Supporting multiple key ladders using a common private key set

US 20070239605A1
Filed: 04/06/2006
Published: 10/11/2007
Est. Priority Date: 04/06/2006
Status: Abandoned Application

First Claim

Patent Images

1. A security module, comprising:

first circuitry to hold a first private key associated with a first vendor of first media information;

a first cryptographic module to operate on the first private key to generate a first result for decrypting the first media information; and

a second cryptographic module to operate on the first private key to generate a second result.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus may include circuitry to permanently and inaccessibly store a first private key that is a shared secret between a manufacturer of the circuitry and a first vendor of first encrypted media information. It may also include a key ladder to provide plural layers of encryption to the first private key to generate a first result for decrypting the first encrypted media information. A cryptographic module may encrypt the first private key to generate a second result for a security purpose other than decrypting media information. The module also may include a key ladder, and the apparatus may include other key ladders using the private key.

Citations

20 Claims

1. A security module, comprising:
- first circuitry to hold a first private key associated with a first vendor of first media information;
  
  a first cryptographic module to operate on the first private key to generate a first result for decrypting the first media information; and
  
  a second cryptographic module to operate on the first private key to generate a second result.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The security module of claim 1, further comprising:
    - a multiplexer arranged to provide one or more private keys to the first and second cryptographic modules.
  - 3. The security module of claim 1, wherein the first cryptographic module includes:
    - a first ladder of two or more tiered cipher units to receive the first private key and to generate the first result.
  - 4. The security module of claim 3, further comprising:
    - first storage to hold two or more run time keys from the first vendor that are inputs to the two or more tiered cipher units in the first ladder.
  - 5. The security module of claim 3, wherein the second cryptographic module includes:
    - a second ladder of three or more tiered cipher units to receive the first private key and to generate the second result.
  - 6. The security module of claim 5, further comprising:
    - second storage to hold three or more run time keys that are inputs to the three or more tiered cipher units in the second ladder.
  - 7. The security module of claim 1, further comprising:
    - second circuitry to hold a second private key associated with a second vendor of second media information;
      
      a third cryptographic module to operate on the second private key to generate a third result for decrypting the second media information.

8. An apparatus, comprising:
- circuitry to permanently and inaccessibly store a first private key that is a shared secret between a manufacturer of the circuitry and a first vendor of first encrypted media information;
  
  a key ladder to provide plural layers of encryption to the first private key to generate a first result for decrypting the first encrypted media information; and
  
  a cryptographic module to encrypt the first private key to generate a second result for a security purpose other than decrypting media information.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The apparatus of claim 8, further comprising:
    - a multiplexer arranged to provide the first private key to the key ladder and to the cryptographic module.
  - 10. The apparatus of claim 8, further comprising:
    - a memory to hold plural run time keys from the first vendor that are inputs to the key ladder.
  - 11. The apparatus of claim 8, further comprising:
    - a processor to decrypt the first encrypted media information using the first result from the key ladder.
  - 12. The apparatus of claim 8, wherein the purpose other than decrypting is secure booting, securing access to a storage device, or encrypting a data path.
  - 13. The apparatus of claim 8, further comprising:
    - second circuitry to permanently store a second private key that is associated with a second vendor of second encrypted media information; and
      
      a second cryptographic module to encrypt the second private key to generate a second result for decrypting the second encrypted media information.

14. A system to decrypt media information from different vendors, comprising:
- at least one receiver to receive first encrypted media information and second encrypted media information from different vendors;
  
  storage to store at least a portion of the first encrypted media information and second encrypted media information;
  
  a security module to generate a first decryptor and a second decryptor, including;
  
  circuitry to store plural private keys respectively associated with the different vendors,a first crypto module associated with one of the different vendors to generate the first decryptor using one of the plural private keys, anda second crypto module associated with another of the different vendors to generate the second decryptor using another one of the plural private keys; and
  
  a processor to decrypt the first encrypted media information using the first decryptor and to decrypt the second encrypted media information using the second decryptor.
- View Dependent Claims (15, 16, 17)
- - 15. The system of claim 14, wherein the at least one receiver includes:
    - a first receiver to receive the first encrypted media information from a first transmission medium, anda second receiver to receive the second encrypted media information from a second transmission medium that is different from the first medium.
  - 16. The system of claim 14, wherein the first crypto module includes:
    - a ladder of plural cipher blocks to encrypt the one private key using plural run time keys supplied by the one vendor.
  - 17. The system of claim 14, wherein the security module includes:
    - a multiplexer to pass the plural private keys to the first crypto module and the second crypto module.

18. A method of enabling dual use of a private key, comprising:
- providing a private key permanently on a chip;
  
  enabling the private key to secure an aspect of a device; and
  
  enabling the private key to decrypt encrypted media information.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein the enabling the private key to secure includes:
    - providing a first key ladder on the chip to encode the private key to produce a result; and
      
      providing a processor to use the result to secure the aspect of the device.
  - 20. The method of claim 18, wherein the enabling the private key to decrypt includes:
    - providing a first key ladder on the chip to encode the private key to produce a result; and
      
      providing a processor to use the result to decrypt encrypted media information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Brown, Steve J., Bhatt, Dhiraj, Munguia, Peter, Loukianov, Dmitri

Application Number

US11/399,712
Publication Number

US 20070239605A1
Time in Patent Office

Days
Field of Search
US Class Current

705/50
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/72   in cryptographic circuits

H04L 9/0822   using key encryption key

H04N 21/4181   for conditional access

H04N 21/63345   by transmitting keys key di...

Supporting multiple key ladders using a common private key set

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Supporting multiple key ladders using a common private key set

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links