Digital rights management system operating on computing device and having black box tied to computing device
First Claim
1. A digital rights management (DRM) system operating on a computing device when a user requests that an encrypted piece of digital content be rendered by the computer device, the computing device having an identifier, the DRM system comprising a black box for performing decryption and encryption functions in the DRM system, the black box containing a copy of the identifier of the computing device, the black box thus being tied to the computing device.
2 Assignments
0 Petitions
Accused Products
Abstract
A digital rights management (DRM) system operates on a computing device when a user requests that an encrypted piece of digital content be rendered by the computer device. The computing device has an identifier. A black box performs decryption and encryption functions in the DRM system. The black box includes a key file and an executable. The key file includes at least one black box public key and is expected to include the identifier of the computing device, the black box thus being tied to the computing device by inclusion of such first identifier. A digital license corresponding to the digital content is resident in the DRM system and includes a decryption key for decrypting the encrypted digital content. The decryption key is expected to be encrypted according to a black box public key of the key file of the black box, the license thus being tied to the black box and by extension the computing device. If the identifier of the computing device is in fact different than the identifier in the key file of the black box, a different key file is produced based on the black box public key(s) of the key file and the different identifier of the computing device.
641 Citations
33 Claims
- 1. A digital rights management (DRM) system operating on a computing device when a user requests that an encrypted piece of digital content be rendered by the computer device, the computing device having an identifier, the DRM system comprising a black box for performing decryption and encryption functions in the DRM system, the black box containing a copy of the identifier of the computing device, the black box thus being tied to the computing device.
-
7. A method in connection with a digital rights management (DRM) system operating on a computing device when a user requests that an encrypted piece of digital content be rendered by the computer device, the computing device having an identifier, the DRM system comprising:
-
a black box for performing decryption and encryption functions in the DRM system, the black box including a key file and an executable, the key file including at least one black box public key and being expected to include the identifier of the computing device, the black box thus being tied to the computing device by inclusion of such first identifier, and a digital license corresponding to the digital content, the license including a decryption key for decrypting the encrypted digital content, the decryption key being expected to be encrypted according to a black box public key of the key file of the black box, the license thus being tied to the black box and by extension the computing device, the method for re-tying the black box and the license to the computing device if the identifier of the computing device is in fact different than the identifier in the key file of the black box, the method comprising;
receiving from the computing device the key file of the black box, and also the different identifier of the computing device;
producing a different key file having the black box public key(s) of the received key file and the received different identifier of the computing device; and
forwarding the different key file to the computing device and the DRM system thereof for appropriate installation thereon. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
receiving the first key file, the different identifier of the computing device and the new set of black box keys;
extracting the old sets of black box keys from the first key file; and
producing the new key file including the new set of black box keys, the old sets of black box keys, and the different identifier of the computing device as an output based on the extracted old sets of black box keys from the first key file, the received new set of black box keys, and the received different identifier of the computing device; and
forwarding the produced new key file to the requesting DRM system.
-
-
11. The method of claim 10 wherein the first key file is a previously saved key file.
-
12. The method of claim 10 wherein the first key file is a current key file.
-
13. The method of claim 10 wherein the new black box further includes a new executable, the method comprising:
-
receiving a master executable and randomized optimization parameters;
producing the new executable based on the received master executable and the received randomized optimization parameters and based on a code optimization/randomization technique; and
forwarding the produced new executable to the requesting DRM system.
-
-
14. The method of claim 13 wherein producing the new executable comprises producing the new executable with space reserved therein for additional information.
-
15. The method of claim 14 wherein producing the new executable comprises producing the new executable with space reserved therein for additional information to be injected by an injector.
-
16. The method of claim 14 wherein producing the new executable comprises injecting the received different identifier of the computing device into at least a portion of the reserved space.
-
17. The method of claim 13 wherein producing the new executable comprises injecting the received different identifier of the computing device thereinto.
-
18. The method of claim 13 wherein producing the new executable comprises producing the new executable based at least in part on the received different identifier of the computing device and based on a code optimization/randomization technique.
