Ensuring authenticity in a closed content distribution system
First Claim
Patent Images
1. A method executed by a secure player comprising:
- receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server;
receiving a license package including one or more first cryptographic keys and a plurality of signatures corresponding to the plurality of data portions, the license package being sent from a license server;
performing decryption of the encrypted content using the one or more first cryptographic keys;
verifying validity of the plurality of data portions using the plurality of signatures;
after verifying the validity, generating one or more second cryptographic keys independent of the one or more first cryptographic keys, the one or more second cryptographic keys being unique to the plurality of data portions and the license package;
storing the one or more second cryptographic keys;
performing re-encryption of the encrypted content using the one or more second cryptographic keys to obtain re-encrypted content;
storing the re-encrypted content.
4 Assignments
0 Petitions
Accused Products
Abstract
A technique for maintaining encrypted content received over a network in a secure processor without exposing a key used to decrypt the content in the clear is disclosed.
-
Citations
20 Claims
-
1. A method executed by a secure player comprising:
-
receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server; receiving a license package including one or more first cryptographic keys and a plurality of signatures corresponding to the plurality of data portions, the license package being sent from a license server; performing decryption of the encrypted content using the one or more first cryptographic keys; verifying validity of the plurality of data portions using the plurality of signatures; after verifying the validity, generating one or more second cryptographic keys independent of the one or more first cryptographic keys, the one or more second cryptographic keys being unique to the plurality of data portions and the license package; storing the one or more second cryptographic keys; performing re-encryption of the encrypted content using the one or more second cryptographic keys to obtain re-encrypted content; storing the re-encrypted content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A secure player comprising:
-
one or more processors; memory storing instructions, when executed by the one or more processors, configured to cause the one or more processors to execute a computer-implemented method, the computer-implemented method comprising; receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server; receiving a license package including one or more first cryptographic keys and a plurality of signatures corresponding to the plurality of data portions, the license package being sent from a license server; performing decryption of the encrypted content using the one or more first cryptographic keys; verifying validity of the plurality of data portions using the plurality of signatures; after verifying the validity, generating one or more second cryptographic keys independent of the one or more first cryptographic keys, the one or more second cryptographic keys being unique to the plurality of data portions and the license package; storing the one or more second cryptographic keys; performing re-encryption of the encrypted content using the one or more second cryptographic keys to obtain re-encrypted content; storing the re-encrypted content. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A secure player comprising:
-
a means for receiving encrypted content comprising a plurality of data portions in an encrypted format, the encrypted content being sent from a content server; a means for receiving a license package including one or more first cryptographic keys and a plurality of signatures corresponding to the plurality of data portions, the license package being sent from a license server; a means for performing decryption of the encrypted content using the one or more first cryptographic keys; a means for verifying validity of the plurality of data portions using the plurality of signatures; a means for, after verifying the validity, generating one or more second cryptographic keys independent of the one or more first cryptographic keys, the one or more second cryptographic keys being unique to the plurality of data portions and the license package; a means for storing the one or more second cryptographic keys; a means for performing re-encryption of the encrypted content using the one or more second cryptographic keys to obtain re-encrypted content; a means for storing the re-encrypted content.
-
Specification