Producing a new black box for a digital rights management (DRM) system

US 7,319,759 B1
Filed: 03/15/2000
Issued: 01/15/2008
Est. Priority Date: 03/27/1999
Status: Expired due to Fees

First Claim

Patent Images

1. An apparatus for producing a new ((n)th) black box for a digital rights management (DRM) system, the (n)th black box for being installed in the DRM system and for performing decryption and encryption functions in the DRM system, the (n)th black box being produced and delivered to the DRM system upon request therefrom and including a new ((n)th) executable and a new ((n)th) key file, the (n)th key file having a new ((n)th) set of black box keys and a number of old sets of black box keys, the request including an old ((n−

1)th) key file having the old sets of black box keys, the apparatus comprising;

a code optimizer/randomizer receiving a master executable and randomized optimization parameters as inputs and producing the (n)th executable as an output; and

a key manager receiving the (n−

1)th key file and the (n)th set of black box keys as input, extracting the old sets of black box keys from the (n−

1)th key file, and producing the (n)th key file including the (n)th set of black box keys and the old sets of black box keys as an output;

wherein the (n)th executable and the (n)th key file are to be forwarded to the requesting DRM system,the key manager producing the (n)th key file encrypted according to a secret, the apparatus further comprising an injector receiving the (n)th executable from the code optimizer/randomizer as an input, injecting the secret into the (n)th executable in a pre-determined location, and producing the injected (n)th executable as an output, wherein the injected (n)th executable and the encrypted (n)th key file are to be forwarded to the requesting DRM system,wherein the DRM system resides on a computing device having a hardware ID (HWID) associated therewith, wherein the HWID is included in and obtained from the (n−

1)th key file, and wherein the injector injects the obtained HWID into the (n)th executable in a pre-determined location.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A new ((n)th) black box is produced for a digital rights management (DRM) system. The (n)th black box is for being installed in and for performing decryption and encryption functions in the DRM system. The (n)th black box is produced and delivered to the DRM system upon request and includes a new ((n)th) executable and a new ((n)th) key file. The (n)th key file has a new ((n)th) set of black box keys and a number of old sets of black box keys. The request includes an old ((n−1)th) key file having the old sets of black box keys. A code optimizer/randomizer receives a master executable and randomized optimization parameters as inputs and produces the (n)th executable as an output. A key manager receives the (n−1)th key file and the (n)th set of black box keys as inputs, extracts the old sets of black box keys from the (n−1)th key file, and produces the (n)th key file including the (n)th set of black box keys and the old sets of black box keys as an output. The (n)th executable and the (n)th key file are forwarded to the requesting DRM system.

Citations

27 Claims

1. An apparatus for producing a new ((n)th) black box for a digital rights management (DRM) system, the (n)th black box for being installed in the DRM system and for performing decryption and encryption functions in the DRM system, the (n)th black box being produced and delivered to the DRM system upon request therefrom and including a new ((n)th) executable and a new ((n)th) key file, the (n)th key file having a new ((n)th) set of black box keys and a number of old sets of black box keys, the request including an old ((n−
- 1)th) key file having the old sets of black box keys, the apparatus comprising;
  
  a code optimizer/randomizer receiving a master executable and randomized optimization parameters as inputs and producing the (n)th executable as an output; and
  
  a key manager receiving the (n−
  
  1)th key file and the (n)th set of black box keys as input, extracting the old sets of black box keys from the (n−
  
  1)th key file, and producing the (n)th key file including the (n)th set of black box keys and the old sets of black box keys as an output;
  
  wherein the (n)th executable and the (n)th key file are to be forwarded to the requesting DRM system,the key manager producing the (n)th key file encrypted according to a secret, the apparatus further comprising an injector receiving the (n)th executable from the code optimizer/randomizer as an input, injecting the secret into the (n)th executable in a pre-determined location, and producing the injected (n)th executable as an output, wherein the injected (n)th executable and the encrypted (n)th key file are to be forwarded to the requesting DRM system,wherein the DRM system resides on a computing device having a hardware ID (HWID) associated therewith, wherein the HWID is included in and obtained from the (n−
  
