Method for interdependently validating a digital content package and a corresponding digital license
First Claim
1. A method for a device to interdependently validate a piece of digital content and a corresponding digital license for rendering the digital content, the digital content being encrypted, the encrypted digital content being decryptable according to a decryption key (KD) and being packaged in a digital content package, the digital content package being provided by a content provider having a public key (PU-C) and a private key (PR-C), the digital license being provided by a license provider having a public key (PU-L) and a private key (PR-L), the device having a public key (PU-D) and a private key (PR-D), the digital content package comprising:
- the encrypted digital content; and
the content provider public key (PU-C) encrypted with the decryption key (KD) and signed by the content provider private key (PR-C) (i.e., (KD (PU-C) S (PR-C)));
the digital license comprising;
the decryption key (KD) encrypted with the device public key (PU-D) (i.e., (PU-D (KD)));
a digital signature from the license provider (without any attached certificate) based on (KD (DRL)) and (PU-D (KD)) and encrypted with the license provider private key (i.e., (S (PR-L))); and
a certificate containing the license provider public key (PU-L) and signed by the content provider private key (PR-C) (i.e., (CERT (PU-L) S (PR-C)));
the method comprising;
obtaining (PU-D (KD)) from the license;
applying (PR-D) to (PU-D (KD)) to produce (KD);
obtaining (KD (PU-C) S (PR-C)) from the digital content package;
applying (KD) to (KD (PU-C) S (PR-C)) to produce (PU-C);
applying (PU-C) to (S (PR-C)) to validate (KD (PU-C) S (PR-C)), thereby validating the digital content package;
obtaining (CERT (PU-L) S (PR-C)) from the license;
applying (PU-C) to (CERT (PU-L) S (PR-C)) to validate (CERT (PU-L) S (PR-C)), thereby validating the content provider, and also to obtain (PU-L);
obtaining (S (PR-L)) from the license; and
applying (PU-L) to (S (PR-L)), thereby validating the license.
2 Assignments
0 Petitions
Accused Products
Abstract
A method is disclosed for a device to interdependently validate a digital content package having a piece of digital content in an encrypted form, and a corresponding digital license for rendering the digital content. A first key is derived from a source available to the device, and a first digital signature is obtained from the digital content package. The first key is applied to the first digital signature to validate the first digital signature and the digital content package. A second key is derived based on the first digital signature, and a second digital signature is obtained from the license. The second key is applied to the second digital signature to validate the second digital signature and the license.
-
Citations
4 Claims
-
1. A method for a device to interdependently validate a piece of digital content and a corresponding digital license for rendering the digital content, the digital content being encrypted, the encrypted digital content being decryptable according to a decryption key (KD) and being packaged in a digital content package, the digital content package being provided by a content provider having a public key (PU-C) and a private key (PR-C), the digital license being provided by a license provider having a public key (PU-L) and a private key (PR-L), the device having a public key (PU-D) and a private key (PR-D), the digital content package comprising:
-
the encrypted digital content; and the content provider public key (PU-C) encrypted with the decryption key (KD) and signed by the content provider private key (PR-C) (i.e., (KD (PU-C) S (PR-C))); the digital license comprising; the decryption key (KD) encrypted with the device public key (PU-D) (i.e., (PU-D (KD))); a digital signature from the license provider (without any attached certificate) based on (KD (DRL)) and (PU-D (KD)) and encrypted with the license provider private key (i.e., (S (PR-L))); and a certificate containing the license provider public key (PU-L) and signed by the content provider private key (PR-C) (i.e., (CERT (PU-L) S (PR-C))); the method comprising; obtaining (PU-D (KD)) from the license; applying (PR-D) to (PU-D (KD)) to produce (KD); obtaining (KD (PU-C) S (PR-C)) from the digital content package; applying (KD) to (KD (PU-C) S (PR-C)) to produce (PU-C); applying (PU-C) to (S (PR-C)) to validate (KD (PU-C) S (PR-C)), thereby validating the digital content package; obtaining (CERT (PU-L) S (PR-C)) from the license; applying (PU-C) to (CERT (PU-L) S (PR-C)) to validate (CERT (PU-L) S (PR-C)), thereby validating the content provider, and also to obtain (PU-L); obtaining (S (PR-L)) from the license; and applying (PU-L) to (S (PR-L)), thereby validating the license. - View Dependent Claims (2, 3, 4)
-
Specification
-
- Resources
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsJones, Thomas C., Blinn, Arnold N.
-
Primary Examiner(s)NGUYEN, CUONG H
-
Application NumberUS09/482,928Time in Patent Office2,154 DaysField of SearchG06/F01.7/00, G06/F01.7/60, 705/51, 705/59, 705/57, 705/54, 705/80, 705/67, 705 26- 27, 705/71, 380/255, 380/258, 713/176, 06/F, 06/FUS Class Current705/51CPC Class CodesG06F 21/1086 SuperdistributionG06F 21/109 by using specially-adapted ...G06F 21/445 by mutual authentication, e...G06F 21/71 to assure secure computing ...G06F 2211/007 Encryption, En-/decode, En-...G06F 2221/2105 Dual mode as a secondary as...G06F 2221/2137 Time limited access, e.g. t...G06F 2221/2141 Access rights, e.g. capabil...G06Q 20/3674 involving authenticationG06Q 20/3829 involving key managementG06Q 30/06 Buying, selling or leasing ...G06Q 50/188 Electronic negotiationG07F 9/002 Vending machines being part...H04L 2463/101 applying security measures ...H04L 63/0442 wherein the sending and rec...H04L 63/068 using time-dependent keys, ...H04L 63/0823 using certificates cryptogr...H04L 63/12 Applying verification of th...
