Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Reexamination Certificate
2000-03-28
2004-06-08
Wright, Norman M. (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
C713S158000, C713S159000, C713S152000
Reexamination Certificate
active
06748531
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to the field of encryption, and in particular to the control of copy protected content material.
2. Description of Related Art
Techniques continue to be advanced to prevent the illicit acquisition of copy protected material, such as recorded entertainment material. A number of these techniques involve the use of devices that are manufactured to comply with established copy protection standards. Each compliant device enforces rules and procedures designed to minimize the likelihood that the device will be used to impermissibly copy protected material. For example, a cost-effective method of copy protection is discussed in detail by Jean-Paul Linnartz et al., in Philips Electronics Response to Call for Proposals Issued by the Data Hiding Subgroup Copy Protection Technical Working Group, July 1997 (“Linnartz”), which is incorporated herein by reference. The Linnartz scheme operates by attaching a “ticket” to the recorded material; the ticket comprises a verifiable “count” that is decremented at each stage of the playback and recording process, and is cryptologically difficult to increment. A cryptologically difficult process is one that can be expected to require an inordinate amount of time to complete, relative to the potential gain that may be realized by devoting this amount of time. A compliant device enforces this ticketing scheme by refusing to play or record material with an expired or missing ticket, by decrementing the ticket each time the material is played back or recorded, and so on. Other protection schemes are also common in the art that rely on compliant devices to enforce the protection.
To prevent the copying of protected material via an interception of the material, each compliant device communicates the content material to another compliant device in an encrypted form. The material is encrypted at the transmitting device using an encryption key, and decrypted at the receiving device using a decryption key. To minimize the adverse effects of a breach of security that reveals the decryption key, a different encryption scheme, requiring a different decryption key, is used for each target receiving device. In this manner, a discovery of a decryption key does not affect the security of encrypted material that is communicated to other receiving devices.
To effect a unique encryption scheme for each receiving device, a key exchange or key distribution is effected between devices. A variety of techniques are commonly available for exchanging or distributing keys. In one such transaction, the target receiving device provides a public key corresponding to an asymmetric public-private key pair that is associated with the receiving device. The source transmitting device encrypts the content material using this public key and then transmits the encrypted content material to the target receiving device. Because a knowledge of the public (encryption) key of a public-private key pair does not aid in a search for the corresponding private (decryption) key, this communication of public key and encrypted material is cryptographically secure. Other techniques are also used, each typically requiring the communication of a parameter that is related to a secret parameter of the receiving device such that the communicated parameter allows a transmitter to encrypt a message that can only be decrypted by a device having knowledge of the secret parameter. For ease of reference, the term public parameter is used herein to include the communicated parameter, and the term private parameter is used herein to include the parameter of each of these key exchange scenarios that is kept secret.
To assure that copy protected material is provided only to compliant devices, each compliant source device requires a verification that the receiving device is a legitimate compliant device. This verification is typically achieved via a certification process. A trusted authority (TA), or certifying authority (CA) provides a certificate that verifies that the public parameter is legitimate. Typically, this certificate has a digital signature associating the public key with a specific device or entity. The trusted authority creates this certificate using another private key that is known only to the trusted authority. The trusted authority publishes a public key corresponding to its private key, and the source device uses the trusted authority's public key to decrypt the certificate to determine whether the communicated public key is valid. In this manner, a counterfeiter cannot obtain protected material by merely providing its own public key to a source device, because the counterfeiter would also need to provide a certificate associated with this public key that is encrypted using the trusted authority's private key. A counterfeiter may, however, be able to clone a compliant device, and thereafter gain unauthorized access to protected content material.
To prevent the proliferation of cloned devices, or to minimize the profits that may be gained by a cloned device or other devices that are used for the unauthorized distribution of copy protected materials, a “revocation list” is published by the trusted authority. The revocation list contains a list of all certified public keys that have been found to have been used for illicit purposes. The providers of content material, such as CD or DVD manufacturers, have access to a “master list” of these revoked keys. The manufacturers communicate the list of revoked keys, or a sub-list of recently revoked keys, to consumer devices that exchange copy protected material by encoding the list, or sub-list, as “out of band” data that is recorded on the CD or DVD or other medium. The out of band data, for example, also includes the table of contents of the particular CD or DVD, a unique identifier of the CD or DVD, and so on. Each time one device communicates to another device, updates to the revocation list can be communicated. In this somewhat amorphous peer-to-peer communication network, it is expected that the identification of cloned devices or other unauthorized devices will be disseminated broadly enough so that at least a substantial portion of the unauthorized devices will be disallowed service by compliant devices. As the odds increase that an unauthorized device may be detected, the perceived worth of such unauthorized devices is diminished, and the gain that can be realized by providing such devices is reduced, thereby discouraging the continued distribution of these unauthorized devices.
With increased availability of low-cost, high-density memory devices, such as giga-byte sized hard disk devices, large amounts of content material can be stored on low-cost portable devices. Such devices may be configured as stand-alone playback devices, or as transfer devices that are used to effect a transfer of material between less portable systems, such as between a home audio library and an automotive stereo system. To be successful, such systems must facilitate the transfer of information between compliant devices with minimal burden on the user. This ease of transfer, however, facilitates the illicit copying of copy protected material. In general, these portable devices are somewhat remote from the aforementioned peer-to-peer communication network that uses out of band data to communicate revocation lists.
The proliferation of devices that may receive copy protected content material increases the number of authorization certificates, and correspondingly, the potential list of revoked certificates. U.S. Pat. No. 5,687,235 “CERTIFICATE REVOCATION PERFORMANCE OPTIMIZATION”, issued Nov. 11, 1997 to Perlman et al, discloses the use of a “revocation service” for improving the efficiency of revocation list distribution. In the '235 patent, a device submits a request for a subset of the current revocation list from the revocation service provider, via a network connection. The request includes parameters such as a maximum size for this subset, a date from which to select revoked certi
Koninklijke Philips Electronics N.V
Thorne Gregory L.
Wright Norman M.
LandOfFree
Method and apparatus for confirming and revoking trust in a... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for confirming and revoking trust in a..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for confirming and revoking trust in a... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3305403