Authentication of data transmitted in a digital transmission system

US 20040125959A1
Filed: 04/16/2003
Published: 07/01/2004
Est. Priority Date: 04/03/2000
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating data transmitted in a digital transmission system, said method comprising the steps, prior to transmission, of:

determining at least two encrypted values for at least some of the data, each encrypted value being determined for the same data using a key of a respective encryption algorithm; and

outputting said at least two encrypted values with said data.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating data transmitted in a digital transmission system, in which the method comprises the steps, prior to transmission, of determining at least two encrypted values for at least some of the data, each encrypted value being determined using a key of a respective encryption algorithm, and outputting said at least two encrypted values with said data.

64 Citations

View as Search Results

53 Claims

1. A method of authenticating data transmitted in a digital transmission system, said method comprising the steps, prior to transmission, of:
- determining at least two encrypted values for at least some of the data, each encrypted value being determined for the same data using a key of a respective encryption algorithm; and
  
  outputting said at least two encrypted values with said data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 2. A method according to claim 1, wherein said data comprises a key.
  - 3. A method according to claim 2, wherein said data comprises at least one digital certificate containing a public key of an encryption algorithm for processing data.
  - 4. A method according to claim 3, wherein said data comprises at least one digital root certificate containing a public key of an encryption algorithm for processing data.
  - 5. A method according to claim 3 or claim 4, wherein said at least one digital certificate comprises a digital signature calculated using a private key of the encryption algorithm of the public key contained in that certificate.
  - 6. A method according to any preceding claim, wherein said data comprises an identifier of a revoked public key.
  - 7. A method according to claim 6, wherein said identifier comprises an identifier of a digital certificate containing said revoked public key.
  - 8. A method according to claim 7, wherein said identifier comprises an identifier of a digital root certificate containing said revoked public key.
  - 9. A method according to any of claims 6 to 8, wherein said data comprises a plurality of said identifiers, each identifier identifying a respective revoked public key.
  - 10. A method according to any preceding claim, wherein each algorithm is asymmetric.
  - 11. A method according to any preceding claim, wherein each encrypted value corresponds to a digital signature calculated using a private key of a respective encryption algorithm, each signature being processable using a public key of said encryption algorithm.
  - 12. A method according to claim 11, comprising the step of outputting, with each signature, an identifier of the public key to be used to process that signature.
  - 13. A method according to any preceding claim, wherein the data and encrypted values are output for transmission to a receiver/decoder.
  - 14. A method according to any preceding claim, wherein said data and said encrypted values are received by a receiver/decoder, wherein each encrypted value is processed using a key of said respective encryption algorithm, and each subsequently resulting value is compared with said at least some of the data to authenticate said at least some of the data.
  - 16. A method according to claim 14 or claim 15, wherein said received data is rejected if at least one of the subsequently resulting values is different from said at least some of the data.
  - 17. A method according to any preceding claim, wherein said data and said at least two encrypted values are organised in a data file.
  - 18. A method according to claim 17, wherein said data file comprises an indication of the minimum number of encrypted values to be stored with said data in the subsequently generated data file.
  - 19. A method according to claim 18, wherein said data file is received by a receiver/decoder, wherein the number of encrypted values stored in said data file is compared with said minimum number, and said data file is rejected if the number of encrypted values stored in said data file is less than said minimum number.
  - 20. A method according to any of claims 17 to 19, wherein said data file is output in a data module.
  - 21. A method according to claim 20, wherein a module encrypted value for at least some of the data in said module is calculated using a key of a transmitter encryption algorithm and output in said data module.
  - 22. A method according to claim 21, wherein said data module is received by a receiver/decoder, wherein said module encrypted value is processed using a key of a transmitter encryption algorithm, and the subsequently resulting value is compared with said at least some of the data in said module to authenticate said at least some of the data in said module.
  - 23. A method according to any of claims 20 to 22, wherein said encrypted value for at least some of the data in said module corresponds to a digital signature calculated using a private key of a transmitter encryption algorithm and processable using a public key of said transmitter encryption algorithm.
  - 24. A method according to any preceding claim, wherein said digital transmission system is a digital broadcast system.

15. A method of authenticating data transmitted in a digital transmission system, said method comprising the steps of:
- receiving said data and at least two encrypted values determined for at least some of the data, each encrypted value being determined using a key of a respective encryption algorithm;
  
  storing a plurality of keys;
  
  processing each encrypted value using a stored key of said respective encryption algorithm; and
  
  comparing each subsequently resulting value with said at least some of the data to authenticate said at least some of the data.

