Content Control Method Using Certificate Revocation Lists

US 20080010451A1
Filed: 11/06/2006
Published: 01/10/2008
Est. Priority Date: 07/07/2006
Status: Active Grant

First Claim

Patent Images

1. A method for verifying a certificate using a certificate revocation list, wherein portions of said certificate revocation list are received from an entity at a device, comprising:

processing said portions of a certificate revocation list sequentially using said device; and

searching for a reference to the certificate on said list using said device, wherein said processing and searching are performed concurrently.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Host devices present both the host certificate and the pertinent certificate revocation lists to the memory device for authentication so that the memory device need not obtain the list on its own. Processing of the certificate revocation list and searching for the certificate identification may be performed concurrently by the memory device. The certificate revocation lists for authenticating host devices to memory devices may be stored in an unsecured area of the memory device for convenience of users.

139 Citations

View as Search Results

11 Claims

1. A method for verifying a certificate using a certificate revocation list, wherein portions of said certificate revocation list are received from an entity at a device, comprising:
- processing said portions of a certificate revocation list sequentially using said device; and
  
  searching for a reference to the certificate on said list using said device, wherein said processing and searching are performed concurrently.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein portions of said list are received in a time sequence from the entity, and said processing is performed on the fly as the portions of the list are received.
  - 3. The method of claim 1, wherein said processing discards portions of the certificate revocation list after they have been processed.
  - 4. The method of claim 1, wherein said processing includes hashing the portions of the list as they are received by means of a hashing algorithm to obtain a hashed certificate revocation list.
  - 5. The method of claim 4, wherein portions of an encrypted hashed certificate revocation list are received at the device, said processing includes decrypting the encrypted hashed portions to obtain a decrypted and hashed certificate revocation list and comparing the hashed certificate revocation list with the decrypted and hashed certificate revocation list.
  - 6. The method of claim 1, wherein said portions include serial numbers of revoked certificates on the list.

7. A method for authenticating a host to a memory system configured to be removably connected to the host, said memory system comprising:
- a non-volatile memory storing at least one certificate revocation list, said non-volatile memory capable of storing data; and
  
  a controller controlling access by the host to said data through an authentication process, in which the host presents at least one certificate to the memory system;
  
  said method comprising;
  
  providing said at least one certificate revocation list to the host in response to a request from the host without authenticating the host;
  
  receiving said at least one certificate presented by the host and said at least one certificate revocation list;
  
  checking whether the at least one certificate presented by the host is on the at least one certificate revocation list, andfailing the authentication process when the at least one certificate presented by the host is on the at least one certificate revocation list.

8. A method for mutual authentication between a non-volatile memory device and a host, said non-volatile memory device removably connected to said host, wherein:
- presenting to the memory device by the host a first certificate and a certificate revocation list for verification of the first certificate by the memory device; and
  
  presenting to the host by the memory device a second certificate for verification by the host without a certificate revocation list.
- View Dependent Claims (9, 10)
- - 9. The method of claim 8, wherein the non-volatile memory device stores the certificate revocation list for the host, said method further comprising the host obtaining the certificate revocation list from the non-volatile memory device.
  - 10. The method of claim 9, further comprising the non-volatile memory device receiving said certificate revocation list from the host for authenticating the first certificate from the host.

11. A method for authenticating a host device by a memory system, comprising:
- removably connecting the memory system to the host device; and
  
  sending a certificate and a certificate revocation list from the host device to the memory system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SanDisk Technologies LLC (Western Digital Corporation)
Original Assignee
Sandisk Technologies Incorporated (Western Digital Corporation)
Inventors
Holtzman, Michael, Jogand-Coulomb, Fabrice, Barzilai, Ron, Sela, Rotem

Granted Patent

US 8,245,031 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/158
CPC Class Codes

H04L 2209/603   Digital right managament [DRM]

H04L 9/3228   One-time or temporary data,...

H04L 9/3263   involving certificates, e.g...

H04L 9/3273   for mutual authentication n...

Content Control Method Using Certificate Revocation Lists

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

139 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

Content Control Method Using Certificate Revocation Lists

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

139 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others