Method and apparatus for distributing keys for decrypting and re-encrypting publicly distributed media

US 6,985,591 B2
Filed: 06/29/2001
Issued: 01/10/2006
Est. Priority Date: 06/29/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving a first key for decryption of encrypted multimedia content over a secure authenticated channel from a sales server;

receiving a second key for re-encrypting the encrypted multimedia content over a secure authenticated channel from the sales server;

receiving the encrypted multimedia content;

decrypting and re-encrypting the encrypted multimedia content using the first key and the second key;

conveying the re-encrypted multimedia content to a sink; and

sending audit information to the sales server over a secure authenticated channel.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides secure communication from one encryption domain to another using a trusted module. In one embodiment, the invention includes receiving a first key for decryption of encrypted content over a secure authenticated channel, receiving a second key for re-encrypting the encrypted content over a secure authenticated channel. The invention further includes receiving the encrypted content, decrypting and re-encrypting the encrypted content using the first key and the second key, and conveying the re-encrypted content to a sink.

84 Citations

View as Search Results

24 Claims

1. A method comprising:
- receiving a first key for decryption of encrypted multimedia content over a secure authenticated channel from a sales server;
  
  receiving a second key for re-encrypting the encrypted multimedia content over a secure authenticated channel from the sales server;
  
  receiving the encrypted multimedia content;
  
  decrypting and re-encrypting the encrypted multimedia content using the first key and the second key;
  
  conveying the re-encrypted multimedia content to a sink; and
  
  sending audit information to the sales server over a secure authenticated channel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising conveying the second key to the sink to enable the sink to decrypt the re-encrypted content.
  - 3. The method of claim 1, wherein receiving the encrypted content comprises receiving the encrypted content over a broadcast channel separate from any secure authenticated channel.
  - 4. The method of claim 3, wherein the broadcast channel comprises at least one of direct satellite broadcast, terrestrial radio broadcast, cable television broadcast and Internet multicast.
  - 5. The method of claim 1, wherein the secure authenticated channel comprises at least one of a telephone line, and an Internet connection.
  - 6. The method of claim 1, wherein the secure authenticated channel is separate from the channel over which the encrypted multimedia content is received.
  - 7. The method of claim 1, further comprising transmitting billing information to the sales server over a secure authenticated channel.
  - 8. The method of claim 1, wherein decrypting and re-encrypting the encrypted content comprises combining the encrypted content as a stream with a cipher stream based on the first and second keys.
  - 9. The method of claim 8, wherein the first key and the second key have symmetric agreement and wherein combining the encrypted content as a stream comprises exclusive OR-ing the encrypted content stream with an encryption stream.
  - 10. The method of claim 8 wherein decrypting and re-encrypting the encrypted content comprises generating at least the cipher stream within a secure module.
  - 11. The method of claim 1, wherein decrypting and re-encrypting the encrypted content comprises decrypting the encrypted content using the first key and re-encrypting the decrypted form of the encrypted content using the second key.

12. A machine-readable medium having stored thereon data representing sequences of instructions which, when executed by a machine, cause the machine to perform operations comprising:
- receiving a first key for decryption of encrypted multimedia content over a secure authenticated channel from a sales server;
  
  receiving a second key for re-encrypting the encrypted multimedia content over a secure authenticated channel from the sales server;
  
  receiving the encrypted multimedia content;
  
  decrypting and re-encrypting the encrypted multimedia content using the first key and the second key;
  
  conveying the re-encrypted multimedia content to a sink; and
  
  sending audit information to the sales server over a secure authenticated channel.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The medium of claim 12, further comprising instructions which, when executed by the machine, cause the machine to perform further operations comprising conveying the second key to the sink to enable the sink to decrypt the re-encrypted contents.
  - 14. The medium of claim 12, wherein the instructions for receiving a key over a secure authenticated channel comprise instructions which, when executed by the machine, cause the machine to perform further operations comprising receiving the key from a sales server separate from receiving the multimedia content.
  - 15. The medium of claim 14, further comprising instructions which, when executed by the machine, cause the machine to perform further operations comprising transmitting billing information to the sales server over the secure authenticated channel.
  - 16. The medium of claim 12, wherein the first key and the second key have symmetric agreement and wherein the instructions for combining the encrypted content as a stream comprise instructions which, when executed by the machine, cause the machine to perform further operations comprising exclusive OR-ing the encrypted content stream with an encryption stream.

17. An apparatus comprising:
- a secure authenticated channel interface to receive a first key from a sales server for decrypting encrypted multimedia content and a second key from the sales server to re-encrypt the multimedia content, and to send audit information to the sales server;
  
  a content interface to receive the encrypted multimedia content; and
  
  a computing device to re-encrypt the multimedia content using the first key and the second key and to convey the re-encrypted multimedia content to a sink.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The apparatus of claim 17, wherein the computing device comprises a secure module for holding the keys.
  - 19. The apparatus of claim 18, wherein the computing device comprises a set-top box containing the secure module.
  - 20. The apparatus of claim 18, wherein the secure module generates cipher streams for use by the computing device to decrypt and re-encrypt the encrypted content.
  - 21. The apparatus of claim 17, wherein the computing device conveys the second key to the sink to enable the sink to decrypt the re-encrypted content.

22. An apparatus comprising:
- a sales server to send a first key for encrypted multimedia content and a second key for re-encrypting the multimedia content over a secure authenticated channel to a subscriber, and to receive audit information from the subscriber over the secure authenticated channel;
  
  an authoring server to send the encrypted multimedia content over a second channel to the subscriber;
  
  wherein the subscriber can decrypt and re-encrypt the sent encrypted multimedia content using the first key and the second keys and then render the content using a sink device to decrypt the re-encrypted multimedia content.
- View Dependent Claims (23, 24)
- - 23. The apparatus of claim 22, wherein the sales server communicates billing information with the subscriber using the secure authenticated channel.
  - 24. The apparatus of claim 22, wherein the second channel is an entertainment broadcasting channel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Graunke, Gary L.
Primary Examiner(s)
Barrón, Gilberto
Assistant Examiner(s)
Tran, Ellen C

Application Number

US09/896,613
Publication Number

US 20030005285A1
Time in Patent Office

1,656 Days
Field of Search

380/277, 380/200, 700/83, 713/156
US Class Current

380/277
CPC Class Codes

H04L 2209/60 Digital content management,...

H04L 9/0838 Key agreement, i.e. key est...

Method and apparatus for distributing keys for decrypting and re-encrypting publicly distributed media

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

84 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for distributing keys for decrypting and re-encrypting publicly distributed media

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links