Host certification method and system

US 7,310,821 B2
Filed: 08/27/2001
Issued: 12/18/2007
Est. Priority Date: 08/27/2001
Status: Expired due to Term

First Claim

Patent Images

1. A method of authenticating a host to receive content from a media player, the method comprising:

receiving at the media player a certificate from the host, the certificate including a plurality of fields, including a field holding a digital signature from a certifying authority, the certificate also including data, wherein the data in the certificate specifies one or more of a product category, a product line, a model, a revision and a serial number of the host;

verifying the digital signatures in the certificate, the verifying including at least one of;

verifying the certifying authority digital signature using the certifying authority public key; and

verifying a host digital signature using a host public key;

receiving validation data from a source;

comparing the data in the certificate to the validation data from the source to identify as valid or invalid one or more of the product category, a product line, the model, the revision and the serial number of the host;

if the digital signatures are verified and the validation data is validated, generating a random number at the media player to form a session key and encrypting the session key with a public key extracted from the certificate to form an encrypted session key and transmitting the encrypted session key to the host;

at the host, decrypting the encrypted session key using a host private key to recover the session key;

at the media player, encrypting a content key using the session key to provide an encrypted content key;

at the host, receiving an encrypted content key from a media player;

decrypting the encrypted content key using the session key to recover the content key;

at the media player, retrieving encrypted content from a media;

transmitting the encrypted content to the host; and

at the host, decrypting the encrypted content using the content key.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for authenticating a device. A method includes receiving a certificate from the device, the certificate including a plurality of fields, including a field holding a digital signature from a certifying authority, verifying the digital signatures in the certificate, the verifying including at least one of verifying the certifying authority digital signature using the certifying authority public key; and verifying a device digital signature using a device public key, and receiving validation data from a source, the validation data identifying one or more data in the certificate as valid or invalid according to predetermined criteria, and if the digital signatures are verified and validated, transmitting a session key to the device to establish a secure communication channel.

Citations

14 Claims

1. A method of authenticating a host to receive content from a media player, the method comprising:
- receiving at the media player a certificate from the host, the certificate including a plurality of fields, including a field holding a digital signature from a certifying authority, the certificate also including data, wherein the data in the certificate specifies one or more of a product category, a product line, a model, a revision and a serial number of the host;
  
  verifying the digital signatures in the certificate, the verifying including at least one of;
  
  verifying the certifying authority digital signature using the certifying authority public key; and
  
  verifying a host digital signature using a host public key;
  
  receiving validation data from a source;
  
  comparing the data in the certificate to the validation data from the source to identify as valid or invalid one or more of the product category, a product line, the model, the revision and the serial number of the host;
  
  if the digital signatures are verified and the validation data is validated, generating a random number at the media player to form a session key and encrypting the session key with a public key extracted from the certificate to form an encrypted session key and transmitting the encrypted session key to the host;
  
  at the host, decrypting the encrypted session key using a host private key to recover the session key;
  
  at the media player, encrypting a content key using the session key to provide an encrypted content key;
  
  at the host, receiving an encrypted content key from a media player;
  
  decrypting the encrypted content key using the session key to recover the content key;
  
  at the media player, retrieving encrypted content from a media;
  
  transmitting the encrypted content to the host; and
  
  at the host, decrypting the encrypted content using the content key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1 wherein the source is one of a portable medium and firmware.
  - 3. The method of claim 1 wherein the certifying of the host includes certifying a second host for a host to second host secure communication channel, the certifying allowing a copy function between the host and the second host.
  - 4. The method of claim 1 wherein the certificate includes one or more of a certifying authority identifier field, a version field, a sign key identifier field, an exposed methods field;
    - a company field, a model identifier field, a revision field, a metadata identifier field, a device digital signature key field, a certifying authority digital signature field, a serial number field, a protocol public key field and a device digital signature field, wherein the certifying authority digital signature verifies one or more of the fields in the certificate and the host digital signature verifies one or more of the fields in the certificate.
  - 5. The method of claim 1 wherein the certificate enables an entity receiving the certificate to control the quality of the host by invalidating hosts that are false or have latent defects.
  - 6. The method of claim 1 wherein the certificate further includes fields provided by a host manufacturer, including the company public key, wherein the company public key is digitally signed by the certifying authority.
  - 7. The method of claim 1 wherein the certificate further includes fields provided by a host manufacturer, the fields including the host public key, wherein the host public key is digitally signed by the company.
  - 8. The method of claim 1 wherein one or more of the product category, the product line, the model, the revision and the serial number of the host are provided to a certificate creator after the host passes a qualification procedure.
  - 9. The method of claim 1 wherein the certificate specifies one or more certificate classes, the certificate classes providing a set of methods that may be exposed after the transmitting the session key.
  - 10. The method of claim 9 wherein the set of methods includes digital rights management (DRM) methods include one or more of a copy method, a record method, a play method, a read secure metadata method, a write secure metadata method, and an unlock method, the DRM methods operable according to a type of the host.
  - 11. The method of claim 1 wherein each of the fields hold 326-bit values for 163-bit elliptic curve cryptography.
  - 12. The method of claim 1 wherein the certifying authority public key is referenced by a field of the certificate.
  - 13. The method of claim 1 wherein the certifying authority public key is in a firmware component.

14. A media player configured to certify a host, the media player comprising:
- a firmware component including;
  
  a block configured to receive a certificate from the host, the certificate including a plurality of fields, including a field holding a protocol public key, the certificate also including data, wherein the data in the certificate specifies one or more of a product category, a product line, a model, a revision and a serial number of the host;
  
  a block configured to verify one or more digital signatures in the certificate, including at least one of;
  
  a certifying authority digital signature using a certifying authority public key; and
  
  a device digital signature using a device public key in the certificate;
  
  a block configured to receive validation data from a source, the validation data identifying one or more of the product category, the product line, the model, the revision and the serial number of the host data in the certificate as valid or invalid according to predetermined criteria;
  
  a block configured to generate a random number and transmit the random number to the host if the digital signatures are verified and the validation data is validated; and
  
  a block configured to encrypt a content key using the random number to provide an encrypted content key and to transmit the encrypted content key to the host, wherein the host is enabled to recover a content key from the encrypted content key by using the random number, the media player being operable to retrieve encrypted content from a media and provide the encrypted content to the host such that the host is enabled to decrypt the encrypted content using the content key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GATX Ventures, Inc. (GATX Corp.), Chemtron Research LLC (Intellectual Ventures LLC), Silicon Valley Bank (SVB Financial Group)
Original Assignee
DPHI Acquisitions, Inc.
Inventors
Lee, Lane W., Feldman, Timothy R., Rayburn, Douglas M., Kiwimagi, Gary G.
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
Abrishamkar, Kaveh

Application Number

US09/940,026
Publication Number

US 20030185395A1
Time in Patent Office

2,304 Days
Field of Search

713/156, 705/50, 705/51, 705/54, 705/55, 705/56, 705/57, 726/26, 726/27
US Class Current

726/27
CPC Class Codes

G06F 21/10 Protecting distributed prog...

Host certification method and system

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Host certification method and system

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links