ELECTRONIC RENTAL SERVICE SYSTEM AND METHOD FOR DIGITAL CONTENT

US 20110123025A1
Filed: 06/05/2009
Published: 05/26/2011
Est. Priority Date: 06/06/2008
Status: Abandoned Application

First Claim

Patent Images

1. A system for making digital content data available to one of a plurality of end user stations, the system comprising:

a source comprising a processor for receiving the digital content data and for generating source encrypted data comprising at least the content data encrypted with a key of a content encryption key pair; and

share data relating to the key of the content encryption key pair;

at least the share data relating to the key of the content encryption key pair being encrypted with a first key of a second encryption key pair, which second key pair is associated with a targeted intermediate station;

a data transmission path between the source and the targeted intermediate station for forwarding the source encrypted data to the targeted intermediate station;

the targeted intermediate station comprising a processor for receiving the source encrypted data;

a portable data storage device associated with the end user station, the end user station being associated with a third encryption key pair comprising a first key and a second key;

the processor at the intermediate station being configured to be placed in data communication with the portable storage device and to generate intermediate station encrypted data by decrypting the encrypted share data relating to the key of the content encryption key pair utilizing the second key of the second key pair and encrypting resulting decrypted data utilizing a first key of the third key pair;

the portable storage device being configured to be brought into data communication with a decryption processor at the end user station;

a content encryption key reconstruction processor configured to utilize an algorithm and input data comprising at least one of said share data relating to the key of the content encryption key pair and other data, to reconstruct the content encryption key;

the decryption processor being configured to decrypt the intermediate station encrypted data utilizing the second key of the third key pair and to use the reconstructed content encryption key to decrypt the encrypted content data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for making digital content data available to an end user station (26.1) comprises a source (12) for generating source encrypted data comprising the content data encrypted with a key (15) of a content encryption key (CEK) pair and share data relating to the CEK. The share data being encrypted with a first key of a second encryption key pair, which second key pair is associated with a targeted intermediate station 18.1. The intermediate station 18.1 comprises a processor 22.1 for receiving the source encrypted data. The processor at the intermediate station is configured to be placed in data communication with a portable storage device (PSD), which is associated with the end user station 26.1. The end user station is associated with a third encryption key pair. The processor 22.1 is configured to generate intermediate station encrypted data by decrypting the encrypted share data utilizing a key of the second key pair and encrypting resulting decrypted data utilizing a key of the third key pair. A CEK reconstruction processor is configured to utilize an algorithm and input share data to reconstruct the CEK. A decryption processor is configured to use the reconstructed CEK, to decrypt the encrypted content data.

9 Citations

15 Claims

1. A system for making digital content data available to one of a plurality of end user stations, the system comprising:
- a source comprising a processor for receiving the digital content data and for generating source encrypted data comprising at least the content data encrypted with a key of a content encryption key pair; and
  
  share data relating to the key of the content encryption key pair;
  
  at least the share data relating to the key of the content encryption key pair being encrypted with a first key of a second encryption key pair, which second key pair is associated with a targeted intermediate station;
  
  a data transmission path between the source and the targeted intermediate station for forwarding the source encrypted data to the targeted intermediate station;
  
  the targeted intermediate station comprising a processor for receiving the source encrypted data;
  
  a portable data storage device associated with the end user station, the end user station being associated with a third encryption key pair comprising a first key and a second key;
  
  the processor at the intermediate station being configured to be placed in data communication with the portable storage device and to generate intermediate station encrypted data by decrypting the encrypted share data relating to the key of the content encryption key pair utilizing the second key of the second key pair and encrypting resulting decrypted data utilizing a first key of the third key pair;
  
  the portable storage device being configured to be brought into data communication with a decryption processor at the end user station;
  
  a content encryption key reconstruction processor configured to utilize an algorithm and input data comprising at least one of said share data relating to the key of the content encryption key pair and other data, to reconstruct the content encryption key;
  
