We describe a DRM smartcard-based scheme in which content access requests are not linked to a user's identity or smartcard, and in which compromised cards can be revoked without the need to communicate with any card (whether revoked or not). The scheme has many other features, such as efficiency and requiring minimal interaction to process an access request (no complex interactive protocols), forward and backward security, stateless receivers, and under certain crypto- graphic constructions collusion-resistance. The above is achieved while requiring the smartcard to store only a single key and to perform a single modular exponentiation per revocation. Furthermore, our solution introduces a combinatorial problem that is of independent interest.
|Cite as: Frikken, K., Atallah, M.J. and Bykova, M. (2005). Remote Revocation of Smart Cards in a Private DRM System. In Proc. Third Australasian Information Security Workshop (AISW 2005), Newcastle, Australia. CRPIT, 44. Safavi-Naini, R., Montague, P. and Sheppard, N., Eds. ACS. 169-178. |
(local if available)