APPARATUS AND ASSOCIATED METHODOLOGY FOR MANAGING CONTENT CONTROL KEYS

US 20120063597A1
Filed: 09/15/2010
Published: 03/15/2012
Est. Priority Date: 09/15/2010
Status: Abandoned Application

First Claim

Patent Images

1. A method of creating and exchanging secret session keys for symmetric secret key encryption between a sending device and a receiving device without transmitting the actual secret session keys between the sending and receiving devices, the method comprising:

providing the receiving device with a unique device number, a unique user keycode number, and a symmetric secret key encryption algorithm;

providing the sending device with the symmetric secret key encryption algorithm, a seed value and a non-system randomizer to generate a predetermined number of pseudo-random bit data based on the seed value, the pseudo-random bit data being arranged into a random number table stored in an electronic memory of the sending device;

transmitting from the receiving device to the sending device through secured communication both the unique device number and the unique user keycode number;

assigning, at the sending device, the random number table to the unique device number and unique user keycode number, the assignment being stored in a secret index in the electronic memory of the sending device;

selecting, at the sending device, a secret session key as a subset of the pseudo-random bit data in the random number table;

assigning, at the sending device, a start pointer corresponding to a start point of the subset of pseudo-random bit data and an end pointer corresponding to an end point of the subset of pseudo-random bit data;

determining selected properties identifying length and location of the subset of pseudo-random bit data in the random number table, the subset of pseudo-random bit data being the secret session key;

storing the selected properties and the start and end pointers of the secret session key in a secret session key properties descriptor buffer of the sending device;

copying into a secret session key buffer at the sending device the secret session key corresponding to the selected properties of the secret session key from within the predetermined number of pseudo-random bit data in the random number table stored at the sending device index, by utilizing the start and end pointers to locate the secret session key;

transforming the contents of the secret session key properties descriptor buffer into mangled secret session key properties;

storing the data to be transmitted to the receiving device in an input/output buffer of the sending device;

encrypting, at the sending device, the data in the input/output buffer using the symmetric key encryption algorithm and the secret session key stored in the secret session key buffer to generate an encrypted content;

appending, at the sending device, the unique device number and the mangled secret session key properties as a header of the encrypted content;

creating a connection between the sending device and the receiving device;

transmitting the encrypted content with the appended header from the sending device to the receiving device;

verifying, at the receiving device, the unique device number in the header of the encrypted content with the unique device number stored in the receiving device to determine whether the receiving device is authorized to decrypt the encrypted content;

extracting, at the receiving device, the mangled secret session key properties when the receiving device is authorized to decrypt the encrypted content, the mangled session key properties being stored in a copied mangled secret session key properties descriptor buffer of the receiving device;

restoring the contents of the copied mangled secret session key properties descriptor buffer, the restored secret session key properties corresponding to the secret session key properties at the sending device, the restored session key properties including the selected properties, the start pointer and the end pointer of the secret session key;

utilizing, at the receiving device, at least a subset of the selected properties, the starting pointer and the end pointer to extract the secret session key from a predetermined number of pseudo-random bit data previously stored in the receiving device, the predetermined number of pseudo-random bit data stored in the receiving device corresponding to the predetermined number of pseudo-random bit data stored in the sending device, the extracted secret session key being a duplicate of the secret session key stored in the sending device;

decrypting the encrypted content at the receiving device using the symmetric key encryption algorithm and the extracted secret session key when the receiving device is authorized to decrypt the encrypted content, the decrypted content being stored in an input/output buffer of the receiving device; and

securely using, reading or playing the contents of the input/output buffer of the receiving device, the secret session key having been successfully created and exchanged between the sending and receiving devices without exchanging or transmitting the actual secret session keys therebetween, the secure communication between the sending and receiving devices of encrypted content being maintained until termination of the communication is initiated by at least one of the sending and receiving devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of exchanging secret session keys in symmetric encryption communication includes storing random number tables in both the sending and receiving devices. The sending device then determines the secret session key utilizing the random number table, and transmits to the receiving device information for locating the secret session key within the random number table. Thus, the sending device shares the secret session key with the receiving device without actually transmitting the secret session key. The random number tables may be transmitted from one device to the other or be preinstalled in each device. Further, a common seed value may be used by each device to generate the random number table independently.

