2.9.1 Client-Side Content Security

In the figure that shows content security in the preceding section, Ke represents an encryption key that is derived from the segment secret (Kp). A sending peer encrypts data with Ke, but Ke is never disclosed between peers. The receiving client has to already have obtained enough information to compute the value of Ke from a content server to decrypt the peer-supplied data. Ke = Kp.