VERIFYING AUTHENTICITY OF PLAYBACK DEVICE

US 20130179695A1
Filed: 01/06/2012
Published: 07/11/2013
Est. Priority Date: 01/06/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for verifying the authenticity of a device, the method comprising:

requesting from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data;

receiving the device identifier, application data and the proof of possession from the device;

generating via a cryptographic algorithm a derived key from the device identifier and the master key;

generating via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key;

determining whether the derived proof of possession matches the received proof of possession; and

if the derived proof of possession matches the received proof of possession, then verifying the authenticity of the device, orif the derived proof of possession does not match the received proof of possession, then not verifying the authenticity of the device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the invention sets forth a mechanism for verifying the authenticity of a device before transmitting digital content to the device. In operation, the device stores a device key that is generated at manufacture-time using a pre-determined cryptographic key and the device identifier. In operation, the device generates a proof of possession from the application data and the stored device key. When verifying the device authenticity, a device key is derived from the master key and the device identifier then a proof of possession is derived from the derived device key and the application data obtained from the device. If the derived proof of possession matches the received proof of possession, then the authenticity of the device can be verified.

Citations

20 Claims

1. A computer-implemented method for verifying the authenticity of a device, the method comprising:
- requesting from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data;
  
  receiving the device identifier, application data and the proof of possession from the device;
  
  generating via a cryptographic algorithm a derived key from the device identifier and the master key;
  
  generating via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key;
  
  determining whether the derived proof of possession matches the received proof of possession; and
  
  if the derived proof of possession matches the received proof of possession, then verifying the authenticity of the device, orif the derived proof of possession does not match the received proof of possession, then not verifying the authenticity of the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising, if the derived proof of possession matches the obtained device proof of possession, then transmitting content to the device for playback.
  - 3. The method of claim 1, further comprising, if the derived proof of possession matches the received proof of possession, then transmitting a digital rights management license associated with content to be played on the device to the device.
  - 4. The method of claim 1, further comprising, if the derived proof of possession does not match the received proof of possession, then denying the device access to content for playback.
  - 5. The method of claim 1, wherein the manufacturer derives the device key by applying the cryptographic algorithm to the device identification and the master key, and wherein the device key is stored on the device by the manufacturer.
  - 6. The method of claim 1, wherein generating the derived device key comprises applying a hash function to the unique identification to generate a hash value.
  - 7. The method of claim 6, further comprising applying a keying algorithm to the hash value and the master key to generate the derived device key.
  - 8. The method of claim 1, wherein the master key is transmitted to the manufacturer via a secure mechanism.

9. A computer readable medium storing instructions that, when executed by a processor, cause the processor to verify the authenticity of a device, by performing the steps of:
- requesting from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data;
  
  receiving the device identifier, application data and the proof of possession from the device;
  
  generating via a cryptographic algorithm a derived key from the device identifier and the master key;
  
  generating via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key;
  
  determining whether the derived proof of possession matches the received proof of possession; and
  
  if the derived proof of possession matches the received proof of possession, then verifying the authenticity of the device, orif the derived proof of possession does not match the received proof of possession, then not verifying the authenticity of the device.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer readable medium of claim 9, further comprising, if the derived proof of possession matches the obtained device proof of possession, then transmitting content to the device for playback.
  - 11. The computer readable medium of claim 9, further comprising, if the derived proof of possession matches the received proof of possession, then transmitting a digital rights management license associated with content to be played on the device to the device.
  - 12. The computer readable medium of claim 9, further comprising, if the derived proof of possession does not match the received proof of possession, then denying the device access to content for playback.
  - 13. The computer readable medium of claim 9, wherein the manufacturer derives the device key by applying the cryptographic algorithm to the device identification and the master key, and wherein the device key is stored on the device by the manufacturer.
  - 14. The computer readable medium of claim 9, wherein generating the derived device key comprises applying a hash function to the unique identification to generate a hash value.
  - 15. The computer readable medium of claim 14, further comprising applying a keying algorithm to the hash value and the master key to generate the derived device key.
  - 16. The computer readable medium of claim 9, wherein the master key is transmitted to the manufacturer via a secure mechanism.

17. A computer system, comprising:
- a secure memory that stores a master key; and
  
  a processor configured to;
  
  request from the device a device identifier, application data and a proof of possession that is derived from the device key and the application data,receive the device identifier, application data and the proof of possession from the device,generate via a cryptographic algorithm a derived key from the device identifier and the master key,generate via a cryptographic algorithm a derived proof of possession based on the application data received from the device and the derived device key,determine whether the derived proof of possession matches the received proof of possession, andif the derived proof of possession matches the received proof of possession, then verify the authenticity of the device, orif the derived proof of possession does not match the received proof of possession, then not verify the authenticity of the device.
- View Dependent Claims (18, 19, 20)
- - 18. The computer system of claim 17, wherein the processor is further configured to, if the derived proof of possession matches the obtained device proof of possession, then transmitting content to the device for playback.
  - 19. The computer system of claim 17, wherein the processor is further configured to, if the derived proof of possession matches the received proof of possession, then transmitting a digital rights management license associated with content to be played on the device to the device.
  - 20. The computer system of claim 17, wherein the processor is further configured to, if the derived proof of possession does not match the received proof of possession, then denying the device access to content for playback.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Netflix, Inc.
Original Assignee
Netflix, Inc.
Inventors
Zollinger, Mitch, Paun, Filip, Kelly, Scott G.

Granted Patent

US 8,612,771 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

H04L 2209/603   Digital right managament [DRM]

H04L 9/0866   involving user or device id...

H04L 9/3271   using challenge-response

H04N 21/25816   involving client authentica...

VERIFYING AUTHENTICITY OF PLAYBACK DEVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

VERIFYING AUTHENTICITY OF PLAYBACK DEVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links