The standard for shared secret cryptography is the
The standard for shared secret cryptography is the DES algorithm (Data Encryption Standard). The problem with a secret key is the secure distribution from one party to the other. Different methods can be used to deliver the key. One is the secure courier. Another is the telephone callback. One party phones the other, and says call me back. The other party calls back to an unlisted phone number; now the original party has authenticated they have the wanted party and can divulge the key. The courier is not a viable option for e-commerce systems. Pay-per-view conditional access uses a smart-card in the set-top box, plus a phone link to connect to the box. Each box is uniquely accessible, so can be shut down by the subscriber management center. The media player in a PC is a much more open system than the proprietary hardware in the set-top box. There is also consumer resistance to the use of a smart-card, although such systems exist. The alternative is an electronic version of the telephone callback. This uses the digital signature security standard (DSS). Once the rights server has authenticated the client from the digital signature, the secret key can be exchanged. One algorithm that has proved popular is the Diffie Hellman key exchange. It starts with two publicly available integers, P and G. Each party, the rights server and the client, generate private keys, X and Y. The Diffie Hellman algorithm then is used to generate public keys, E and F, which the two parties exchange. Each party then uses the other s public key, their own private key, and the public number P to generate a common number. This common number K is now a secret shared by both parties. Note that at no time has this shared secret key been exchanged over the Internet. This shared key then can be used to encrypt the media file. This description is somewhat simplified; the full description can be found in the IETF RFC 2631: Diffie Hellman Key Agreement Method. Note that the Diffie Hellman key agreement can be intercepted by a man-inthe- middle attack, because there is no authentication between the two parties. Such authentication could involve the prior exchange of digital signatures. Watermarking In the digital domain, watermarking embeds a persistent signature that identifies the source of the content or the client copy. The latter is often called fingerprinting. For a content provider to trace the sources of piracy, two clues are necessary. The first is a means of identifying the owner of the stolen content, and the second is a trace of the client that compromised the security. These clues can be introduced as a watermark to identify the owner of the stolen content and as a fingerprint to identify the instance that was copied. The Rights management 277
Note: If you are looking for good and high quality web space to host and run your application check Lunarwebhost PHP Web Hosting services