Title: Secure offline superdistribution for mobile platforms

Authors: Marko Wolf, Andre Osterhues, Christian Stueble

Addresses: Escrypt GmbH, Lise-Meitner-Allee 4, Bochum 44801, Germany. ' Escrypt GmbH, Lise-Meitner-Allee 4, Bochum 44801, Germany. ' Sirrix AG, Lise-Meitner-Allee 4, Bochum 44801, Germany

Abstract: Superdistribution and other peer-to-peer (P2P) distribution schemes like sharing or rental offer a flexible and user-friendly way to distribute digital content. However, the parties involved have different interests (e.g. user privacy vs. license enforcement) that should be reflected in the underlying security architecture. We identify characteristic P2P scenarios and demonstrate how these can be realised by applying a few basic licensing operations. We then present a security architecture to realise these basic license operations (1) in a generalised fashion and (2) employing the ARM TrustZone technology, which will be used in many future mobile platforms. Further, we extend existing superdistribution schemes for offline application, allowing a mobile peer to access superdistributed content without the need to first contact the actual licenser.

Keywords: ARM TrustZone; mobile platforms; P2P content distribution; peer-to-peer; secure hardware; security architectures; digital content; superdistribution; trusted computing; trust; mobile devices; mobile communications; offline application.

DOI: 10.1504/IJACT.2009.028026

International Journal of Applied Cryptography, 2009 Vol.1 No.4, pp.251 - 263

Published online: 31 Aug 2009 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article