Licensable function for securing stored data
First Claim
1. A computer-implemented method for enabling a secure electronic data, the method comprising:
- defining a first licensee identifier that uniquely identifies a first licensee, the first licensee identifier comprising binary data;
generating a first plurality of instructions for implementing a first cryptographic permutation function at least in part by inputting the first licensee identifier to an instruction-generating algorithm;
providing at least one of the first instructions or a first executable function compiled from source code based on the first instructions to the first licensee for execution on a first device;
defining a second licensee identifier that uniquely identifies a second licensee, the second licensee identifier comprising binary data;
generating a second plurality of instructions for implementing a second cryptographic permutation function at least in part by inputting the second licensee identifier to the instruction-generating algorithm;
providing at least one of the second instructions or a second executable function compiled from source code based on the second instructions to the second licensee for execution on a second device; and
wherein the first cryptographic permutation function is implemented by the first device and the second cryptographic permutation function is implemented by the second device to derive a cryptographic key to decrypt electronic data stored in the first device and accessed at the second device.
7 Assignments
0 Petitions
Accused Products
Abstract
For securing content accessed from storage device, the storage device is associated with a licensee identifier. The licensee identifier is provided as input to an algorithm that generates, based on the identifier, a determinate set of instructions for a computer, for example, source code in a coding language, compiled binary code, or pseudo code that is capable of being translated into source code. The code, once compiled to machine-usable form, can be executed by a processor to perform a permutation operation that is unique to the licensee identifier. The output of the permutation operation can be used for protecting data provided by the storage device.
32 Citations
27 Claims
-
1. A computer-implemented method for enabling a secure electronic data, the method comprising:
-
defining a first licensee identifier that uniquely identifies a first licensee, the first licensee identifier comprising binary data; generating a first plurality of instructions for implementing a first cryptographic permutation function at least in part by inputting the first licensee identifier to an instruction-generating algorithm; providing at least one of the first instructions or a first executable function compiled from source code based on the first instructions to the first licensee for execution on a first device; defining a second licensee identifier that uniquely identifies a second licensee, the second licensee identifier comprising binary data; generating a second plurality of instructions for implementing a second cryptographic permutation function at least in part by inputting the second licensee identifier to the instruction-generating algorithm; providing at least one of the second instructions or a second executable function compiled from source code based on the second instructions to the second licensee for execution on a second device; and wherein the first cryptographic permutation function is implemented by the first device and the second cryptographic permutation function is implemented by the second device to derive a cryptographic key to decrypt electronic data stored in the first device and accessed at the second device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus for enabling a secure electronic data, the apparatus comprising:
-
a processor; and a memory coupled to the processor, wherein the memory holds instructions that when executed by the processor, cause the apparatus to perform; defining a first licensee identifier that uniquely identifies a first licensee, the first licensee identifier comprising binary data; generating a first plurality of instructions for implementing a first cryptographic permutation function at least in part by inputting the first licensee identifier to an instruction-generating algorithm; providing at least one of the first instructions or a first executable function compiled from source code based on the first instructions to the first licensee for execution on a first device; defining a second licensee identifier that uniquely identifies a second licensee, the second licensee identifier comprising binary data; generating a second plurality of instructions for implementing a second cryptographic permutation function at least in part by inputting the second licensee identifier to the instruction-generating algorithm; providing at least one of the second instructions or a second executable function compiled from source code based on the second instructions to the second licensee for execution on a second device; and wherein the first cryptographic permutation function is implemented by the first device and the second cryptographic permutation function is implemented by the second device to derive a cryptographic key to decrypt electronic data stored in the first device and accessed at the second device. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable medium encoded with instructions that when executed by a processor, cause an apparatus to perform:
-
defining a first licensee identifier that uniquely identifies a first licensee, the licensee identifier comprising binary data; generating a first plurality of instructions for implementing a first cryptographic permutation function at least in part by inputting the first licensee identifier to an instruction-generating algorithm; providing at least one of the first instructions or a first executable function compiled from source code based on the first instructions to the first licensee for execution on a first device; defining a second licensee identifier that uniquely identifies a second licensee, the second licensee identifier comprising binary data; generating a second plurality of instructions for implementing a second cryptographic permutation function at least in part by inputting the second licensee identifier to the instruction-generating algorithm; providing at least one of the second instructions or a second executable function compiled from source code based on the second instructions to the second licensee for execution on a second device; and wherein the first cryptographic permutation function is implemented by the first device and the second cryptographic permutation function is implemented by the second device to derive a cryptographic key to decrypt electronic data stored in the first device and accessed at the second device.
