• PDF / 152,151 Bytes
• 8 Pages / 439.363 x 666.131 pts Page_size
• 94 Downloads / 244 Views

DOWNLOAD

REPORT

Abstract. Internet based content distribution facilitates efficient platform for digital content (movies, music, text, software) trades to the remote users. It makes electronic commerce more profiting and userfriendly. However, digital content can be easily copied and redistributed over the network. At the same time, digital rights management (DRM) system emerges in the response of these drawbacks. It tries to ensure authorized content distribution so that copyright protection can be assured. Although, most of the existing DRM system supports only one way authentication, where the server verifies user’s authenticity and user simply assumed that he is interacting with the correct server. It may cause server spoofing attack. In 2006, Fan et al. proposed a certificate based authentication scheme for DRM system. In 2009, Wang at al. presented a smart card based authentication scheme for DRM system using biometric keys in which user and server can mutually authenticate each other. We analyze both the schemes and show that both the schemes fail to prove their claim of resistance to most common attacks. Fan et al.’s scheme has failed to resist known session specific temporary information attack and replay attack. Moreover, it does not ensure perfect forward secrecy. Wang et al.’s scheme does not withstand insider attack and known session specific temporary information attack and have an inefficient login phase. Keywords: Digital Rights Management, Authentication, Anonymity, Security.

1

Introduction

The advances in network technology have made internet an easy and efficient way for data transfer. The internet provides a scalable infrastructure for multimedia contents (music, movies, document, image, software, etc.) trade. It facilitates an easy access of multimedia content at low cost to the remote users. However, the content can be easily copied and redistributed over the network without degradation in the content quality. These drawbacks results rampant piracy, where piracy causes huge revenue to lose to the electronic commerce. Digital rights management (DRM) systems are developed in the response to the rapid increase in online piracy of commercially marketed multimedia products. G. Mart´ınez P´ erez et al. (Eds.): SNDS 2014, CCIS 420, pp. 184–191, 2014. c Springer-Verlag Berlin Heidelberg 2014 

Cryptanalysis of Two Authentication Scheme for DRM System

185

The purpose of this technology is to regulate content consumption so that unauthorized access and illegal redistribution of multimedia content can be restricted. DRM broadly refers to the set of policies, techniques and tools which manages the access control on the digital contents [1]. Most of the existing scheme for DRM systems are introduced to enhance the functionality of DRM system [2–8]. Many of the existing schemes present one way authentication in which server verifies the user’s authenticity and user simply assume that he is interacting with the correct server. However, this provides the opportunity to the adversary to mislead the user by performing server imperso

Recommend Documents

Cryptanalysis of Two-Factor Remote User Authentication Scheme for Wireless Sensor Networks

163 72 25MB

Cryptanalysis and improvement of a three-factor user authentication scheme for smart grid environment

167 65 901KB

Cryptanalysis on Symmetric Key Techniques Based Authentication Scheme for Wireless Sensor Networks

195 9 751KB

A Geometric-Based User Authentication Scheme for Multi-server Architecture: Cryptanalysis and Enhancement

168 117 19MB

Efficient Identity-Based Signature Authentication Scheme for Smart Home System

195 5 61MB

Cryptanalysis of genetic algorithm-based encryption scheme

185 52 937KB

Authentication of Real-Time Communication System Using KIS Scheme

163 96 29MB

PPAS: privacy protection authentication scheme for VANET

184 43 1MB

Cryptanalysis and improvement of a group RFID authentication protocol

178 23 445KB

Two-Factor Human Authentication for Mobile Applications

149 18 23MB

DRM

175 2 2MB

A Hybrid Content-Based Image Authentication Scheme

217 96 74MB