Due to the explosive growth of the Internet and the pervasion of multimedia, protection of IP rights of digital content in transactions induces people's concerns. For fee-based media services, data encryption may be the best solution for protection of the media. The encryption (decryption) keys placement may be a trivial but crucial issue for users. It is a significant issue that how to practically protect user's key with the password-based cryptographic scheme and at different security levels. Nowadays, key container storing user's key can be implemented by hardware or software-only. Unfortunately, the hardware key containers require expensive infrastructure; On the other hand, the software-only key containers are either insecure or impractical. Moreover, both of the hardware and software just store user's key with the single security level. To solve these problems, we propose a novel software key container in on-line media services that can provide an adaptively secure and practical solution to protect user's key. We use a human-trapdoor distortion function and symmetric cipher to protect user's key in our key container so that it is computationally infeasible to break the system by using machine attack alone. The idea is to ensure that people must participate to verify each guessed password in the attack. User can adjust the security level of container according to the security requirement. Therefore, the attacker cannot succeed to extract user's key within a reasonable time and budget.
All Science Journal Classification (ASJC) codes
- Control and Systems Engineering
- Computer Science(all)
- Electrical and Electronic Engineering