60 Citations

View as Search Results

40 Claims

1. A method of creating and exchanging secret session keys for symmetric secret key encryption between a sending device and a receiving device without transmitting the actual secret session keys between the sending and receiving devices, the method comprising:
- providing the receiving device with a unique device number, a unique user keycode number, and a symmetric secret key encryption algorithm;
  
  providing the sending device with the symmetric secret key encryption algorithm, a seed value and a non-system randomizer to generate a predetermined number of pseudo-random bit data based on the seed value, the pseudo-random bit data being arranged into a random number table stored in an electronic memory of the sending device;
  
  transmitting from the receiving device to the sending device through secured communication both the unique device number and the unique user keycode number;
  
  assigning, at the sending device, the random number table to the unique device number and unique user keycode number, the assignment being stored in a secret index in the electronic memory of the sending device;
  
  selecting, at the sending device, a secret session key as a subset of the pseudo-random bit data in the random number table;
  
  assigning, at the sending device, a start pointer corresponding to a start point of the subset of pseudo-random bit data and an end pointer corresponding to an end point of the subset of pseudo-random bit data;
  
  determining selected properties identifying length and location of the subset of pseudo-random bit data in the random number table, the subset of pseudo-random bit data being the secret session key;
  
  storing the selected properties and the start and end pointers of the secret session key in a secret session key properties descriptor buffer of the sending device;
  
  copying into a secret session key buffer at the sending device the secret session key corresponding to the selected properties of the secret session key from within the predetermined number of pseudo-random bit data in the random number table stored at the sending device index, by utilizing the start and end pointers to locate the secret session key;
  
  transforming the contents of the secret session key properties descriptor buffer into mangled secret session key properties;
  
  storing the data to be transmitted to the receiving device in an input/output buffer of the sending device;
  
  encrypting, at the sending device, the data in the input/output buffer using the symmetric key encryption algorithm and the secret session key stored in the secret session key buffer to generate an encrypted content;
  
  appending, at the sending device, the unique device number and the mangled secret session key properties as a header of the encrypted content;
  
  creating a connection between the sending device and the receiving device;
  
  transmitting the encrypted content with the appended header from the sending device to the receiving device;
  
  verifying, at the receiving device, the unique device number in the header of the encrypted content with the unique device number stored in the receiving device to determine whether the receiving device is authorized to decrypt the encrypted content;
  
  extracting, at the receiving device, the mangled secret session key properties when the receiving device is authorized to decrypt the encrypted content, the mangled session key properties being stored in a copied mangled secret session key properties descriptor buffer of the receiving device;
  
  restoring the contents of the copied mangled secret session key properties descriptor buffer, the restored secret session key properties corresponding to the secret session key properties at the sending device, the restored session key properties including the selected properties, the start pointer and the end pointer of the secret session key;
  
  utilizing, at the receiving device, at least a subset of the selected properties, the starting pointer and the end pointer to extract the secret session key from a predetermined number of pseudo-random bit data previously stored in the receiving device, the predetermined number of pseudo-random bit data stored in the receiving device corresponding to the predetermined number of pseudo-random bit data stored in the sending device, the extracted secret session key being a duplicate of the secret session key stored in the sending device;
  
  decrypting the encrypted content at the receiving device using the symmetric key encryption algorithm and the extracted secret session key when the receiving device is authorized to decrypt the encrypted content, the decrypted content being stored in an input/output buffer of the receiving device; and
  
  securely using, reading or playing the contents of the input/output buffer of the receiving device, the secret session key having been successfully created and exchanged between the sending and receiving devices without exchanging or transmitting the actual secret session keys therebetween, the secure communication between the sending and receiving devices of encrypted content being maintained until termination of the communication is initiated by at least one of the sending and receiving devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method according to claim 1, further comprising:
    - prior to transmitting the encrypted content, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and unique user keycode number corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the user keycode.
  - 3. The method according to claim 1, further comprising:
    - providing the receiving device with non-system randomizer software identical to the non-system randomizer software used by the sending device to generate the predetermined number of pseudo-random bit data included in the random number table;
      
      prior to transmission of the encrypted content, transmitting from the sending device to the receiving device, the seed value via secure communication, the seed value corresponding to the pseudo-random bit data in the random number table associated with the unique device number and unique user keycode number of the receiving device;
      
      generating a predetermined number of pseudo-random bit data at the receiving device using the non-system randomizer software and seed value; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data generated based on the seed value as a random number table associated with the unique device number and the unique user keycode number.
  - 4. The method according to claim 1, further comprising:
    - providing the receiving device with a plurality of unique secret user keycode numbers assigned thereto;
      
      securely transmitting, from the receiving device to the sending device, the unique device number and one of the plurality of unique user keycode numbers not assigned to a random number table stored at the receiving device;
      
      associating, in the secret index of the sending device, the random number table to the unique device number and the one of the plurality of unique user keycode numbers received from the receiving device;
      