-
-
17. An apparatus for enabling a secure electronic data, the apparatus comprising:
-
means for defining a first licensee identifier that uniquely identifies a first licensee, the first licensee identifier comprising binary data; means for generating a first plurality of instructions for implementing a first cryptographic permutation function at least in part by inputting the first licensee identifier to an instruction-generating algorithm; means for providing at least one of the first instructions or a first executable function compiled from source code based on the first instructions to the first licensee for execution on a first device; means for defining a second licensee identifier that uniquely identifies a second licensee, the second licensee identifier comprising binary data; means for generating a second plurality of instructions for implementing a second cryptographic permutation function at least in part by inputting the second licensee identifier to the instruction-generating algorithm; means for providing at least one of the second instructions or a second executable function compiled from source code based on the second instructions to the second licensee for execution on a second device; and wherein the first cryptographic permutation function is implemented by the first device and the second cryptographic permutation function is implemented by the second device to derive a cryptographic key to decrypt electronic data stored in the first device and accessed at the second device.
-
-
18. A computer-implemented method for protecting content, the method comprising:
-
storing, by a first hardware processor, content that has been protected using a cryptographic key; transforming, by the first hardware processor, a first binary data string using a first cryptographic permutation algorithm to generate an output, the first cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a first unique licensee identifier of the first hardware processor; providing the output to a second hardware processor, wherein the output is used by the second hardware processor to obtain the cryptographic key by transforming a second binary data string using a second cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a second unique identifier for multiple devices including the second hardware processor; and sending the content that is protected by the cryptographic key to the second hardware processor. - View Dependent Claims (19, 20, 21)
-
-
22. An apparatus for protecting content, the apparatus comprising:
-
a processor; and a memory coupled to the processor, wherein the memory holds instructions that when executed by the processor, cause the apparatus to perform; storing content that has been protected using a cryptographic key; transforming a first binary data string using a first cryptographic permutation algorithm to generate an output, the first cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a first unique licensee identifier of the apparatus; providing the output to a second computer, wherein the output is used by the second computer to obtain the cryptographic key by transforming a second binary data string using a second cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a second unique identifier for multiple devices including the second computer; and sending the content that is protected by the cryptographic key to the second computer. - View Dependent Claims (23, 24, 25)
-
-
26. A non-transitory computer-readable medium encoded with instructions that when executed by a processor of a first computer, cause the first computer to perform:
-
storing content that has been protected using a cryptographic key; transforming a first binary data string using a first cryptographic permutation algorithm to generate an output, the first cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a first unique licensee identifier of the first computer; providing the output to a second computer, wherein the output is used by the second computer to obtain the cryptographic key by transforming a second binary data string using a second cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a second unique identifier for multiple devices including the second computer; and sending the content that is protected by the cryptographic key to the second computer.
-
-
27. An apparatus for protecting content, the apparatus comprising:
-
means for storing content that has been protected using a cryptographic key; means for transforming a first binary data string using a first cryptographic permutation algorithm to generate an output, the first cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a first unique licensee identifier of the apparatus; means for providing the output to a second computer, wherein the output is used by the second computer to obtain the cryptographic key by transforming a second binary data string using a second cryptographic permutation algorithm comprising permutation operations that are defined at least in part by a second unique identifier for multiple devices including the second computer; and means for sending the content that is protected by the cryptographic key to the second computer.
-
Specification