Encryption of streaming control protocols and their headers

US 20030065917A1
Filed: 06/25/2002
Published: 04/03/2003
Est. Priority Date: 09/26/2001
Status: Active Grant

First Claim

Patent Images

1. A method for securely streaming real-time content from a caching server to an authorized client, the method comprising:

encrypting an RTSP (real-time streaming protocol) message having a header and a payload, the RTSP message being encrypted in its entirety;

providing a first clear header for the encrypted RTSP message;

encrypting an RTCP (real-time control protocol) message having a header and a payload, the RTCP message being encrypted in its entirety;

providing a second clear header for the encrypted RTCP message;

transmitting the encrypted RTSP message and the first clear header; and

transmitting the encrypted RTCP message and the second clear header in order to securely stream the real-time content from the caching server to the authorized client.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for securely streaming real-time content from a caching server to an authorized client. The method includes the steps of encrypting an RTSP (real-time streaming protocol) message having a header and a payload, the RTSP message being encrypted in its entirety; and providing a first clear header for the encrypted RTSP message. Further, the method includes the steps of encrypting an RTCP (real-time control protocol) message having a header and a payload, the RTCP message being encrypted in its entirety; and providing a second clear header for the encrypted RTCP message. Thereafter, the encrypted RTSP message and the first clear header are transmitted, and the encrypted RTCP message and the second clear header are transmitted in order to securely stream the real-time content from the caching server to the authorized client.

78 Citations

View as Search Results

24 Claims

1. A method for securely streaming real-time content from a caching server to an authorized client, the method comprising:
- encrypting an RTSP (real-time streaming protocol) message having a header and a payload, the RTSP message being encrypted in its entirety;
  
  providing a first clear header for the encrypted RTSP message;
  
  encrypting an RTCP (real-time control protocol) message having a header and a payload, the RTCP message being encrypted in its entirety;
  
  providing a second clear header for the encrypted RTCP message;
  
  transmitting the encrypted RTSP message and the first clear header; and
  
  transmitting the encrypted RTCP message and the second clear header in order to securely stream the real-time content from the caching server to the authorized client.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising decrypting the encrypted RTSP message by retrieving an identifier from the first clear header, the identifier for identifying one or more cryptographic keys;
    - and using the cryptographic keys for decrypting the RTSP message.
  - 3. The method of claim 1 further comprising decrypting the encrypted RTCP message by retrieving an identifier from the second clear header, the identifier for identifying one or more cryptographic keys;
    - and using the cryptographic keys for decrypting the RTCP message.
  - 4. The method of claim 1 further comprising generating an identifier for identifying one or more parameters for securing the RTSP and the RTCP messages.
  - 5. The method of claim 1 wherein the header for the RTSP message and the header for the RTCP message are encrypted to prevent unauthorized access to user viewing patterns contained therein.
  - 6. The method of claim 1 further comprising authenticating all control messages to prevent attacks intended to modify the control messages.
  - 7. The method of claim 4 wherein both the first clear header and the second clear header includes the identifier.

8. A communication system for streaming real-time content from a caching server to an authorized client, the system comprising:
- a caching server;
  
  a client for receiving the content from the caching server;
  
  an RTSP (real-time streaming protocol) message, the RTSP message including its header and payload being encrypted at an application layer to form an encrypted RTSP message;
  
  an RTCP (real-time control protocol) messages, the RTCP message including its header and payload being encrypted at the application layer to form an encrypted RTCP message; and
  
  wherein the caching server and the client exchange one or more of said encrypted RTSP and RTCP messages for securing the streaming of the real-time content to the client.
- View Dependent Claims (9)
- - 9. The system of claim 8 further comprising a first identifier for identifying the security parameters to decrypt the encrypted RTSP message;
    - and a second identifier for identifying the security parameters to decrypt the encrypted RTCP message.