      prior to transmitting the encrypted content, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and the one of the plurality of unique user keycode numbers corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the one of the plurality of unique user keycode numbers.
  - 5. The method according to claim 1, wherein the secret session key is selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a predetermined algorithm.
  - 6. The method according to claim 1, wherein the secret session key is randomly selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a random method.
  - 7. The method according to claim 1, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes performing an exclusive-or operation between the contents of the secret session key properties descriptor buffer and the unique user keycode number corresponding to the receiving device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer includes performing an exclusive-or operation between the contents of the copied mangled secret session key properties descriptor buffer and the unique user keycode number.
  - 8. The method according to claim 1, wherein transforming the contents of the secret session key properties descriptor buffer includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number, andrestoring the contents of the copied mangled secret session key properties descriptor buffer includes decrypting with the symmetric secret key encryption and the unique user keycode number.
  - 9. The method of claim 1, wherein the data to be transmitted by the sending device is streaming data, and each block of the streaming data is stored in the input/output buffer upon transmission of the previously stored block of the streaming data to the receiving device.
  - 10. The method according to claim 9, wherein transforming the contents of the secret session key properties descriptor buffer includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number, andrestoring the contents of the copied mangled secret session key properties descriptor buffer includes decrypting with the symmetric secret key encryption and the unique user keycode number.

11. A method of creating and exchanging secret session keys used in symmetric secret key encryption between a sending device and a receiving device engaged in two way communication, the secret session key being exchanged without transmitting the actual secret session key between the sending and receiving devices, the method comprising:
- providing the receiving device with a unique device number, a unique user keycode number assigned thereto, and a symmetric secret key encryption algorithm;
  
  providing the sending device with a unique device number, a unique user keycode assigned thereto, a seed value, the symmetric secret key encryption algorithm, and a non-system randomizer software;
  
  transmitting, from the receiving device to the sending device, the unique device number and unique user keycode corresponding to the receiving device;
  
  transmitting, from the sending device to the receiving device, the unique device number and unique user keycode corresponding to the sending device;
  
  generating, at the sending device, a predetermined number of pseudo-random bit data using the seed value, the predetermined number of pseudo-random bit data forming a random number table;
  
  assigning, in a secret index stored in an electronic memory of the sending device, the random number table to unique device number and the unique user keycode number corresponding to the receiving device;
  
  securely storing in the electronic memory of the receiving device, the unique device number and the unique user keycode number corresponding to the sending device;
  
  selecting, at the sending device, a secret session key as a subset of the pseudo-random bit data in the random number table corresponding to the unique device number and unique user keycode number of the receiving device;
  
  selecting, at the sending device, a start pointer and an end pointer corresponding to the subset of the pseudo-random bit data, the start and end pointers defining selected properties of the secret session key including a length and random number table location thereof;
  
  storing the selected properties of the secret session key, the start pointer and the end pointer into a secret session key properties descriptor buffer of the sending device;
  
  copying the secret session key into a secret session key buffer of the sending device using the start and end pointers to locate the secret session key within the random number table, the secret session key corresponding to the selected properties of the secret session key;
  
  encoding, at the sending device, the contents of the secret session key properties descriptor buffer into mangled secret session key properties;
  
  storing in an input/output buffer of the sending device, data to be encrypted and transmitted to the receiving device;
  
  encrypting, at the sending device, the data in the input/output buffer using the symmetric key encryption algorithm and the secret session key stored in the secret session key buffer to generate an encrypted content;
  
  appending, at the sending device, the unique device number and mangled secret session key properties as a header of the encrypted content;
  
  creating a connection between the sending device and the receiving device;
  
  transmitting the encrypted content with the appended header from the sending device to the receiving device;
  
  verifying, at the receiving device, the unique device number in the header of the encrypted content with the unique device number stored in the receiving device to determine whether the receiving device is authorized to decrypt the encrypted content;
  
  extracting, at the receiving device, the mangled secret session key properties when receiving device is authorized to decrypt the encrypted content, the mangled session key properties being stored in a copied mangled secret session key properties descriptor buffer of the receiving device;
  
  restoring the contents of the copied mangled secret session key properties descriptor buffer, the restored secret session key properties corresponding to the secret session key properties at the sending device, the restored session key properties including the selected properties, the start pointer and the end pointer of the secret session key;
  
  utilizing, at the receiving device, at least a subset of the selected properties, the starting pointer and the end pointer to extract the secret session key from a predetermined number of pseudo-random bit data previously stored in the receiving device, the predetermined number of pseudo-random bit data stored in the receiving device corresponding to the predetermined number of pseudo-random bit data stored in the sending device, the extracted secret session key being a duplicate of the secret session key stored in the sending device;
  
