Remote Revocation of Smart Cards in a Private DRM System

We describe a DRM smartcard-based scheme in which content access requests are not linked to a user’s identity or smartcard, and in which compromised cards can be revoked without the need to communicate with any card (whether revoked or not). The scheme has many other features, such as efficiency and requiring minimal interaction to process an access request (no complex interactive protocols), forward and backward security, stateless receivers, and under certain cryptographic constructions collusion-resistance. The above is achieved while requiring the smartcard to store only a single key and to perform a single modular exponentiation per revocation. Furthermore, our solution introduces a combinatorial problem that is of independent interest.