10. In a communication network employing RTP (real time protocol) for delivery of real-time data, a method of encrypting RTCP (real time control protocol) and RTSP (real time streaming protocol), the method comprising:
- determining two or more security parameters for securing delivery of the real-time data;
  
  at an application layer, using the security parameters for encrypting an entire payload and header of the RTSP and RTCP messages; and
  
  exchanging one or more of the RTSP and the RTCP message and the RTP message for securely delivering the real-time data.
- View Dependent Claims (11, 12, 13, 14, 18, 19)
- - 11. The method of claim 10 further comprising providing an clear header having and identifier for identifying the security parameters.
  - 12. The method of claim 11 wherein the clear header further comprises a sequence number for preventing replay of prior RTSP and RTCP messages.
  - 13. The method of claim 10 wherein the security parameters comprise a MAC (message authentication code) key for authenticating the RTSP and RTCP messages;
    - and an encryption key for encrypting the RTSP and RTCP messages.
  - 14. The method of claim 10 wherein the security parameters further comprises a first encryption key for encrypting outbound messages;
    - a second key for authenticating outbound messages;
      
      a third encryption key for inbound messages; and
      
      a fourth encryption key authenticating inbound messages.
  - 18. The method of claim 13 further comprising establishing a session identifier associated with the MAC key and the encryption key.
  - 19. The method of claim 13 further comprising using the session identifier to determine the MAC key and the encryption key.

15. In a communication network, a method for securing a real time data stream between two computing devices, the method comprising:
- exchanging one or more RTSP messages having a header and payload;
  
  exchanging one or more RTCP messages having a header and payload;
  
  encrypting an entire header and payload of the RTSP messages to produce a first encrypted packet;
  
  encrypting an entire header and payload of the RTCP messages to produce a second encrypted packet;
  
  providing a first header for the first encrypted packet by using a format, the first header having an identifier for identifying the security parameters to decrypt the RTSP messages;
  
  providing a second header for the second encrypted packet, the second header having an identifier for identifying the security parameters to decrypt the RTCP messages; and
  
  the second header being provided using the format identical to that of the first header.
- View Dependent Claims (16, 17)
- - 16. The method of claim 15 wherein encryption of the RTSP message is at an application layer.
  - 17. The method of claim 15 further comprising providing a session identifier, and a sequence number and an initialization vector.

20. In a client/server system, a system for securing a real time data stream between a client and a server, the system comprising:
- means for exchanging a first message having a header and payload;
  
  means for exchanging a second message having a header and payload;
  
  means for encrypting the entire header and payload of the first message to produce a first encrypted packet;
  
  means for encrypting the entire header and payload of the second message to produce a second encrypted packet;
  
  first header means having an identifier for identifying the security parameters to decrypt the first encrypted packet; and
  
  second header means having an identifier for identifying the security parameters to decrypt the second encrypted packet in order to secure streaming of the real time data.
- View Dependent Claims (21)
- - 21. The system of claim 20 wherein the first and second header means comprise obfuscated content identification and replay protection.

22. A communication system for streaming real-time content from a caching server to an authorized client, the system comprising:
- a content provider server;
  
  a client for requesting the content from the content provider server;
  
  a caching server communicably coupled to the client and the content provider server;
  
  a first protocol signal including its header and payload being encrypted at an application layer to form an encrypted first protocol signal;
  
  a second protocol signal including its header and payload being encrypted at the application layer to form an encrypted second protocol signal; and
  
  wherein the caching server and the client exchange one or more of the encrypted first and second protocol signals to secure streaming of the real-time content to the client.

23. A method for securely streaming real-time content from a caching server to an authorized client, the system comprising:
- encrypting a first protocol message having a header and a payload, the first protocol message being encrypted in its entirety;
  
  providing a first clear header for the encrypted first protocol message;
  
  encrypting a second protocol message having a header and a payload, the second protocol message being encrypted in its entirety;
  
  providing a second clear header for the encrypted second protocol message; and
  
  transmitting the encrypted protocol messages, the first clear header and the second clear header in order to securely stream the real-time content from the caching server to the authorized client.

24. The method of claim 24 further comprising providing an initialization vector in the first clear header;
- and providing an initialization vector in the second clear header.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
General Instrument Corporation (CommScope Holding Company, Inc.)
Inventors
Medvinsky, Alexander, Peterka, Petr

Granted Patent

US 7,237,108 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/160
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

H04L 63/0407   wherein the identity of one...

H04L 63/0457   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 65/1101   Session protocols

H04L 65/65   Network streaming protocols...

H04L 65/70   Media network packetisation

Encryption of streaming control protocols and their headers

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

78 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Encryption of streaming control protocols and their headers

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links