  decrypting the encrypted content at the receiving device using the symmetric key encryption algorithm and the extracted secret session key when receiving device is authorized to decrypt the encrypted content, the decrypted content being stored in an input/output buffer of the receiving device;
  
  securely using, reading or playing the contents of the input/output buffer of the receiving device, the secret session key having been successfully created and exchanged between the sending and receiving devices without exchanging or transmitting the actual secret session keys therebetween;
  
  determining, at the receiving device, whether additional communication with the sending device is required based on the contents of the input/output buffer;
  
  encoding, at the receiving device, restored secret session key properties into mangled secret session key properties, and storing the mangled secret session key properties into a mangled secret session key properties descriptor buffer;
  
  storing data to be encrypted and transmitted from the receiving device to the sending device in an input/output buffer of the receiving device;
  
  encrypting, at the receiving device, the data in the input/output buffer using the symmetric key encryption algorithm and the secret session key to generate an encrypted content;
  
  appending, at the receiving device, the unique device number of the sending device and the contents of the mangled secret session key properties descriptor buffer as a header of the encrypted content;
  
  creating a connection between the receiving device and the sending device;
  
  transmitting the encrypted content with the appended header from the receiving device to the sending device;
  
  verifying, at the sending device, the unique device number in the header of the encrypted content with the unique device number stored in the sending device to determine whether the sending device is authorized to decrypt the encrypted content;
  
  extracting, at the sending device, the mangled secret session key properties when the sending device is authorized to decrypt the encrypted content, the mangled session key properties being stored in a copied mangled secret session key properties descriptor buffer of the sending device;
  
  restoring the contents of the copied mangled secret session key properties descriptor buffer, the restored secret session key properties corresponding to the secret session key properties at the receiving device, the restored secret session key properties including the selected properties, the start pointer and the end pointer of the secret session key;
  
  utilizing, at the sending device, at least a subset of the selected properties, the starting pointer and the end pointer to extract the secret session key from a predetermined number of pseudo-random bit data previously stored in the sending device, the predetermined number of pseudo-random bit data stored in the sending device corresponding to the predetermined number of pseudo-random bit data stored in the receiving device, the extracted secret session key being a duplicate of the session key stored in the receiving device;
  
  decrypting the encrypted content at the sending device using the symmetric key encryption algorithm and the extracted secret session key when the sending device is authorized to decrypt the encrypted content, the decrypted content being stored in an input/output buffer of the sending device;
  
  securely using, reading or playing the contents of the input/output buffer of the receiving device, the secret session key having been successfully created and exchanged between the sending and receiving devices without exchanging or transmitting the actual secret session keys therebetween;
  
  repeating all steps above until at least one of the sending device and the receiving device ends communication therebetween.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method according to claim 11, further comprising:
    - prior to transmitting the encrypted content from the sending device to the receiving device, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and unique user keycode number corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the user keycode.
  - 13. The method according to claim 11, further comprising:
    - providing the receiving device with non-system randomizer software identical to the non-system randomizer software used by the sending device to generate the predetermined number of pseudo-random bit data included in the random number table;
      
      prior to transmission of the encrypted content, transmitting from the sending device to the receiving device, the seed value via secure communication, the seed value corresponding to the pseudo-random bit data in the random number table associated with the unique device number and unique user keycode number of the receiving device;
      
      generating a predetermined number of pseudo-random bit data at the receiving device using the non-system randomizer software and seed value; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data generated based on the seed value as a random number table associated with the unique device number and the unique user keycode number,wherein the seed value is used to transmit encrypted contents from the sending device to the receiving device and to transmit encrypted contents from the receiving device to the sending device.
  - 14. The method according to claim 11, further comprising:
    - providing the receiving device with a plurality of unique secret user keycode numbers assigned thereto;
      
      securely transmitting, from the receiving device to the sending device, the unique device number and one of the plurality of unique user keycode numbers not assigned to a random number table stored at the receiving device;
      
      associating, in the secret index of the sending device, the random number table to the unique device number and the one of the plurality of unique user keycode numbers received from the receiving device;
      
