The technologies described herein are generally directed toward facilitating switching encryption keys based on an assurance value. According to an embodiment, a method can comprise receiving, by a device comprising a processor and memory, an assurance value from a key distribution server. The method can further comprise, based on the assurance value, switching, by the device, encryption of a content item from being by a first encryption key to being by a second encryption key, wherein the assurance value is determined in response to a receiving of a second decryption key by a content consuming device, and wherein the first and second decryption keys are generated respectively to decrypt the content item encrypted by the first and second encryption keys.