VERIFYING AUTHENTICITY OF PLAYBACK DEVICE
First Claim
1. A computer-implemented method for verifying the authenticity of a device, the method comprising:
- requesting from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data;
receiving the device identifier, application data and the proof of possession from the device;
generating via a cryptographic algorithm a derived key from the device identifier and the master key;
generating via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key;
determining whether the derived proof of possession matches the received proof of possession; and
if the derived proof of possession matches the received proof of possession, then verifying the authenticity of the device, orif the derived proof of possession does not match the received proof of possession, then not verifying the authenticity of the device.
1 Assignment
0 Petitions
Accused Products
Abstract
One embodiment of the invention sets forth a mechanism for verifying the authenticity of a device before transmitting digital content to the device. In operation, the device stores a device key that is generated at manufacture-time using a pre-determined cryptographic key and the device identifier. In operation, the device generates a proof of possession from the application data and the stored device key. When verifying the device authenticity, a device key is derived from the master key and the device identifier then a proof of possession is derived from the derived device key and the application data obtained from the device. If the derived proof of possession matches the received proof of possession, then the authenticity of the device can be verified.
-
Citations
20 Claims
-
1. A computer-implemented method for verifying the authenticity of a device, the method comprising:
-
requesting from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data; receiving the device identifier, application data and the proof of possession from the device; generating via a cryptographic algorithm a derived key from the device identifier and the master key; generating via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key; determining whether the derived proof of possession matches the received proof of possession; and if the derived proof of possession matches the received proof of possession, then verifying the authenticity of the device, or if the derived proof of possession does not match the received proof of possession, then not verifying the authenticity of the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer readable medium storing instructions that, when executed by a processor, cause the processor to verify the authenticity of a device, by performing the steps of:
-
requesting from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data; receiving the device identifier, application data and the proof of possession from the device; generating via a cryptographic algorithm a derived key from the device identifier and the master key; generating via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key; determining whether the derived proof of possession matches the received proof of possession; and if the derived proof of possession matches the received proof of possession, then verifying the authenticity of the device, or if the derived proof of possession does not match the received proof of possession, then not verifying the authenticity of the device. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer system, comprising:
-
a secure memory that stores a master key; and a processor configured to; request from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data, receive the device identifier, application data and the proof of possession from the device, generate via a cryptographic algorithm a derived key from the device identifier and the master key, generate via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key, determine whether the derived proof of possession matches the received proof of possession, and if the derived proof of possession matches the received proof of possession, then verify the authenticity of the device, or if the derived proof of possession does not match the received proof of possession, then not verify the authenticity of the device. - View Dependent Claims (18, 19, 20)
-
Specification