Systems and methods for detecting and deterring rollback attacks

US 20030115469A1
Filed: 12/14/2001
Published: 06/19/2003
Est. Priority Date: 12/14/2001
Status: Abandoned Application

First Claim

Patent Images

1. A system for detecting and deterring rollback attacks, comprising:

a variable time period (VTP);

a time duration to a next connection (TDNC);

an access log;

a server to transmit the variable time period (VTP) and the time duration to the next connection (TDNC) and to verify the access log; and

a client to update the access log approximately every variable time period (VTP) and to connect to the server approximately after the time duration to the next connection (TDNC).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A log of access to protected content is kept that has forced periodic updates, even if no access has occurred. Systems and methods make it difficult to determine when the access log will be modified next. A server securely sends a variable time period (VTP) and a time duration to the next connection (TDNC) to a client. These two values determine how often the client must update the access log and how long the client must wait before establishing communication with the server. Thus, the server is able to detect and deter rollback attacks.

Citations

33 Claims

1. A system for detecting and deterring rollback attacks, comprising:
- a variable time period (VTP);
  
  a time duration to a next connection (TDNC);
  
  an access log;
  
  a server to transmit the variable time period (VTP) and the time duration to the next connection (TDNC) and to verify the access log; and
  
  a client to update the access log approximately every variable time period (VTP) and to connect to the server approximately after the time duration to the next connection (TDNC).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system as recited in claim 1, wherein the client is a personal computer (PC).
  - 3. The system as recited in claim 1, wherein the client is a set-top box.
  - 4. The system as recited in claim 1, wherein the server is a video home server.
  - 5. The system as recited in claim 1, wherein the server is a pay-per-view video server.
  - 6. The system as recited in claim 1, wherein the server is a video-on-demand server.
  - 7. The system as recited in claim 1, wherein the server is a media content provider.
  - 8. The system as recited in claim 1, wherein the next connection is a Secure Authenticated Channel (SAC).
  - 9. The system as recited in claim 1, wherein the access log is used for billing.

10. A method for detecting and deterring rollback attacks, comprising:
- establishing a shared secret between a client and a server;
  
  transmitting, by the server to the client, a variable time period (VTP) and a time duration to a next connection (TDNC);
  
  updating, by the client, an access log approximately every variable time period (VTP);
  
  initiating, by the client to the server, a connection approximately after the time duration to the next connection (TDNC);
  
  transmitting, by the client to the server, the access log; and
  
  verifying, by the server, the access log.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The method as recited in claim 10, further comprising:
    - establishing a new shared secret between the client and the server each time the client connects to the server.
  - 12. The method as recited in claim 10, further comprising:
    - establishing a new variable time period (VTP) and a new time duration to a next connection (TDNC) each time the client connects to the server.
  - 13. The method as recited in claim 10, further comprising:
    - incrementing, by the client, a counter, after each update to the access log.
  - 14. The method as recited in claim 10, further comprising:
    - automatically detecting an anomaly.
  - 15. The method as recited in claim 14, further comprising:
    - decreasing the variable time period (VTP), upon detecting an anomaly.
  - 16. The method as recited in claim 14, further comprising:
    - decreasing the time duration to a next connection (TDNC), upon detecting an anomaly.
  - 17. The method as recited in claim 10, further comprising:
    - encrypting the access log.
  - 18. The method as recited in claim 10, wherein each entry in the access log is encrypted.
  - 19. The method as recited in claim 10, wherein the access log is re-created, each time the client connects to the server.

20. A machine for detecting and deterring rollback attacks, comprising:
- a processor;
  
  a storage device coupled to the processor;
  
  a background component storable on the storage device and executable on the processor to update an access log approximately every variable time period (VTP); and
  
  a content player component storable on the storage device and executable on the processor to update the access log to indicate content provided.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The machine recited in claim 20, wherein the background component is capable of encrypting the access log.
  - 22. The machine recited in claim 20, wherein the background component is capable of encrypting each update to the access log.
  - 23. The machine recited in claim 20, further comprising:
    - a communication component capable of connecting to a server approximately after a time duration to a next connection (TDNC).
  - 24. The machine recited in claim 23, wherein the communication component is capable of transmitting the access log.
  - 25. The machine recited in claim 23, wherein the communication component is capable of receiving a new variable time period (VTP) and a new time duration to the next connection (TDNC).
  - 26. The machine recited in claim 20, wherein the communication component is capable of receiving a new access log.
  - 27. The machine recited in claim 26, wherein the background component is capable of decrypting the new access log.

28. A machine-accessible medium having associated content capable of directing the machine to perform a method of detecting and deterring rollback attacks, the method comprising:
- transmitting, by a server, a new access log; and
  
  transmitting, by the server, a new variable time period (VTP) and a new time duration to the next connection (TDNC).
- View Dependent Claims (29, 30, 31, 32, 33)
- - 29. The machine-accessible medium as recited in claim 28, wherein the method further comprises:
    - receiving, by the server, an old access log; and
      
      inspecting, by the server, the old access log.
  - 30. The machine-accessible medium as recited in claim 28, wherein the method further comprises:
    - establishing, by the server, a shared secret with a client;
      
      decrypting, by the server, the access log;
      
      encrypting, by the server, the new access log; and
      
      encrypting, by the server, the new variable time period (VTP) and the new time duration to the next connection (TDNC).
  - 31. The machine-accessible medium as recited in claim 28, wherein the method further comprises:
    - initiating, by a client, a connection with the server;
      
      transmitting, by the client, the access log to the server;
      
      receiving, by the client, the new access log;
      
      receiving, by the client, the new variable time period (VTP) and the new time duration to the next connection (TDNC); and
      
      storing, by the client, the new access log, the new variable time period (VTP), and the new time duration to the next connection (TDNC).
  - 32. The machine-accessible medium as recited in claim 28, wherein the method further comprises:
    - establishing, by a client, a shared secret with the server;
      
      encrypting, by the client, the access log;
      
      decrypting, by the client, the new access log; and
      
      decrypting, by the client, the new variable time period (VTP) and the new time duration to the next connection (TDNC).
  - 33. The machine-accessible medium as recited in claim 28, wherein the method further comprises:
    - updating, by a client, the new access log approximately every new variable time period (VTP).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Shippy, Keith L., Mangold, Richard P.

Application Number

US10/017,055
Publication Number

US 20030115469A1
Time in Patent Office

Days
Field of Search
US Class Current

713/178
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/57   Certifying or maintaining t...

G06F 2221/2101   Auditing as a secondary aspect

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/1425   Traffic logging, e.g. anoma...

Systems and methods for detecting and deterring rollback attacks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for detecting and deterring rollback attacks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links