Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
2000-10-19
2004-11-30
Morse, Gregory (Department: 2137)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S153000, C713S160000, C713S170000, C713S171000, C380S201000, C380S229000, C380S283000, C705S051000, C705S057000, C725S080000, C725S082000, C725S116000
Reexamination Certificate
active
06826699
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to the field of authentication and key exchange protocols between an electronic source device and multiple electronic sink devices.
2. Related Art
The digital configuration of conventional media provides for virtually no loss associated with the transmission of digital information or data over a communication network. Digital audio and visual electronic devices receiving digital information or data from a remote location can therefore provide unprecedented performance when copying, displaying, or playing video or audio information. However, because of its digital format, audio and video information or data can be easily copied and stored in a digital device for future use without any degradation of audio or video quality. Therefore, the copy is exactly the same as the original no matter how many copies are made from the original, or how far removed from the master is the copy in a copy chain.
Since there is essentially no degradation of audio or video quality in the transmission or copying of digital information, encryption of audio and video information or data provides a means for protecting the owner's property rights. Presently, various cryptography protocols exist to combat the unauthorized copying and use of copyrighted digital content transmitted between digital electronic devices. In these protocols, two coupled devices successfully complete an authorization and key exchange protocol before sharing valuable information. Successful completion of the protocol determines that both devices are authorized to pass protected entertainment information or data between each other. Failure of one or both devices during authentication will preclude any transmission of protected digital information or data. Once both devices are authenticated, an encryption key is passed between the two devices in order to decrypt the transmission of encrypted digital information or data.
The 5C Digital Transmission Content Protection (hereinafter referred to as “5C DTCP”) encryption protocol whose portions were developed by a consortium of five companies: Hitachi, Ltd.; Intel Corporation; Matsushita Electric Industrial Co., Ltd.; Sony Corporation; and Toshiba Corporation is an example. This 5C DTCP specification defines an authentication and key exchange (hereinafter referred to as “AKE”) cryptography protocol for preventing audio/video entertainment content or data from unauthorized copying, intercepting, and tampering as it is transmitted across digital communication networks, such as those that utilize a high performance serial bus that conforms to the IEEE 1394 standard. Only authorized devices that conform to the specification can legitimately use and copy entertainment content transmitted from a source device and received at another approved sink device. Such authorized digital devices could be personal computers, digital televisions, digital VCRs, digital video recorders, digital set-top boxes, digital video discs, audio/video servers, and other future digital devices. Additionally, the 5C DTCP protocol is compatible with other approved copy protection systems such as the DVD Content Scrambling System.
More specifically, communication networks for the home or business may utilize a IEEE 1394 bus protocol capable of handling encryption and decryption of digital information such as that described in the 5C DTCP specification. Typically, a digital electronic device that is a source of digital content could be coupled to multiple digital electronic sink devices that are capable of receiving the digital content. The network could support parallel, series, or a combination of both configurations.
Previously, a digital electronic source device could only perform the authentication and key exchange protocol as defined in the 5C DTCP specification with one other sink device that is requesting the digital content. One disadvantage is that a second digital electronic device that is also requesting digital content from the source device would have to wait until the completion of the 5C DTCP AKE protocol with the first device before initializing is own 5C DTCP AKE sequence with the source device. Correspondingly, there was no capability to conduct multiple 5C DTCP AKE protocols between the source and multiple sink devices. Thus, a need exists to minimize the time to perform an AKE protocol.
Another problem associated with only conducting an authentication and key exchange protocol between one pair of digital electronic devices is the inability to maximize the bandwidth over the high speed bus network, such as those networks compliant with the IEEE 1394 protocol. Thus, it would be advantageous to maximize the bandwidth of a particular communication network.
SUMMARY OF THE INVENTION
Accordingly, the present invention provides a method and system for a digital electronic source device to simultaneously perform authentication and key exchange protocols with multiple sink devices through the use of a multiple client state machine table. This invention also maximizes the bandwidth of a communication network by allowing a single source device to simultaneously send multiple audio/video data packets to multiple sink devices. Further, this invention also allows a source device to recall authenticating a sink device such that the two devices would not have to perform an authentication and key exchange protocol again even if the two devices have not been on the same communication network since performing the initial authentication and key exchange protocol. The present invention provides these advantages and others not specifically mentioned above but described in the sections to follow.
Specifically, in an embodiment of the present invention, a method for a source device to perform authentication and key exchange (hereinafter referred to as “AKE”) protocols with multiple sink devices is described. In a communication network that comprises a source device and multiple sink devices in compliance with the 5C Digital Transmission Content Protection (hereinafter referred to as “5C DTCP”) specification, the present invention is directed to a method and system for using a multiple client state machine comprising a multiple client state table to allow the source device to track at which stage each sink device is undergoing within a 5C DTCP AKE protocol.
Specifically, embodiments of the present invention allows the source device to receive an audio/video control command or response associated with the 5C DTCP AKE protocol from a sink device, access the state machine table to determine at which stage the sink device is engaging within the 5C DTCP protocol, and process the command or response depending on the stage.
Further, by virtue of the state machine table, embodiments of the present invention allows the source device to simultaneously conduct multiple 5C DTCP AKE protocols (with multiple sink devices because the source can determine the exact stage a particular sink device is engaging to properly process an audio/video control command or response associated with a 5C DTCP AKE protocol from that sink device.
In another embodiment, by virtue of the state machine table, a digital electronic device that is a source of digital content is capable of performing step location such that the source device will terminate a 5C DTCP AKE protocol with a sink device if the source determines that an audio/video control command or response from a particular sink device does not correspond to the proper stage that sink device is engaging within the protocol.
In still another embodiment, a multiple client state machine table allows a digital electronic source device to determine whether a digital electronic sink device previously has successfully completed a 5C DTCP AKE protocol with the source device even if the two devices have not been coupled to the same communication network since performing the initial 5C DTCP AKE protocol.
REFERENCES:
patent: 6038628 (2000-03-01), Leung et al.
patent: 6133938 (2000-10-01), James
patent: 6199136 (2001-03-01
Callahan Paul E.
Morse Gregory
Murabito & Hao LLP
LandOfFree
Method and apparatus for performing authentication and key... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for performing authentication and key..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for performing authentication and key... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3308036