Copy security for portable music players
First Claim
1. A method for binding subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device, the method comprising:
- encrypting the subject data to form encrypted subject data using data corresponding to the selected data access device as an encryption key;
forming key identification data from the encryption key; and
storing the encrypted subject data and the key identification data in a storage medium which is readable by the selected data access device;
wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data.
3 Assignments
0 Petitions
Accused Products
Abstract
Data such as a musical track is stored as a secure portable track (SPT) which can be bound to one or more players and can be bound to a particular storage medium, restricting playback of the SPT to the specific players and ensuring that playback is only from the original storage medium. The SPT is bound to a player by encrypting data of the SPT using a storage key which is unique to the player, is difficult to change, and is held in strict secrecy by the player. The SPT is bound to a particular storage medium by including data uniquely identifying the storage medium in a tamper-resistant form, e.g., cryptographically signed. The SPT can also be bound to the storage medium by embedding cryptographic logic circuitry, e.g., integrate circuitry, in the packaging of the storage medium. The SPT is bound by encrypting an encryption key using the embedded logic. By using unique cryptographic logic, only that particular storage medium can decrypt the encryption key and, therefore, the data of the SPT encrypted with the encryption key. To allow a user to playback the SPT on a number of players, players can share storage keys with one another. Such key sharing is done in a cryptographically secure manner. Before downloading an SPT to a particular external player, the ability of the external player to enforce restrictions placed upon the SPT is verified.
-
Citations
102 Claims
-
1. A method for binding subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device, the method comprising:
-
encrypting the subject data to form encrypted subject data using data corresponding to the selected data access device as an encryption key;
forming key identification data from the encryption key; and
storing the encrypted subject data and the key identification data in a storage medium which is readable by the selected data access device;
wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
encrypting the subject data using a master key; and
encrypting the master key with the encryption key to form an encrypted master key.
-
-
3. The method of claim 2 wherein storing the encrypted subject data and the key identification data further comprises:
storing the encrypted master key in the storage medium.
-
4. The method of claim 3 further comprising:
-
forming message verification data using the key identification data and the encrypted master key; and
storing the message verification data in the storage medium.
-
-
5. The method of claim 4 wherein the message verification data is a message authentication code (MAC).
-
6. The method of claim 1 further comprising:
-
forming message verification data using the key identification data; and
storing the message verification data in the storage medium.
-
-
7. The method of claim 6 wherein the message verification data is a message authentication code (MAC).
-
8. The method of claim 1 wherein the subject data includes digitized audio signals.
-
9. The method of claim 1 wherein the data secretly held by the selected data access device is read-only.
-
10. A method for accessing subject data from a storage medium by a selected data access device, the method comprising:
-
retrieving key identification data from the storage medium;
determining that the key identification data corresponds to data secretly held by the selected data access device;
retrieving encrypted subject data from the storage medium; and
decrypting the encrypted subject data using the data secretly held by the selected data access device as an encryption key to form the subject data wherein the key identification data is formed from the encryption key; and
wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
retrieving an encrypted master key from the storage medium;
decrypting the encrypted master key using the data secretly held by the selected data access device as an encryption key to form a master key; and
decrypting the encrypted subject data using the master key to form the subject data.
-
-
13. The method of claim 10 further comprising:
-
retrieving message verification data from the storage medium; and
verifying authenticity of the key identification data using the message verification data.
-
-
14. The method of claim 13 wherein the message verification data is a message authentication code (MAC).
-
15. The method of claim 10 wherein the subject data includes digitized audio signals.
-
16. The method of claim 15 further comprising:
playing back the digitized audio signals.
-
17. The method of claim 10 wherein the subject data includes digitized video signals.
-
18. The method of claim 17 further comprising:
rendering the digitized video signals.
-
19. The method of claim 10 wherein the subject data includes computer code.
-
20. The method of claim 19 further comprising:
executing the computer code.
-
21. A method for accessing subject data from a storage medium by a selected data access device, the method comprising:
-
receiving key data corresponding to a second data access device from the second data access device;
retrieving key identification data from the storage medium;
determining that the key identification data corresponds to the key data received from the second data access device;
retrieving encrypted subject data from the storage medium; and
decrypting the encrypted subject data using the key data received from the second data access device as an encryption key to form the subject data. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
retrieving an encrypted master key from the storage medium;
decrypting the encrypted master key using the data secretly held by the selected data access device as an encryption key to form a master key; and
decrypting the encrypted subject data using the master key to form the subject data.