  1)th key file, and wherein the injector injects the obtained HWID into the (n)th executable in a pre-determined location.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus of claim 1 wherein the key manager produces the (n)th key file encrypted according to a symmetric key, the apparatus comprising an injector receiving the (n)th executable from the code optimizer/randomizer as an input, injecting the symmetric key into the (n)th executable in a predetermined location, and producing the injected (n)th executable as an output, wherein the injected (n)th executable and the encrypted (n)th key file are to be forwarded to the requesting DRM system.
  - 3. The apparatus of claim 1 wherein the (n)th set of black box keys includes a public-private key pair, and wherein the key manager produces the (n)th key file encrypted according to the private key, the apparatus comprising an injector receiving the (n)th executable from the code optimizer/randomizer as an input, injecting the private key into the (n)th executable in a pre-determined location, and producing the injected (n)th executable as an output, wherein the injected (n)th executable and the encrypted (n)th key file are to be forwarded to the requesting DRM system.
  - 4. The apparatus of claim 1 wherein the injector injects the secret into the (n)th executable in the pre-determined location such that the secret is hidden except to the (n)th executable.
  - 5. The apparatus of claim 1 wherein the code randomizer produces a help file as an output, the help file specifying how the secret is to be injected into the (n)th executable by the injector, and wherein the injector receives the help file as an input and injects the secret into the (n)th executable according to the help file.
  - 6. The apparatus of claim 5 wherein the code randomizer produces the help file as an embedded portion of the (n)th executable.
  - 7. The apparatus of claim 1 further comprising a signature generator receiving the (n)th executable as an input, generating a digital signature for the (n)th executable, coupling the generated digital signature to the (n)th executable, and producing the coupled (n)th executable and digital signature as an output, wherein the coupled (n)th executable and digital signature and the encrypted (n)th key file are to be forwarded to the requesting DRM system.

8. A method for producing a new ((n)th) black box for a digital rights management (DRM) system, the (n)th black box for being installed in the DRM system and for performing decryption and encryption functions in the DRM system, the (n)th black box being produced and delivered to the DRM system upon request therefrom and including a new ((n)th) executable and a new ((n)th) key file, the (n)th key file having a new ((n)th) set of black box keys and a number of old sets of black box keys, the request including an old ((n−
- 1)th) key file having the old sets of black box keys, the method comprising;
  
  receiving a master executable and randomized optimization parameters;
  
  producing the (n)th executable based on the received master executable and the received randomized optimization parameters and based on a code optimization/randomization technique;
  
  receiving the (n−
  
  1)th key file and the (n)th set of black box keys;
  
  extracting the old sets of black box keys from the (n−
  
  1)th key file;
  
  producing the (n)th key file including the (n)th set of black box keys and the old sets of black box keys as an output based on the extracted old sets of black box keys from the (n−
  
  1)th key file and the received (n)th set of black box keys; and
  
  forwarding the produced (n)th executable and the produced (n)th key file to the requesting DRM system,wherein producing the (n)th executable comprises producing the (n)th executable with space reserved therein for additional information to be injected by an injector,wherein producing the (n)th key file includes encrypting the (n)th set of black box keys and the old sets of black box keys according to a secret, and wherein producing the (n)th executable comprises injecting the secret into at least a portion of the reserved space,wherein the DRM system resides on a computing device having a hardware ID (HWID) associated therewith, wherein the (n−
  
  1)th key file further has the HWID therein, wherein the method further comprises extracting the HWID from the (n−
  
  1)th key file, and wherein producing the (n)th key file comprises inserting the extracted HWID into the (n)th key file.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 9. The method of claim 8 wherein the old sets of keys in the (n−
    - 1)th key file are encrypted according to a secret of an (n−
      
      1)th executable, and wherein extracting the old sets of keys comprises obtaining the secret of the (n−
      
      1)th executable and applying the secret to the encrypted old sets of keys in the (n−
      
      1)th key file.
  - 10. The method of claim 9 wherein the request includes the (n−
    - 1)th executable, wherein the secret is embedded in the (n−
      
      1)th executable, and wherein obtaining the secret of the (n−
      
      1)th executable comprises extracting the secret from the (n−
      
      1)th executable.
  - 11. The method of claim 9 wherein the secret is maintained in a database, and wherein extracting the old sets of keys comprises obtaining the secret from the database.
  - 12. The method of claim 9 wherein the secret is included in the (n−
    - 1)th key file, and wherein extracting the old sets of keys comprises obtaining the secret from the (n−
      
      1)th key file.
  - 13. The method of claim 12 wherein the secret is included in the (n−
    - 1)th key file encrypted according to a super secret (SUPER(secret)), and wherein extracting the old sets of keys comprises obtaining (SUPER(secret)) from the (n−
      
      1)th key file, obtaining the super secret, and applying the super secret to (SUPER(secret)) to obtain the secret.
  - 14. The method of claim 8 wherein producing the (n)th key file includes encrypting the (n)th set of black box keys and the old sets of black box keys according to a secret.
  - 15. The method of claim 14 wherein producing the (n)th key file includes encrypting the (n)th set of black box keys and the old sets of black box keys according to a secret derived from the (n)th set of black box keys.
  - 16. The method of claim 14 wherein producing the (n)th executable comprises embedding the secret therein.
  - 17. The method of claim 14 further comprising maintaining the secret in a database.
  - 18. The method of claim 14 wherein producing the (n)th key file further includes placing the secret in the (n)th key file.
  - 19. The method of claim 18 wherein producing the (n)th key file further includes encrypting the secret according to a super secret (SUPER(secret)) and placing (SUPER(secret)) in the (n)th key file.
  - 20. The method of claim 8 wherein the DRM system resides on a computing device having a hardware ID (HWID) associated therewith, wherein the (n−
    - 1)th key file further has the HWID therein, wherein the method further comprises extracting the HWID from the (n−
      