      prior to transmitting the encrypted content, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and the one of the plurality of unique user keycode numbers corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the one of the plurality of unique user keycode numbers.
  - 15. The method according to claim 11, wherein the secret session key is selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a predetermined algorithm.
  - 16. The method according to claim 11, wherein the secret session key is randomly selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a random method.
  - 17. The method according to claim 11, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes performing an exclusive-or operation between the contents of the secret session key properties descriptor buffer and the unique user keycode number corresponding to the receiving device,restoring the contents of the copied mangled secret session key properties descriptor buffer of the receiving device includes performing an exclusive-or operation between the contents of the copied mangled secret session key properties descriptor buffer and the unique user keycode number of the receiving device,transforming the contents of the secret session key properties descriptor buffer in the receiving device includes performing an exclusive-or operation between the contents of the secret session key properties descriptor buffer and the unique user keycode number corresponding to the sending device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer of the sending device includes performing an exclusive-or operation between the contents of the copied mangled secret session key properties descriptor buffer and the unique user keycode number of the sending device.
  - 18. The method according to claim 11, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the receiving device,restoring the contents of the copied mangled secret session key properties descriptor buffer of the receiving device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the receiving device,transforming the contents of the secret session key properties descriptor buffer in the receiving device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the sending device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer of the sending device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the sending device.
  - 19. The method according to claim 11, wherein the data to be transmitted by the sending device is streaming data and each block of the streaming data is stored in the input/output buffer upon transmission of the previously stored block of the streaming data to the receiving device, andthe data to be transmitted by the receiving device is streaming data and each block of the streaming data is stored in the input/output buffer upon transmission of the previously stored block of the streaming data to the sending device.
  - 20. The method according to claim 19, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the receiving device,restoring the contents of the copied mangled secret session key properties descriptor buffer of the receiving device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the receiving device,transforming the contents of the secret session key properties descriptor buffer in the receiving device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the sending device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer of the sending device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the sending device.

21. A computer-readable medium storing computer-readable instructions thereon, the computer-readable instructions, when executed by a processor cause the processor to perform a method comprising:
- providing a receiving device with a unique device number, a unique user keycode number, and a symmetric secret key encryption algorithm;
  
  providing a sending device with a symmetric secret key encryption algorithm, a seed value and a non-system randomizer to generate a predetermined number of pseudo-random bit data based on the seed value, the pseudo-random bit data being arranged into a random number table stored in an electronic memory of the sending device;
  
  transmitting from the receiving device to the sending device through secured communication both the unique device number and the unique user keycode number;
  
  assigning, at the sending device, the random number table to the unique device number and unique user keycode number, the assignment being stored in a secret index in the electronic memory of the sending device;
  
  selecting, at the sending device, a secret session key as a subset of the pseudo-random bit data in the random number table;
  
  assigning, at the sending device, a start pointer corresponding to a start point of the subset of pseudo-random bit data and an end pointer corresponding to an end point of the subset of pseudo-random bit data;
  
  determining selected properties identifying length and location of the subset of pseudo-random bit data in the random number table, the subset of pseudo-random bit data being the secret session key;
  
  storing the selected properties and the start and end pointers of the secret session key in a secret session key properties descriptor buffer of the sending device;
  
  copying into a secret session key buffer at the sending device the secret session key corresponding to the selected properties of the secret session key from within the predetermined number of pseudo-random bit data in the random number table stored at the sending device index, by utilizing the start and end pointers to locate the secret session key;
  
  transforming the contents of the secret session key properties descriptor buffer into mangled secret session key properties;
  
  storing the data to be transmitted to the receiving device in an input/output buffer of the sending device;
  
  encrypting, at the sending device, the data in the input/output buffer using the symmetric key encryption algorithm and the secret session key stored in the secret session key buffer to generate an encrypted content;
  
  appending, at the sending device, the unique device number and the mangled secret session key properties as a header of the encrypted content;
  
  creating a connection between the sending device and the receiving device;
  
  transmitting the encrypted content with the appended header from the sending device to the receiving device;
  
  verifying, at the receiving device, the unique device number in the header of the encrypted content with the unique device number stored in the receiving device to determine whether the receiving device is authorized to decrypt the encrypted content;
  
  extracting, at the receiving device, the mangled secret session key properties when the receiving device is authorized to decrypt the encrypted content, the mangled session key properties being stored in a copied mangled secret session key properties descriptor buffer of the receiving device;
  
  restoring the contents of the copied mangled secret session key properties descriptor buffer, the restored secret session key properties corresponding to the secret session key properties at the sending device, the restored session key properties including the selected properties, the start pointer and the end pointer of the secret session key;
  
  utilizing, at the receiving device, at least a subset of the selected properties, the starting pointer and the end pointer to extract the secret session key from a predetermined number of pseudo-random bit data previously stored in the receiving device, the predetermined number of pseudo-random bit data stored in the receiving device corresponding to the predetermined number of pseudo-random bit data stored in the sending device, the extracted secret session key being a duplicate of the secret session key stored in the sending device;
  
  decrypting the encrypted content at the receiving device using the symmetric key encryption algorithm and the extracted secret session key when the receiving device is authorized to decrypt the encrypted content, the decrypted content being stored in an input/output buffer of the receiving device; and
  