-
-
24. The method of claim 21 wherein receiving key data corresponding to a second data access device comprises:
-
sending a request message to the second data access device requesting key data from the second data access device;
receiving a reply message from the second data access device which includes encrypted key data;
decrypting the encrypted key data to form the key data.
-
-
25. The method of claim 24 wherein receiving key data corresponding to a second data access device further comprises:
sending an exchange message to the second data access device where the exchange message includes encrypted key data corresponding to the selected data access device.
-
26. The method of claim 24 wherein receiving key data corresponding to a second data access device further comprises:
receiving a terminate message from the second data access device.
-
27. The method of claim 24 wherein receiving key data corresponding to a second data access device further comprises:
preventing storage of the key data within the selected data access device upon a condition in which equivalent key data is already stored within the selected data access device.
-
28. The method of claim 24 wherein the request message includes a pseudo-random number.
-
29. The method of claim 28 wherein the reply message include the first-mentioned pseudo-random number and a second pseudo-random number.
-
30. The method of claim 24 wherein the request message includes a certificate of the selected data access device.
-
31. The method of claim 24 wherein the request message conveys a public key of the selected data access device to the second data access device.
-
32. The method of claim 31 wherein decrypting the encrypted key data comprises:
decrypting the encrypted key data using the private key of the selected data access device to form the key data.
-
33. The method of claim 21 wherein receiving key data corresponding to a second data access device comprises:
-
receiving a request message from the second data access device requesting key data from the selected data access device;
sending a reply message to the second data access device which includes encrypted key data;
receiving an exchange message from the second data access device which includes other encrypted key data; and
decrypting the other encrypted key data to form the key data.
-
-
34. The method of claim 21 wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data.
-
35. A computer readable medium useful in association with a computer which includes a processor and a memory, the computer readable medium including computer instructions which are configured to cause the computer to bind subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device by:
-
encrypting the subject data to form encrypted subject data using data corresponding to the selected data access device as an encryption key;
forming key identification data from the encryption key; and
storing the encrypted subject data and the key identification data in a storage medium which is readable by the selected data access device;
wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43)
encrypting the subject data using a master key; and
encrypting the master key with the encryption key to form an encrypted master key.
-
-
37. The computer readable medium of claim 36 wherein storing the encrypted subject data and the key identification data further comprises:
storing the encrypted master key in the storage medium.
-
38. The computer readable medium of claim 37 wherein the computer instructions are configured to cause the computer to bind subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device by also:
-
forming message verification data using the key identification data and the encrypted master key; and
storing the message verification data in the storage medium.
-
-
39. The computer readable medium of claim 38 wherein the message verification data is a message authentication code (MAC).
-
40. The computer readable medium of claim 35 wherein the computer instructions are configured to cause the computer to bind subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device by also:
-
forming message verification data using the key identification data; and
storing the message verification data in the storage medium.
-
-
41. The computer readable medium of claim 40 wherein the message verification data is a message authentication code (MAC).
-
42. The computer readable medium of claim 35 wherein the subject data includes digitized audio signals.
-
43. The computer readable medium of claim 35 wherein the data secretly held by the selected data access device is read-only.
-
44. A computer readable medium useful in association with a computer which includes a processor and a memory, the computer readable medium including computer instructions which are configured to cause the computer to access subject data from a storage medium by a selected data access device by:
-
retrieving key identification data from the storage medium;
determining that the key identification data corresponds to data secretly held by the selected data access device;
retrieving encrypted subject data from the storage medium; and
decrypting the encrypted subject data using the data secretly held by the selected data access device as an encryption key to form the subject data;
wherein the key identification data is formed from the encryption key; and
wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
retrieving an encrypted master key from the storage medium;
decrypting the encrypted master key using the data secretly held bay the selected data access device as an encryption key to form a master key; and
decrypting the encrypted subject data using the master key to from the subject data.
-
-
47. The computer readable medium of claim 44 wherein the computer instructions are configured to cause the computer to access subject data from a storage medium by a selected data access device by also:
-
retrieving message verification data from the storage medium; and
verifying authenticity of the key identification data using the message verification data.
-
-
48. The computer readable medium of claim 47 wherein the message verification data is a message authentication code (MAC).
-
49. The computer readable medium of claim 44 wherein the subject data includes digitized audio signals.
-
50. The computer readable medium of claim 49 wherein the computer instructions are configured to cause the computer to access subject data from a storage medium by a selected data access device by also:
playing back the digitized audio signals.
-
51. The computer readable medium of claim 44 wherein the subject data includes digitized video signals.
-
52. The computer readable medium of claim 51 wherein the computer instructions are configured to cause the computer to access subject data from a storage medium by a selected data access device by also:
rendering the digitized video signals.
