Offline data access using trusted hardware

摘要

A cryptographically-secure component provides access-undeniability and verifiable revocation for clients with respect to downloaded content items from a server. A cryptographically-secure component is implemented in a client. When the client wants to purchase and download a content item from the server, the server requests an encryption key from the client. The client generates an encryption key that is bound to a state of the client that is associated with decrypting the content item. The server encrypts the content item using the encryption key and sends the encrypted content item to the client. Because the encryption key used to encrypt the content item is bound to the state associated with the client decrypting the content item, if the client desires to view the content item the client may first advance its state to the bound state to retrieve the decryption key.

主权项

1. A method comprising:
receiving a request for a content item at a content item server from a client device; sending a request for an encryption key from the content item server to the client device; receiving the encryption key by the content item server from the client device, wherein the encryption key is bound to a state associated with the client device accessing a decryption key corresponding to the encryption key, and wherein the encryption key was generated by the client device from a state digest of the client device and a certificate of the client device using a bind operation; verifying that the state that the encryption key is bound to is the state associated with the client device accessing the corresponding decryption key by the content item server; and if the state that the encryption key is bound to is the state associated with client device accessing the corresponding decryption key:
encrypting the requested content item using the encryption key by the content item server; andsending the encrypted content item to the client device by the content item server.