ACCESS TO AUTHORIZED DOMAINS

US 20090132811A1
Filed: 04/25/2007
Published: 05/21/2009
Est. Priority Date: 05/02/2006
Status: Active Grant

First Claim

Patent Images

1. In a domain comprising a plurality of devices, the devices in the domain sharing a common domain key, a method of enabling an entity that is not a member of the domain to create an object that can be authenticated and/or decrypted using the common domain key, the method comprisingproviding to the entity that is not a member of the domain a diversified key that is derived using a one-way function from at least the common domain key for creating authentication data related to said object and/or for encrypting at least part of said object, andauthenticating and/or decrypting said object using the diversified key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a domain comprising a plurality of devices, the devices in the domain sharing a common domain key, a method of enabling a entity that is not a member of the domain to create an object that can be authenticated and/or decrypted using the common domain key, the method comprising providing to the entity that is not a member of the domain a diversified key that is derived using a one-way function from at least the common domain key for creating authentication data related to said object and/or for encrypting said object, the devices in the domain being configured to authenticate and/or decrypt said object using the diversified key.

57 Citations

View as Search Results

12 Claims

1. In a domain comprising a plurality of devices, the devices in the domain sharing a common domain key, a method of enabling an entity that is not a member of the domain to create an object that can be authenticated and/or decrypted using the common domain key, the method comprisingproviding to the entity that is not a member of the domain a diversified key that is derived using a one-way function from at least the common domain key for creating authentication data related to said object and/or for encrypting at least part of said object, andauthenticating and/or decrypting said object using the diversified key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, in which the one-way function comprises a keyed cryptographic hash function.
  - 3. The method of claim 2, in which the input used in said keyed cryptographic hash function comprises a representation of an identity of the entity that is not a member of the domain and the key used is the common domain key.
  - 4. The method of claim 1, in which the diversified key is derived by truncating the output of the one-way function to a predetermined number of bits.
  - 5. The method of claim 1, further comprising creating a digitally signed validation token comprising a representation of an identity of the entity that is not a member of the domain.
  - 6. The method of claim 1, further comprising creating a message authentication code for the object provided by the entity that is not a member of the domain using the common domain key.
  - 7. The method of claim 1, in which the objects comprise digital rights for accessing content.
  - 8. The method of claim 1, comprising deriving the diversified key using the one-way function from the common domain key and from a representation of an identity of the entity that is not a member of the domain.

9. A system comprising a domain comprising a plurality of devices, the devices in the domain sharing a common domain key, the system being configured for enabling an entity that is not a member of the domain to create an object that can be authenticated and/or decrypted using the common domain key by comprising providing to the entity that is not a member of the domain a diversified key that is derived using a one-way function from at least the common domain key for creating authentication data related to said object and/or encrypting said object, the devices in the domain being configured to authenticate and/or decrypt said object using the diversified key.

10. A device comprised in a domain, the devices in the domain sharing a common domain key, the device being configured for receiving an object from an entity that is not a member of the domain, for deriving a diversified key using a one-way function from at least the common domain key, and for authenticating and/or decrypting the object using the diversified key.
- View Dependent Claims (11, 12)
- - 11. The device of claim 10, being configured for computing a message authentication code for the object using the common domain key and for distributing the object to another device in the domain in conjunction with the computed message authentication code.
  - 12. The device of claim 11, being configured for receiving a new common domain key, computing a new message authentication code for the object using the new common domain key and distributing the object to another device in the domain in conjunction with the computed message authentication code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Koninklijke Philips N.V.
Original Assignee
Koninklijke Philips Electronics N.V. (Koninklijke Philips N.V.)
Inventors
Montaner, Javier, Iacob, Sorin Marcel, Koraichi, Najib, Koster, Robert Paul

Granted Patent

US 8,761,398 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04L 2209/603   Digital right managament [DRM]

H04L 9/00   Cryptographic mechanisms or...

H04N 21/43615   Interfacing a Home Network,...

H04N 21/835   Generation of protective da...

ACCESS TO AUTHORIZED DOMAINS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

57 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

ACCESS TO AUTHORIZED DOMAINS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links