|
Ok, lets remember no crypto system is going to stop the person who legitimately receives the information from redistributing it.
That being said, DRM would not be a great method of securing your data since most DRM formats basically require device registration. In other words, if the device falls into the hands of someone else, they automatically can decrypt the file (at least until you deregister the device).
What you probably want to do is look into something like GPG. Its a public-key crypto system. It basically works because each user has two keys. The public key is used by anyone who wants to send the message to the owner of said key. The private key is then used by the owner to decrypt their message. (By using your own private key to encrypt a document, you can also sign using the system, but that is another level). Rather than using a password, an arbitrary length pass phrase is used by the user to decrypt the files. The keys are very hard to break, the pass phrase is only useful if you otherwise have access to the private key.
This BTW, is essentially the method that is using for transmitting financial information from your browser to online stores (without the pass-phrase, and a bit more transparently... and they might also use one time keys... but still the logic applies).
--
Bill
|