  securely using, reading or playing the contents of the input/output buffer of the receiving device, the secret session key having been successfully created and exchanged between the sending and receiving devices without exchanging or transmitting the actual secret session keys therebetween, the secure communication between the sending and receiving devices of encrypted content being maintained until termination of the communication is initiated by at least one of the sending and receiving devices.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The computer-readable medium according to claim 21, further comprising:
    - prior to transmitting the encrypted content, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and unique user keycode number corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the user keycode.
  - 23. The computer-readable medium according to claim 21, further comprising:
    - providing the receiving device with non-system randomizer software identical to the non-system randomizer software used by the sending device to generate the predetermined number of pseudo-random bit data included in the random number table;
      
      prior to transmission of the encrypted content, transmitting from the sending device to the receiving device, the seed value via secure communication, the seed value corresponding to the pseudo-random bit data in the random number table associated with the unique device number and unique user keycode number of the receiving device;
      
      generating a predetermined number of pseudo-random bit data at the receiving device using the non-system randomizer software and seed value; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data generated based on the seed value as a random number table associated with the unique device number and the unique user keycode number.
  - 24. The computer-readable medium according to claim 21, further comprising:
    - providing the receiving device with a plurality of unique secret user keycode numbers assigned thereto;
      
      securely transmitting, from the receiving device to the sending device, the unique device number and one of the plurality of unique user keycode numbers not assigned to a random number table stored at the receiving device;
      
      associating, in the secret index of the sending device, the random number table to the unique device number and the one of the plurality of unique user keycode numbers received from the receiving device;
      
      prior to transmitting the encrypted content, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and the one of the plurality of unique user keycode numbers corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the one of the plurality of unique user keycode numbers.
  - 25. The computer-readable medium according to claim 21, wherein the secret session key is selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a predetermined algorithm.
  - 26. The computer-readable medium according to claim 21, wherein the secret session key is randomly selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a random method.
  - 27. The computer-readable medium according to claim 21, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes performing an exclusive-or operation between the contents of the secret session key properties descriptor buffer and the unique user keycode number corresponding to the receiving device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer includes performing an exclusive-or operation between the contents of the copied mangled secret session key properties descriptor buffer and the unique user keycode number.
  - 28. The computer-readable medium according to claim 21, wherein transforming the contents of the secret session key properties descriptor buffer includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number, andrestoring the contents of the copied mangled secret session key properties descriptor buffer includes decrypting with the symmetric secret key encryption and the unique user keycode number.
  - 29. The computer-readable medium of claim 21, wherein the data to be transmitted by the sending device is streaming data, and each block of the streaming data is stored in the input/output buffer upon transmission of the previously stored block of the streaming data to the receiving device.
  - 30. The computer-readable medium according to claim 29, wherein transforming the contents of the secret session key properties descriptor buffer includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number, andrestoring the contents of the copied mangled secret session key properties descriptor buffer includes decrypting with the symmetric secret key encryption and the unique user keycode number.

31. A computer-readable medium storing computer-readable instructions thereon, the computer-readable instructions when executed by a processor, cause the processor to perform a method comprising:
- providing a receiving device with a unique device number, a unique user keycode number assigned thereto, and a symmetric secret key encryption algorithm;
  
  providing a sending device with a unique device number, a unique user keycode assigned thereto, a seed value, a symmetric secret key encryption algorithm, and a non-system randomizer software;
  
  transmitting, from the receiving device to the sending device, the unique device number and unique user keycode corresponding to the receiving device;
  
  transmitting, from the sending device to the receiving device, the unique device number and unique user keycode corresponding to the sending device;
  
  generating, at the sending device, a predetermined number of pseudo-random bit data using the seed value, the predetermined number of pseudo-random bit data forming a random number table;
  
  assigning, in a secret index stored in an electronic memory of the sending device, the random number table to unique device number and the unique user keycode number corresponding to the receiving device;
  
  securely storing in the electronic memory of the receiving device, the unique device number and the unique user keycode number corresponding to the sending device;
  
  selecting, at the sending device, a secret session key as a subset of the pseudo-random bit data in the random number table corresponding to the unique device number and unique user keycode number of the receiving device;
  
  selecting, at the sending device, a start pointer and an end pointer corresponding to the subset of the pseudo-random bit data, the start and end pointers defining selected properties of the secret session key including a length and random number table location thereof;
  
  storing the selected properties of the secret session key, the start pointer and the end pointer into a secret session key properties descriptor buffer of the sending device;
  
  copying the secret session key into a secret session key buffer of the sending device using the start and end pointers to locate the secret session key within the random number table, the secret session key corresponding to the selected properties of the secret session key;
  
  encoding, at the sending device, the contents of the secret session key properties descriptor buffer into mangled secret session key properties;
  
