Through the use of a one-time-use nonce, the transfer of cryptographic data over a potentially insecure link in a two-factor content protection system is avoided. The nonce may be stored encrypted with a public key from a smart card. A random key may be used to produce a storage key, which is used to encrypt a content protection key. The random key may be stored, encrypted with a key derived from the nonce. Instead of receiving a raw content protection key over the potentially insecure link, the raw nonce is received and, once used, replaced with a new nonce.