-
53. The computer readable medium of claim 44 wherein the subject data includes computer code.
-
54. The computer readable medium of claim 53 wherein the computer instructions are configured to cause the computer to access subject data from a storage medium by a selected data access device by also:
executing the computer code.
-
55. A computer readable medium useful in association with a computer which includes a processor and a memory, the computer readable medium including computer instructions which are configured to cause the computer to access subject data from a storage medium by a selected data access device by:
-
receiving key data corresponding to a second data access device from the second data access device;
retrieving key identification data from the storage medium;
determining that the key identification data corresponds to the key data received from the second data access device;
retrieving encrypted subject data from the storage medium; and
decrypting the encrypted subject data using the key data received from the second data access device as an encryption key to form the subject data. - View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68)
retrieving an encrypted master key from the storage medium;
decrypting the encrypted master key using the data secretly held by the selected data access device as an encryption key to form a master key; and
decrypting the encrypted subject data using the master key to form the subject data.
-
-
58. The computer readable medium of claim 55 wherein receiving key data corresponding to a second data access device comprises:
-
sending a request message to the second data access device requesting key data from the second data access device;
receiving a reply message from the second data access device which includes encrypted key data;
decrypting the encrypted key data to form the key data.
-
-
59. The computer readable medium of claim 58 wherein receiving key data corresponding to a second data access device further comprises:
sending an exchange message to the second data access device where the exchange message includes encrypted key data corresponding to the selected data access device.
-
60. The computer readable medium of claim 58 wherein receiving key data corresponding to a second data access device further comprises:
receiving a terminate message from the second data access device.
-
61. The computer readable medium of claim 58 wherein receiving key data corresponding to a second data access device further comprises:
preventing storage of the key data within the selected data access device upon a condition in which equivalent key data is already stored within the selected data access device.
-
62. The computer readable medium of claim 58 wherein the request message includes a pseudo-random number.
-
63. The computer readable medium of claim 62 wherein the reply message include the first-mentioned pseudo-random number and a second pseudo-random number.
-
64. The computer readable medium of claim 58 wherein the request message includes a certificate of the selected data access device.
-
65. The computer readable medium of claim 58 wherein the request message conveys a public key of the selected data access device to the second data access device.
-
66. The computer readable medium of claim 65 wherein decrypting the encrypted key data comprises:
decrypting the encrypted key data using the private key of the selected data access device to form the key data.
-
67. The computer readable medium of claim 55 wherein receiving key data corresponding to a second data access device comprises:
-
receiving a request message from the second data access device requesting key data from the selected data access device;
sending a reply message to the second data access device which includes encrypted key data;
receiving an exchange message from the second data access device which includes other encrypted key data; and
decrypting the other encrypted key data to form the key data.
-
-
68. The computer readable medium of claim 55 wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data.
-
69. A computer system comprising:
-
a processor;
a memory operatively coupled to the processor; and
a binding module (i) which executes in the processor from the memory and (ii) which, when executed by the processor, causes the computer to bind subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device by;
encrypting the subject data to form encrypted subject data using data corresponding to the selected data access device as an encryption key;
forming key identification data from the encryption key; and
storing the encrypted subject data and the key identification data in a storage medium which is readable by the selected data access device;
wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data. - View Dependent Claims (70, 71, 72, 73, 74, 75, 76, 77)
encrypting the subject data using a master key; and
encrypting the master key with the encryption key to form an encrypted master key.
-
-
71. The computer system of claim 70 wherein storing the encrypted subject data and the key identification data further comprises:
storing the encrypted master key in the storage medium.
-
72. The computer system of claim 71 wherein the binding module, when executed by the processor, causes the computer to bind subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device by also:
-
forming message verification data using the key identification data and the encrypted master key; and
storing the message verification data in the storage medium.
-
-
73. The computer system of claim 72 wherein the message verification data is a message authentication code (MAC).
-
74. The computer system of claim 69 wherein the binding module, when executed by the processor, causes the computer to bind subject data to a selected data access device such that the subject data is inaccessible to data access devices other than the selected data access device by also:
-
forming message verification data using the key identification data; and
storing the message verification data in the storage medium.
