Abstract
Due to current advancements in digital and Internet technologies, digital content theft has grown to a significant degree. Digital rights management (DRM) systems were established to regulate access to digital content. For DRM systems, protocols are being developed to ensure secure and authorized communication. Existing efficient authenticated key agreement (AKA) protocols for DRM systems achieve efficiency in computation and communication, but have some serious security flaws or do not support anonymity. In this paper, we focus on the idea of an efficient and secure AKA protocol for DRM Systems. We design an AKA protocol with lower communication costs and anonymity. The proposed scheme security is proved under the random oracle model. Moreover, we evaluate the performance of our design. Finally, a comparative analysis is followed to show the enhancement in communication efficiency without any significant increase in computation efficiency. The analysis indicates that the proposed scheme presents an anonymous authenticated and secure session establishment platform for DRM with low communication overhead.
Similar content being viewed by others
Availability of supporting data
The datasets generated during the current study are available from the corresponding author on reasonable request.
References
Armando A, Basin D, Cuellar J, Rusinowitch M, Viganò L (2006) Avispa: automated validation of internet security protocols and applications. ERCIM News 64 (January)
Chang C-C, Chang S-C, Yang J-H (2013) A practical secure and efficient enterprise digital rights management mechanism suitable for mobile environment. Secur Commun Netw 6(8):972–984
Chang C-C, Yang J-H, Wang D-W (2010) An efficient and reliable e-drm scheme for mobile environments. Expert Syst Appl 37(9):6176–6181
Chen C-L (2008) A secure and traceable e-drm system based on mobile device. Expert Syst Appl 35(3):878–886
Fan Q, Chen J, Wen Y, Luo M (2022) Eland: an efficient lightweight anonymous authentication protocol applied to digital rights management system. J Internet Technol 23(2):267–278
Glouche Y, Genet T, Houssay E (2008) Span: A security protocol animator for avispa. IRISA/université de Rennes 1: Rennes, France
Hussain S, Zikria Y B, Mallah G A, Chen C-M, Alshehri M D, Ishmanov F, Chaudhry S A (2022) An improved authentication scheme for digital rights management system. Wirel Commun Mob Comput 2022
Jung J, Kang D, Lee D, Won D (2017) An improved and secure anonymous biometric-based user authentication with key agreement scheme for the integrated epr information system. PloS One 12(1):e0169414
Khan MA, Ghani A, Obaidat M S, Vijayakumar P, Mansoor K, Chaudhry SA (2021) A robust anonymous authentication scheme using biometrics for digital rights management system. In: 2021 international conference on communications, computing, cybersecurity, and informatics (CCCI), IEEE, pp 1–5
Kim H, Lee Y, Park Y (2010) A robust and flexible digital rights management system for home networks. J Syst Softw 83(12):2431–2440
Lee C-C, Li C-T, Chen Z-W, Lai Y-M (2018) A biometric-based authentication and anonymity scheme for digital rights management system. Inform Technol Control 47(2):262–274
Lee C-C, Li C-T, Chen Z-W, Lai Y-M, Shieh J-C (2018) An improved e-drm scheme for mobile environments. J Inform Secur Applic 39:19–30
Maitra T, Obaidat MS, Amin R, Islam SH, Chaudhry SA, Giri D (2017) A robust elgamal-based password-authentication protocol using smart card for client-server communication. Int J Commun Syst 30(11):e3242
Mishra D, Das A K, Mukhopadhyay S (2015) An anonymous and secure biometric-based enterprise digital rights management system for mobile environment. Secur Commun Netw 8(18):3383–3404
Mishra D, Rana S (2021) A provably secure content distribution framework for portable drm systems. J Inform Secur Applic 61:102928
Moon J, Lee D, Jung J, Won D (2017) Improvement of efficient and secure smart card based password authentication scheme. Int J Netw Secur 19 (6):1053–1061
Pan H-T, Yang H-W, Hwang M-S (2020) An enhanced secure smart card-based password authentication scheme. Int J Netw Secur 22(2):358–363
Rana S, Mishra D (2020) Secure and ubiquitous authenticated content distribution framework for iot enabled drm system. Multimed Tools Appl 79(27):20319–20341
Rana S, Mishra D (2021) An authenticated access control framework for digital right management system. Multimed Tools Appl, pp 1–16
Yu S, Park K, Park Y, Kim H, Park Y (2020) A lightweight three-factor authentication protocol for digital rights management system. Peer-to-peer Networking and Applications 13(5):1340–1356
Funding
This research received no specific grant from any funding agency.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Ethics approval and consent to participate
The authors declare that the manuscript does not report on or involve the use of any animal or human data or tissue.
Human and Animal Ethics
Not Applicable
Consent for Publication
The manuscript does not contain any person’s data in any form.
Competing interests
The authors declare that they have no competing interests.
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Rewal, P., Mishra, D., Mishra, A. et al. Enhancing security of biometrics based authentication framework for DRM system. Multimed Tools Appl 82, 40857–40871 (2023). https://doi.org/10.1007/s11042-023-14891-3
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-023-14891-3