KEY DISTRIBUTION SYSTEM
First Claim
1. A key distribution system for controlling access to content by a plurality of rendering devices, comprising:
- an epoch module to provide a plurality of epochs, each of the epochs including a plurality of service key periods;
a service key module to provide a plurality of service keys so that, for each one of the epochs, a batch of the service keys is provided for employment in decryption of the content across the service key periods of the one epoch;
a group module to provide a plurality of group keys for each of the epochs such that;
for each of the epochs, each of the rendering devices is assigned one of the group keys such that more than one of the rendering devices may be assigned a same one of the group keys;
for each of the epochs, the assignment of the group keys groups together the rendering devices having the same one group key, thereby defining a plurality of groups;
each of the service keys is valid across all the groups; and
in different ones of the epochs, the rendering devices are grouped differently;
an encryption module to encrypt, for each of the epochs, each of the service keys, in the batch of the service keys with each of the group keys, such that each of the service keys is individually encrypted with a different one of the group keys yielding a plurality of group-key-encrypted service keys from each of the service keys; and
a delivery module to distribute to the rendering devices, for each one of the epochs, the group-key-encrypted service keys for the batch of the service keys and the group keys of the one epoch.
1 Assignment
0 Petitions
Accused Products
Abstract
A key distribution system for controlling access to content by rendering devices, comprising an epoch module to provide epochs, each epoch including service key periods, a service key module to provide a batch of service keys, a group module to provide group keys for each epoch such that each rendering device is assigned a group key grouping together the devices having the same group key, thereby defining groups, in different epochs the devices are grouped differently, an encryption module to encrypt, for each epoch, each service key in the batch of service keys, individually with each group key yielding a plurality of group-key-encrypted service keys from each service key, and a delivery module to distribute to the devices, for each one of the epochs, the group-key-encrypted service keys for the batch of service keys and the group keys of the one epoch. Related apparatus and methods are also described.
-
Citations
38 Claims
-
1. A key distribution system for controlling access to content by a plurality of rendering devices, comprising:
-
an epoch module to provide a plurality of epochs, each of the epochs including a plurality of service key periods; a service key module to provide a plurality of service keys so that, for each one of the epochs, a batch of the service keys is provided for employment in decryption of the content across the service key periods of the one epoch; a group module to provide a plurality of group keys for each of the epochs such that;
for each of the epochs, each of the rendering devices is assigned one of the group keys such that more than one of the rendering devices may be assigned a same one of the group keys;
for each of the epochs, the assignment of the group keys groups together the rendering devices having the same one group key, thereby defining a plurality of groups;
each of the service keys is valid across all the groups; and
in different ones of the epochs, the rendering devices are grouped differently;an encryption module to encrypt, for each of the epochs, each of the service keys, in the batch of the service keys with each of the group keys, such that each of the service keys is individually encrypted with a different one of the group keys yielding a plurality of group-key-encrypted service keys from each of the service keys; and a delivery module to distribute to the rendering devices, for each one of the epochs, the group-key-encrypted service keys for the batch of the service keys and the group keys of the one epoch. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25-33. -33. (canceled)
-
34. A key distribution method for controlling access to content by a plurality of rendering devices, comprising:
-
providing a plurality of epochs, each of the epochs including a plurality of service key periods; providing a plurality of service keys so that, for each one of the epochs, a batch of the service keys is provided for employment in decryption of the content across the service key periods of the one epoch; providing a plurality of group keys for each of the epochs such that;
for each of the epochs, each of the rendering devices is assigned one of the group keys such that more than one of the rendering devices may be assigned a same one of the group keys;
for each of the epochs, the assignment of the group keys groups together the rendering devices having the same one group key, thereby defining a plurality of groups;
each of the service keys is valid across all the groups; and
in different ones of the epochs, the rendering devices are grouped differently;encrypting, for each of the epochs, each of the service keys, in the batch of the service keys with each of the group keys, such that each of the service keys is individually encrypted with a different one of the group keys yielding a plurality of group-key-encrypted service keys from each of the service keys; and distributing to the rendering devices, for each one of the epochs, the group-key-encrypted service keys for the batch of the service keys and the group keys of the one epoch.
-
-
35-37. -37. (canceled)
-
38. A key distribution system for controlling access to content by a plurality of rendering devices, comprising:
-
means for providing a plurality of epochs, each of the epochs including a plurality of service key periods; means for providing a plurality of service keys so that, for each one of the epochs, a batch of the service keys is provided for employment in decryption of the content across the service key periods of the one epoch; means for providing a plurality of group keys for each of the epochs such that;
for each of the epochs, each of the rendering devices is assigned one of the group keys such that more than one of the rendering devices may be assigned a same one of the group keys;
for each of the epochs, the assignment of the group keys groups together the rendering devices having the same one group key, thereby defining a plurality of groups;
each of the service keys is valid across all the groups; and
in different ones of the epochs, the rendering devices are grouped differently;means for encrypting, for each of the epochs, each of the service keys, in the batch of the service keys with each of the group keys, such that each of the service keys is individually encrypted with a different one of the group keys yielding a plurality of group-key-encrypted service keys from each of the service keys; and means for distributing to the rendering devices, for each one of the epochs, the group-key-encrypted service keys for the batch of the service keys and the group keys of the one epoch.
-
Specification