-
19. A method in connection with a digital rights management (DRM) system operating on a computing device when a user requests that an encrypted piece of digital content be rendered by the computer device, the computing device having an identifier, the DRM system comprising:
-
a black box for performing decryption and encryption functions in the DRM system, the black box including a key file and an executable, the key file including at least one black box public key and being expected to include the identifier of the computing device, the black box thus being tied to the computing device by inclusion of such first identifier, and a digital license corresponding to the digital content, the license including a decryption key for decrypting the encrypted digital content, the decryption key being expected to be encrypted according to a black box public key of the key file of the black box, the license thus being tied to the black box and by extension the computing device, the method for re-tying the black box and the license to the computing device if the decryption key is in fact encrypted according to a black box public key different than any black box key in the key file of the black box, wherein the different black box public key is in a previously saved old key file, the method comprising;
receiving from the computing device the previously saved old key file having the different black box public key, and also the identifier of the computing device;
producing a different key file having the different black box public key from the received old key file and the received identifier of the computing device; and
forwarding the different key file to the computing device and the DRM system thereof for appropriate installation thereon. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
receiving the previously saved old key file, the identifier of the computing device and the new set of black box keys;
extracting the old sets of black box keys from the previously saved old key file; and
producing the new key file including the new set of black box keys, the old sets of black box keys, and the identifier of the computing device as an output based on the extracted old sets of black box keys from the previously saved key file, the received new set of black box keys, and the received identifier of the computing device; and
forwarding the produced new key file to the requesting DRM system.
-
-
23. The method of claim 22 wherein the new black box further includes a new executable, the method comprising:
-
receiving a master executable and randomized optimization parameters;
producing the new executable based on the received master executable and the received randomized optimization parameters and based on a code optimization/randomization technique; and
forwarding the produced new executable to the requesting DRM system.
-
-
24. The method of claim 23 wherein producing the new executable comprises producing the new executable with space reserved therein for additional information.
-
25. The method of claim 24 wherein producing the new executable comprises producing the new executable with space reserved therein for additional information to be injected by an injector.
-
26. The method of claim 24 wherein producing the new executable comprises injecting the received identifier of the computing device into at least a portion of the reserved space.
-
27. The method of claim 23 wherein producing the new executable comprises injecting the received identifier of the computing device thereinto.
-
28. The method of claim 23 wherein producing the new executable comprises producing the new executable based at least in part on the received identifier of the computing device and based on a code optimization/randomization technique.
-
29. A method in connection with a digital rights management (DRM) system operating on a computing device when a user requests that an encrypted piece of digital content be rendered by the computer device, the computing device having an identifier, the DRM system comprising:
-
a black box for performing decryption and encryption functions in the DRM system, the black box including a key file and an executable, the key file including at least one black box public key and the identifier of the computing device, the black box thus being tied to the computing device by inclusion of such first identifier, and a digital license corresponding to the digital content, the license including a decryption key for decrypting the encrypted digital content, the decryption key being expected to be encrypted according to a black box public key of the key file of the black box, the license thus being tied to the black box and by extension the computing device, the method for re-tying the license to the black box and the computing device if the decryption key is in fact encrypted according to a black box public key different than any black box key in the key file of the black box, the method comprising;
receiving from the computing device the license and a current black box key of the black box;
producing a different license having the decryption key thereof encrypted according to the received current black box public key; and
forwarding the different license to the computing device and the DRM system thereof for appropriate installation thereon. - View Dependent Claims (30, 31, 32, 33)
receiving from the computing device the previously saved old key file having the different black box public key and the different black box private key, and also the license and a current black box key of the black box;
extracting the different black box private key from the received previously saved old key file;
extracting from the received license the decryption key encrypted according to the different black box public key;
applying the extracted different black box private key to the extracted decryption key encrypted according to the different black box public key to produce the decryption key;
encrypting the produced decryption key according to the received current black box public key;
producing the different license having the encrypted decryption key; and
forwarding the different license to the computing device and the DRM system thereof for appropriate installation thereon.
-
-
31. The method of claim 29 comprising performing the receiving, producing, and forwarding steps by a license re-writing device external to the computing device.
-
32. The method of claim 29 comprising performing the receiving, producing, and forwarding steps by a license re-writing device internal to the computing device.
-
33. The method of claim 32 comprising performing the receiving, producing, and forwarding steps by the DRM system of the computing device.
Specification