25. Apparatus for authenticating data to be transmitted in a digital transmission system, said apparatus comprising:
- means for determining at least two encrypted values for at least some of the data, each encrypted value being determined for the same data using a key of a respective encryption algorithm; and
  
  means for outputting said at least two encrypted values with said data.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 47)
- - 26. Apparatus according to claim 25, wherein said data comprises a key.
  - 27. Apparatus according to claim 26, wherein said data comprises at least one digital certificate containing a public key of an encryption algorithm for processing data.
  - 28. Apparatus according to claim 27, wherein said data comprises at least one digital root certificate containing a public key of an encryption algorithm for processing data.
  - 29. Apparatus according to claim 27 or claim 28, wherein said at least one digital certificate comprises a digital signature calculated using a private key of the encryption algorithm of the public key contained in that certificate.
  - 30. Apparatus according to any of claims 25 to 29, wherein said data comprises an identifier of a revoked public key.
  - 31. Apparatus according to claim 30, wherein said identifier comprises an identifier of a digital certificate containing said revoked public key.
  - 32. Apparatus according to claim 31, wherein said identifier comprises an identifier of a digital root certificate containing said revoked public key.
  - 33. Apparatus according to any of claims 30 to 32, wherein said data comprises a plurality of said identifiers, each identifier identifying a respective revoked public key.
  - 34. Apparatus according to any of claims 25 to 33, wherein each algorithm is asymmetric.
  - 35. Apparatus according to claim 34, wherein each encrypted value corresponds to a digital signature calculated using a private key of a respective encryption algorithm, each signature being processable using a public key of said encryption algorithm.
  - 36. Apparatus according to claim 35, wherein said output means is adapted to output, with each signature, an identifier of the public key to be used to process that signature.
  - 37. Apparatus according to any of claims 25 to 36, comprising means for organising said data and said at least two encrypted values in a data file.
  - 38. Apparatus according to claim 37, wherein said data file comprises an indication of the minimum number of encrypted values to be output with said data in the subsequently generated data file.
  - 39. A system for authenticating data transmitted in a digital transmission system, said system comprising apparatus as claimed in any of claims 25 to 38.
  - 40. A system as claimed in claim 39, further comprising a receiver/decoder comprising means for receiving said data and said encrypted values, means for processing each encrypted value using a key of said respective encryption algorithm, and means for comparing each subsequently resulting value with said at least some of the data to authenticate said at least some of the data.
  - 47. A system for authenticating data transmitted in a digital transmission system, said system comprising apparatus as claimed in any of claims 25 to 38 and a receiver/decoder as claimed in any of claims 41 to 46.

41. A receiver/decoder comprising:
- means for receiving a data file comprising data and at least two encrypted values determined for at least some of the data, each encrypted value being determined using a key of a respective encryption algorithm;
  
  means for storing a plurality of keys;
  
  means for processing each encrypted value using a stored key of said respective encryption algorithm; and
  
  means for comparing each subsequently resulting value with said at least some of the data to authenticate said at least some of the data.
- View Dependent Claims (42, 43, 44, 45, 46)
- - 42. A receiver/decoder according to claim 41, comprising means for rejecting said data file if at least one of the subsequently resulting values is different from said at least some of the data.
  - 43. A receiver/decoder according to claim 41 or claim 42, wherein each encrypted value corresponds to a digital signature calculated using a private key of a respective encryption algorithm, said processing means being adapted to process each signature using a stored public key of said encryption algorithm.
  - 44. A receiver/decoder according to claim 43, wherein each stored public key is contained in a respective digital certificate stored in said storage means.
  - 45. A receiver/decoder according to claim 44, wherein said processing means is adapted to process each signature value using a public key contained in a stored digital certificate identified by an identifier transmitted with that signature value.
  - 46. A receiver/decoder according to any of claims 41 to 45, comprising means for revoking a stored key according to an identifier of that stored key contained within said data.

48. A signal comprising data and at least two encrypted values determined for at least some of the data, each encrypted value being determined for the same data using a key of a respective encryption algorithm.

49. A method of authenticating data substantially as herein described with reference to the accompanying drawings.

50. Apparatus for authenticating data substantially as herein described with reference to the accompanying drawings.

51. A receiver/decoder substantially as herein described with reference to the accompanying drawings.

52. A system for authenticating data substantially as herein described.

53. A signal substantially as herein described with reference to the accompanying drawings.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
InterDigital Patent Holdings, Inc. (InterDigital, Inc.)
Original Assignee
Thomson Licensing (Vantiva SA)
Inventors
Poulain, Philippe, Beuque, Jean-Bernard Gerard Maurice

Granted Patent

US 7,437,561 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/279
CPC Class Codes

H04L 2209/601   Broadcast encryption

H04L 63/12   Applying verification of th...

H04L 9/0891   Revocation or update of sec...

H04L 9/3247   involving digital signatures

H04L 9/3268   using certificate validatio...

H04N 21/2347   involving video stream encr...

H04N 21/235   Processing of additional da...

H04N 21/2362   Generation or processing of...

H04N 21/2541   Rights Management protectin...

H04N 21/26613   for generating or managing ...

H04N 21/435   Processing of additional da...

H04N 21/4405   involving video stream decr...

H04N 21/63345   by transmitting keys key di...

H04N 21/6433   Digital Storage Media - Com...

H04N 21/835   Generation of protective da...

H04N 7/1675   Providing digital key or au...

Authentication of data transmitted in a digital transmission system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

53 Claims

Specification

Use Cases

Quick Links

Others

Authentication of data transmitted in a digital transmission system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

53 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others