L., Thompson, M.: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile. RFC 3820 (2004)Google Scholar
  9. 9.
    Popescu, Bogdan, C., Kamperman, Frank, L.A.J., Crispo, Bruno, Tanenbaum, Andrew, S.: A DRM security architecture for home networks. In: Proceedings of the 4th ACM workshop on Digital rights management, pp. 1–10 (2004)Google Scholar
  10. 10.
    DVB: Call for proposals for content protection & copy management technologies. DVB CPT REV 1.2 (2001)Google Scholar
  11. 11.
    IBM Research Division Almadern Research Center: eXtensible Content Protection (2003)Google Scholar
  12. 12.
    THOMSON: Smartright technical white paper (2003), Available:
  13. 13.
    Fraunhofer Institute, Light Weight DRM (LWDRM),
  14. 14.
  15. 15.

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Donghyun Choi
    • 1
  • Yunho Lee
    • 1
  • Hogab Kang
    • 2
  • Seungjoo Kim
    • 1
  • Dongho Won
    • 1
  1. 1.Information Security Group, School of Information and Communication Engineering, Sungkyunkwan University, Suwon-si, Gyeonggi-do, 440-746Korea
  2. 2.DRM inside, #403, Doosanweve BD, 98, Garakbon-dong, Songpa-gu, Seoul, 135-805Korea

Personalised recommendations