-
-
75. The computer system of claim 74 wherein the message verification data is a message authentication code (MAC).
-
76. The computer system of claim 69 wherein the subject data includes digitized audio signals.
-
77. The computer system of claim 69 wherein the data secretly held by selected data access device is read-only.
-
78. A computer system comprising:
-
a processor;
a memory operatively coupled to the processor; and
a data access module (i) which executes in the processor from the memory and (ii) which, when executed by the processor, causes the computer to access subject data from a storage medium by a selected data access device by;
retrieving key identification data from the storage medium;
determining that the key identification data corresponds to data secretly held by the selected data access device;
retrieving encrypted subject data from the storage medium; and
decrypting the encrypted subject data using the data secretly held by the selected data access device as an encryption key to form the subject data;
wherein the key identification data is formed from the encryption key; and
wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data. - View Dependent Claims (79, 80, 81, 82, 83, 84, 85, 86, 87, 88)
retrieving an encrypted master key from the storage medium;
decrypting the encrypted master key using the data secretly held by the selected data access device as an encryption key to form a master key; and
decrypting the encrypted subject data using the master key to form the subject data.
-
-
81. The computer system of claim 78 wherein the data access module, when executed by the processor, causes the computer to access subject data from a storage medium by a selected data access device by also:
-
retrieving message verification data from the storage medium; and
verifying authenticity of the key identification data using the message verification data.
-
-
82. The computer system of claim 81 wherein the message verification data is a message authentication code (MAC).
-
83. The computer system of claim 78 wherein the subject data includes digitized audio signals.
-
84. The computer system of claim 83 wherein the data access module, when executed by the processor, causes the computer to access subject data from a storage medium by a selected data access device by also:
playing back the digitized audio signals.
-
85. The computer system of claim 78 wherein the subject data includes digitized video signals.
-
86. The computer system of claim 85 wherein the data access module, when executed by the processor, causes the computer to access subject data from a storage medium by a selected data access device by also:
rendering the digitized video signals.
-
87. The computer system of claim 78 wherein the subject data includes computer code.
-
88. The computer system of claim 87 wherein the data access module, when executed by the processor, causes the computer to access subject data from a storage medium by a selected data access device by also:
executing the computer code.
-
89. A computer system comprising:
-
a processor;
a memory operatively coupled to the processor; and
a data access module (i) which executes in the processor from the memory and (ii) which, when executed by the processor, causes the computer to access subject data from a storage medium by a selected data access device by;
receiving key data corresponding to a second data access device from the second data access device;
retrieving key identification data from the storage medium;
determining that the key identification data corresponds to the key data received from the second data access device, retrieving encrypted subject data from the storage medium; and
decrypting the encrypted subject data using the key data received from the second data access device as an encryption key to form the subject data. - View Dependent Claims (90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102)
retrieving an encrypted master key from the storage medium; decrypting the encrypted master key using the data secretly held by the selected data access device as an encryption key to form a master key; and
decrypting the encrypted subject data using the master key to form the subject data.
-
-
92. The computer system of claim 89 wherein receiving key data corresponding to a second data access device comprises:
-
sending a request message to the second data access device requesting key data from the second data access device;
receiving a reply message from the second data access device which includes encrypted key data;
decrypting the encrypted key data to form the key data.
-
-
93. The computer system of claim 92 wherein receiving key data corresponding to a second data access device further comprises:
sending an exchange massage to the second data access device where the exchange message includes encrypted key data corresponding to the selected data access device.
-
94. The computer system of claim 92 wherein receiving key data corresponding to a second data access device further comprises:
receiving a terminate message from the second data access device.
-
95. The computer system of claim 92 wherein receiving key data corresponding to a second data access device further comprises:
preventing storage of the key data within the selected data access device upon a condition in which equivalent key data is already stored within the selected data access device.
-
96. The computer system of claim 92 wherein the request message includes a pseudo-random number.
-
97. The computer system of claim 96 wherein the reply message include the first-mentioned pseudo-random number and a second pseudo-random number.
-
98. The computer system of claim 92 wherein the request message includes a certificate of the selected data access device.
-
99. The computer system of claim 92 wherein the request message conveys a public key of the selected data access device to the second data access device.
-
100. The computer system of claim 99 wherein decrypting the encrypted key data comprises:
decrypting the encrypted key data using the private key of the selected data access device to form the key data.
-
101. The computer system of claim 89 wherein receiving key data corresponding to a second data access device comprises:
-
receiving a request message from the second data access device requesting key data from the selected data access device;
sending a reply message to the second data access device which includes encrypted key data;
receiving an exchange message from the second data access device which includes other encrypted key data; and
decrypting the other encrypted key data to form the key data.
-
-
102. The computer system of claim 89 wherein the encryption key is not directly determinable from data stored on the storage medium including the key identification data and the encrypted subject data.
Specification