      1)th key file, and wherein producing the (n)th executable comprises injecting the extracted HWID into at least a portion of the reserved space.
  - 21. The method of claim 8 wherein producing the (n)th key file includes encrypting the (n)th set of black box keys and the old sets of black box keys according to a secret, and wherein producing the (n)th executable comprises injecting the secret into at least a portion of the reserved space in a manner hidden except to the (n)th executable.
  - 22. The method of claim 8 wherein the DRM system resides on a computing device having a hardware ID (HWID) associated therewith, wherein the (n−
    - 1)th key file further has the HWID therein, wherein the method further comprises extracting the HWID from the (n−
      
      1)th key file, and wherein producing the (n)th executable comprises producing the (n)th executable based at least in part on the extracted HWID and based on a code optimization/randomization technique.
  - 23. The method of claim 8 comprising:
    - receiving, at a code optimizer/randomizer, a master executable and randomized optimization parameters as inputs;
      
      producing, at the code optimizer/randomizer, the (n)th executable as an output based on the inputs thereto;
      
      receiving, at a key manager, the (n−
      
      1)th key file and the (n)th set of black box keys as inputs;
      
      extracting, at the key manager, the old sets of black box keys from the (n−
      
      1)th key file;
      
      producing, at the key manager, the (n)th key file including the (n)th set of black box keys and the old sets of black box keys as an output based on the inputs thereto; and
      
      forwarding the produced (n)th executable and the produced (n)th key file to the requesting DRM system.

24. A method for producing a new ((n)th) black box for a digital rights management (DRM) system, the (n)th black box for being installed in the DRM system and for performing decryption and encryption functions in the DRM system, the (n)th black box being produced and delivered to the DRM system upon request therefrom and including a new ((n)th) executable, the method comprising:
- receiving a master executable and randomized optimization parameters;
  
  producing the (n)th executable based on the received master executable and the received randomized optimization parameters and based on a code optimization/randomization technique; and
  
  forwarding the produced (n)th executable to the requesting DRM system,wherein producing the (n)th executable comprises producing the (n)th executable with space reserved therein for additional information to be injected by an injector,wherein the (n)th black box further includes a new ((n)th) key file, the (n)th key file having a new ((n)th) set of black box keys and a number of old sets of black box keys, wherein the (n)th key file is produced to include the (n)th set of black box keys and the old sets of black box keys encrypted according to a secret, and wherein producing the (n)th executable comprises injecting the secret into at least a portion of the reserved space,wherein the DRM system resides on a computing device having a hardware ID (HWID) associated therewith, wherein the request from the DRM system includes the HWID, and wherein producing the (n)th executable comprises injecting the included HWID into at least a portion of the reserved space.
- View Dependent Claims (25, 26, 27)
- - 25. The method of claim 24 wherein producing the (n)th executable comprises injecting the secret into at least a portion of the reserved space in a manner hidden except to the (n)th executable.
  - 26. The method of claim 24 wherein the DRM system resides on a computing device having a hardware ID (HWID) associated therewith, wherein the request from the DRM system includes the HWID, and wherein producing the (n)th executable comprises producing the (n)th executable based at least in part on the included HWID and based on a code optimization/randomization technique.
  - 27. The method of claim 24 comprising:
    - receiving, at a code optimizer/randomizer, a master executable and randomized optimization parameters as inputs; and
      
      producing, at the code optimizer/randomizer, the (n)th executable as an output based on the inputs thereto.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Davis, Malcolm, Venkatesan, Ramarathnam, Peinado, Marcus
Primary Examiner(s)
Vu; Kim
Assistant Examiner(s)
TRUVAN, LEYNNA THANH

Application Number

US09/525,509
Time in Patent Office

2,862 Days
Field of Search

713200-201, 713/167, 713/176, 713/171, 713/193, 380228-229, 380/259, 380/268, 380277-281, 380/286, 380 44- 46, 380 28- 30, 709201-203, 709223-225, 709/229, 703/229, 726 2- 3, 726/6, 726 18- 19
US Class Current

380/277
CPC Class Codes

H04L 2209/603   Digital right managament [DRM]

H04L 9/0825   using asymmetric-key encryp...

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

Producing a new black box for a digital rights management (DRM) system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Producing a new black box for a digital rights management (DRM) system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links