  storing in an input/output buffer of the sending device, data to be encrypted and transmitted to the receiving device;
  
  encrypting, at the sending device, the data in the input/output buffer using the symmetric key encryption algorithm and the secret session key stored in the secret session key buffer to generate an encrypted content;
  
  appending, at the sending device, the unique device number and mangled secret session key properties as a header of the encrypted content;
  
  creating a connection between the sending device and the receiving device;
  
  transmitting the encrypted content with the appended header from the sending device to the receiving device;
  
  verifying, at the receiving device, the unique device number in the header of the encrypted content with the unique device number stored in the receiving device to determine whether the receiving device is authorized to decrypt the encrypted content;
  
  extracting, at the receiving device, the mangled secret session key properties when receiving device is authorized to decrypt the encrypted content, the mangled session key properties being stored in a copied mangled secret session key properties descriptor buffer of the receiving device;
  
  restoring the contents of the copied mangled secret session key properties descriptor buffer, the restored secret session key properties corresponding to the secret session key properties at the sending device, the restored session key properties including the selected properties, the start pointer and the end pointer of the secret session key;
  
  utilizing, at the receiving device, at least a subset of the selected properties, the starting pointer and the end pointer to extract the secret session key from a predetermined number of pseudo-random bit data previously stored in the receiving device, the predetermined number of pseudo-random bit data stored in the receiving device corresponding to the predetermined number of pseudo-random bit data stored in the sending device, the extracted secret session key being a duplicate of the secret session key stored in the sending device;
  
  decrypting the encrypted content at the receiving device using the symmetric key encryption algorithm and the extracted secret session key when receiving device is authorized to decrypt the encrypted content, the decrypted content being stored in an input/output buffer of the receiving device;
  
  securely using, reading or playing the contents of the input/output buffer of the receiving device, the secret session key having been successfully created and exchanged between the sending and receiving devices without exchanging or transmitting the actual secret session keys therebetween;
  
  determining, at the receiving device, whether additional communication with the sending device is required based on the contents of the input/output buffer;
  
  encoding, at the receiving device, restored secret session key properties into mangled secret session key properties, and storing the mangled secret session key properties into a mangled secret session key properties descriptor buffer;
  
  storing data to be encrypted and transmitted from the receiving device to the sending device in an input/output buffer of the receiving device;
  
  encrypting, at the receiving device, the data in the input/output buffer using the symmetric key encryption algorithm and the secret session key to generate an encrypted content;
  
  appending, at the receiving device, the unique device number of the sending device and the contents of the mangled secret session key properties descriptor buffer as a header of the encrypted content;
  
  creating a connection between the receiving device and the sending device;
  
  transmitting the encrypted content with the appended header from the receiving device to the sending device;
  
  verifying, at the sending device, the unique device number in the header of the encrypted content with the unique device number stored in the sending device to determine whether the sending device is authorized to decrypt the encrypted content;
  
  extracting, at the sending device, the mangled secret session key properties when the sending device is authorized to decrypt the encrypted content, the mangled session key properties being stored in a copied mangled secret session key properties descriptor buffer of the sending device;
  
  restoring the contents of the copied mangled secret session key properties descriptor buffer, the restored secret session key properties corresponding to the secret session key properties at the receiving device, the restored secret session key properties including the selected properties, the start pointer and the end pointer of the secret session key;
  
  utilizing, at the sending device, at least a subset of the selected properties, the starting pointer and the end pointer to extract the secret session key from a predetermined number of pseudo-random bit data previously stored in the sending device, the predetermined number of pseudo-random bit data stored in the sending device corresponding to the predetermined number of pseudo-random bit data stored in the receiving device, the extracted secret session key being a duplicate of the session key stored in the receiving device;
  
  decrypting the encrypted content at the sending device using the symmetric key encryption algorithm and the extracted secret session key when the sending device is authorized to decrypt the encrypted content, the decrypted content being stored in an input/output buffer of the sending device;
  
  securely using, reading or playing the contents of the input/output buffer of the receiving device, the secret session key having been successfully created and exchanged between the sending and receiving devices without exchanging or transmitting the actual secret session keys therebetween;
  
  repeating all steps above until at least one of the sending device and the receiving device ends communication therebetween.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 32. The computer-readable medium according to claim 31, further comprising:
    - prior to transmitting the encrypted content from the sending device to the receiving device, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and unique user keycode number corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the user keycode.
  - 33. The computer-readable medium according to claim 31, further comprising:
    - providing the receiving device with non-system randomizer software identical to the non-system randomizer software used by the sending device to generate the predetermined number of pseudo-random bit data included in the random number table;
      