  the decryption processor being configured to decrypt the intermediate station encrypted data utilizing the second key of the third key pair and to use the reconstructed content encryption key to decrypt the encrypted content data.
- View Dependent Claims (2, 3, 4, 5, 7, 15)
- - 2. A system as claimed in claim 1 wherein the content encryption key pair is a symmetric key pair and the second and third key pairs are asymmetric key pairs.
  - 3. A system as claimed in claim 1, wherein items with different content data are each encrypted with a key of a respective unique content encryption key pair.
  - 4. A system as claimed in claim 1, wherein the intermediate station comprises a publically accessible kiosk.
  - 5. A system as claimed in claim 1, wherein the decryption processor at the end user station is housed in set-top box and wherein the third encryption key pair is associated with at least one of the set-top box, a SIM card and other token associated by the set-top box.
  - 7. A system as claimed in claim 1, wherein the portable data storage device associated with the end user station comprises any one of a USB memory stick, a computer memory stick, a portable computer hard drive and the like.
  - 15. A method as claimed in claim 1, wherein the content data is caused to be played out on a monitor at the user station, after a content encryption key reconstruction processor has reconstructed the content encryption key from share data which is communicated to the reconstruction processor.

6. A system as claimed in claim 6 wherein the decrypted content data is played out on a monitor connected to the set-top box.

8. A user station device comprising a content encryption key reconstruction processor, a decryption processor and a port for receiving a portable data storage device, the data storage device storing device data comprising content data which is encrypted with a content encryption key and share data relating to the content encryption key, the content encryption key reconstruction processor being configured to utilize an algorithm and share data to reconstruct the content encryption key;
- and the decryption processor being configured to decrypt the encrypted content data utilizing the reconstructed content encryption key.

9. An intermediate station for a system for making digital content data available to one of a plurality of end user stations, the intermediate station comprising a processor for receiving from a source, source encrypted data comprising at least the content data encrypted with a key of a first encryption key pair and share data relating to the key of the content encryption key pair encrypted with a first key of a second encryption key pair, which second encryption key pair is associated with the intermediate station;
- the processor at the intermediate station being configured to be placed in data communication with a portable data storage device associated with the end user station, the end user station being associated with a third encryption key pair comprising a first key and a second key, the processor being configured to generate intermediate station encrypted data by decrypting the encrypted share data relating to the key of the content encryption key pair utilizing the second key of the second key pair and encrypting resulting decrypted data utilizing a first key of the third key pair.
- View Dependent Claims (10)
- - 10. An intermediate station as claimed in claim 9 which is in the form of a publically accessible kiosk housing the processor, an interface for receiving the portable data storage device and which interface is connected to the processor, a screen on which previews of user selectable digital content data items are played out and a user operable selection mechanism for making a selection of selectable items.

11. A method of making digital content data available to at least one user station, the method comprising the steps of:
- at a source, generating source encrypted data by encrypting the content data with a key of a content encryption key pair;
  
  adding share data relating to the key of the content encryption key pair; and
  
  encrypting at least the share data relating to the key of the content encryption key pair with a first key of a second encryption key pair, the second encryption key pair being associated with an intermediate station;
  
  forwarding the source encrypted data to the intermediate station;
  
  at the intermediate station, causing intermediate station encrypted data to be generated by decrypting the encrypted share data relating to the key of the content encryption key utilizing a second key of the second encryption key pair and encrypting resulting decrypted data with a first key of a third key pair, which third key pair is associated with the user station; and
  
  causing the intermediate station encrypted data to be made available on a portable data storage device.
- View Dependent Claims (12, 13, 14)
- - 12. A method as claimed in claim 11 wherein the content encryption key pair is a symmetric key pair and the first and second key pairs are asymmetric key pairs.
  - 13. A method as claimed in claim 11, wherein the content data, before it is encrypted, comprises data relating to a digital rights management regime.
  - 14. A method as claimed in claim 11, wherein the share data relating to the key of the content encryption key is added as part of a digital certificate, which certificate is associated with the encrypted content data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Altech Uec (Pty) Ltd.
Original Assignee
Altech Uec (Pty) Ltd.
Inventors
Sullivan, Alan John

Application Number

US12/996,566
Publication Number

US 20110123025A1
Time in Patent Office

Days
Field of Search
US Class Current

380/259
CPC Class Codes

G06F 21/10 Protecting distributed prog...

H04L 63/0428 wherein the data content is...

ELECTRONIC RENTAL SERVICE SYSTEM AND METHOD FOR DIGITAL CONTENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

ELECTRONIC RENTAL SERVICE SYSTEM AND METHOD FOR DIGITAL CONTENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links