Host certification method and system
First Claim
1. A method of authenticating a host to receive content from a media player, the method comprising:
- receiving at the media player a certificate from the host, the certificate including a plurality of fields, including a field holding a digital signature from a certifying authority, the certificate also including data, wherein the data in the certificate specifies one or more of a product category, a product line, a model, a revision and a serial number of the host;
verifying the digital signatures in the certificate, the verifying including at least one of;
verifying the certifying authority digital signature using the certifying authority public key; and
verifying a host digital signature using a host public key;
receiving validation data from a source;
comparing the data in the certificate to the validation data from the source to identify as valid or invalid one or more of the product category, a product line, the model, the revision and the serial number of the host;
if the digital signatures are verified and the validation data is validated, generating a random number at the media player to form a session key and encrypting the session key with a public key extracted from the certificate to form an encrypted session key and transmitting the encrypted session key to the host;
at the host, decrypting the encrypted session key using a host private key to recover the session key;
at the media player, encrypting a content key using the session key to provide an encrypted content key;
at the host, receiving an encrypted content key from a media player;
decrypting the encrypted content key using the session key to recover the content key;
at the media player, retrieving encrypted content from a media;
transmitting the encrypted content to the host; and
at the host, decrypting the encrypted content using the content key.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method is provided for authenticating a device. A method includes receiving a certificate from the device, the certificate including a plurality of fields, including a field holding a digital signature from a certifying authority, verifying the digital signatures in the certificate, the verifying including at least one of verifying the certifying authority digital signature using the certifying authority public key; and verifying a device digital signature using a device public key, and receiving validation data from a source, the validation data identifying one or more data in the certificate as valid or invalid according to predetermined criteria, and if the digital signatures are verified and validated, transmitting a session key to the device to establish a secure communication channel.
-
Citations
14 Claims
-
1. A method of authenticating a host to receive content from a media player, the method comprising:
-
receiving at the media player a certificate from the host, the certificate including a plurality of fields, including a field holding a digital signature from a certifying authority, the certificate also including data, wherein the data in the certificate specifies one or more of a product category, a product line, a model, a revision and a serial number of the host; verifying the digital signatures in the certificate, the verifying including at least one of; verifying the certifying authority digital signature using the certifying authority public key; and verifying a host digital signature using a host public key; receiving validation data from a source; comparing the data in the certificate to the validation data from the source to identify as valid or invalid one or more of the product category, a product line, the model, the revision and the serial number of the host; if the digital signatures are verified and the validation data is validated, generating a random number at the media player to form a session key and encrypting the session key with a public key extracted from the certificate to form an encrypted session key and transmitting the encrypted session key to the host; at the host, decrypting the encrypted session key using a host private key to recover the session key; at the media player, encrypting a content key using the session key to provide an encrypted content key; at the host, receiving an encrypted content key from a media player; decrypting the encrypted content key using the session key to recover the content key; at the media player, retrieving encrypted content from a media; transmitting the encrypted content to the host; and at the host, decrypting the encrypted content using the content key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A media player configured to certify a host, the media player comprising:
-
a firmware component including; a block configured to receive a certificate from the host, the certificate including a plurality of fields, including a field holding a protocol public key, the certificate also including data, wherein the data in the certificate specifies one or more of a product category, a product line, a model, a revision and a serial number of the host; a block configured to verify one or more digital signatures in the certificate, including at least one of; a certifying authority digital signature using a certifying authority public key; and a device digital signature using a device public key in the certificate; a block configured to receive validation data from a source, the validation data identifying one or more of the product category, the product line, the model, the revision and the serial number of the host data in the certificate as valid or invalid according to predetermined criteria; a block configured to generate a random number and transmit the random number to the host if the digital signatures are verified and the validation data is validated; and a block configured to encrypt a content key using the random number to provide an encrypted content key and to transmit the encrypted content key to the host, wherein the host is enabled to recover a content key from the encrypted content key by using the random number, the media player being operable to retrieve encrypted content from a media and provide the encrypted content to the host such that the host is enabled to decrypt the encrypted content using the content key.
-
Specification