      prior to transmission of the encrypted content, transmitting from the sending device to the receiving device, the seed value via secure communication, the seed value corresponding to the pseudo-random bit data in the random number table associated with the unique device number and unique user keycode number of the receiving device;
      
      generating a predetermined number of pseudo-random bit data at the receiving device using the non-system randomizer software and seed value; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data generated based on the seed value as a random number table associated with the unique device number and the unique user keycode number,wherein the seed value is used to transmit encrypted contents from the sending device to the receiving device and to transmit encrypted contents from the receiving device to the sending device.
  - 34. The computer-readable medium according to claim 31, further comprising:
    - providing the receiving device with a plurality of unique secret user keycode numbers assigned thereto;
      
      securely transmitting, from the receiving device to the sending device, the unique device number and one of the plurality of unique user keycode numbers not assigned to a random number table stored at the receiving device;
      
      associating, in the secret index of the sending device, the random number table to the unique device number and the one of the plurality of unique user keycode numbers received from the receiving device;
      
      prior to transmitting the encrypted content, transmitting from the sending device to the receiving device through secured communication the predetermined number of pseudo-random bit data in the random number table to the receiving device having the unique device number and the one of the plurality of unique user keycode numbers corresponding to the random number table; and
      
      securely storing in an electronic memory of the receiving device, the predetermined number of pseudo-random bit data received from the sending device, the predetermined number of pseudo-random bit data being stored in association with the device number and the one of the plurality of unique user keycode numbers.
  - 35. The computer-readable medium according to claim 31, wherein the secret session key is selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a predetermined algorithm.
  - 36. The computer-readable medium according to claim 31, wherein the secret session key is randomly selected as a subset of the predetermined number of pseudo-random bit data of the random number data by identifying the start pointer and the end pointer corresponding to the secret session key using a random method.
  - 37. The computer-readable medium according to claim 31, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes performing an exclusive-or operation between the contents of the secret session key properties descriptor buffer and the unique user keycode number corresponding to the receiving device,restoring the contents of the copied mangled secret session key properties descriptor buffer of the receiving device includes performing an exclusive-or operation between the contents of the copied mangled secret session key properties descriptor buffer and the unique user keycode number of the receiving device,transforming the contents of the secret session key properties descriptor buffer in the receiving device includes performing an exclusive-or operation between the contents of the secret session key properties descriptor buffer and the unique user keycode number corresponding to the sending device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer of the sending device includes performing an exclusive-or operation between the contents of the copied mangled secret session key properties descriptor buffer and the unique user keycode number of the sending device.
  - 38. The computer-readable medium according to claim 31, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the receiving device,restoring the contents of the copied mangled secret session key properties descriptor buffer of the receiving device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the receiving device,transforming the contents of the secret session key properties descriptor buffer in the receiving device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the sending device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer of the sending device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the sending device.
  - 39. The computer-readable medium according to claim 31, wherein the data to be transmitted by the sending device is streaming data and each block of the streaming data is stored in the input/output buffer upon transmission of the previously stored block of the streaming data to the receiving device, andthe data to be transmitted by the receiving device is streaming data and each block of the streaming data is stored in the input/output buffer upon transmission of the previously stored block of the streaming data to the sending device.
  - 40. The computer-readable medium according to claim 39, wherein transforming the contents of the secret session key properties descriptor buffer in the sending device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the receiving device,restoring the contents of the copied mangled secret session key properties descriptor buffer of the receiving device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the receiving device,transforming the contents of the secret session key properties descriptor buffer in the receiving device includes encrypting the contents of the secret session key properties descriptor buffer using symmetric secret key encryption and the unique user keycode number of the sending device, andrestoring the contents of the copied mangled secret session key properties descriptor buffer of the sending device includes decrypting with the symmetric secret key encryption and the unique user keycode number of the sending device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Uponus Technologies LLC
Original Assignee
Uponus Technologies LLC
Inventors
Tropp, Lawrence B., Volpert, Thomas R.

Application Number

US12/882,431
Publication Number

US 20120063597A1
Time in Patent Office

Days
Field of Search
US Class Current

380/259
CPC Class Codes

H04L 9/0861   Generation of secret inform...

H04L 9/0866   involving user or device id...

H04L 9/0869   involving random numbers or...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/12   Transmitting and receiving ...

H04L 9/14   using a plurality of keys o...

APPARATUS AND ASSOCIATED METHODOLOGY FOR MANAGING CONTENT CONTROL KEYS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

60 Citations

40 Claims

Specification

Use Cases

Quick Links

Others

APPARATUS AND ASSOCIATED METHODOLOGY FOR MANAGING CONTENT CONTROL KEYS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

40 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others