This, for sure, is one of my favorite questions during my university year.
Q: A local cable company is improving the security of their method for distribution of “pay per view” movies. Each subscriber is given a secret key Ki at subscription time; this is programmed into that users black box on top of their TV, and kept in the company’s secured database. A movie M, which consists of a string of many gigabits
of data, is delivered to a subscriber’s home by cable. A user’s request for a movie is authenticated by a data value which is a function of Ki, sent from the access box to the cable company. Ki is also used to recover a special “movie key” as described below.
• Scheme I. The movie M is encrypted under Ki for each user Ui that requested to view
the movie, and such user Ui is sent the movie as a different string of bits EKi(M).
• Scheme II. The cable company computes a special key K for the movie M, and just
before the movie starts, sends a user-specific quantity EKi(K) to each user Ui that
requested to view the movie. Each user uses its own key to recover K. A single copy
of the movie, EK(M), is broadcast over the cable.
• Scheme III. To simplify Scheme II, a consultant from another firm proposes
that the cost of computing the encrypted keys EKi(K), which is one block cipher
operation per user, be reduced to that of a single XOR operation per user, by sending
the user Ui, the key K, encrypting it as K XOR Ki.
As a professional consultant, which method do you think is the best? Please discuss security as well as implementation issues that the company might have to consider.
I’ll answer this later since I have to finish my CCNA study. I am writing the exam this coming Friday. Meanwhile, you can try to answer this question by leaving some comments. Maybe you have a better solution than I do.
Note: The question is related to movies. Yes. But it does not mean I like watching movies or anything related to that. I stop watching TVs/Movies in 2004/2005. So many corruptions, bad influence and nonsense. It just makes me sick.