Method and system to provide secure key selection using a secure device in a watercrypting environment

US 7,415,440 B1
Filed: 02/22/2002
Issued: 08/19/2008
Est. Priority Date: 02/22/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A computerized method to provide secure key selection comprising:

transmitting a license from a server to a secure device for storage, the license containing a product key of a watercrypted content and a client identifier;

transmitting via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content to said secure device;

transmitting a request to provide a session content key from said plurality of content keys, said session content key encrypted at said secure device using a transport key encrypted with a public key associated with said server, and said session content key being used to decrypt said watercrypted content; and

receiving said session content key from said secure device in response to said request.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system are disclosed to provide secure key selection using a secure device in a watercrypting environment. A license containing a product key of a watercrypted content and a client identifier is transmitted to a secure device for storage. An entitlement control message containing multiple content keys associated with the watercrypted content is further transmitted to the secure device, together with a request to provide a session content key from the multiple content keys, the session content key to be used to decrypt the watercrypted content. Finally, the session content key is received from the secure device in response to the request.

57 Citations

View as Search Results

42 Claims

1. A computerized method to provide secure key selection comprising:
- transmitting a license from a server to a secure device for storage, the license containing a product key of a watercrypted content and a client identifier;
  
  transmitting via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content to said secure device;
  
  transmitting a request to provide a session content key from said plurality of content keys, said session content key encrypted at said secure device using a transport key encrypted with a public key associated with said server, and said session content key being used to decrypt said watercrypted content; and
  
  receiving said session content key from said secure device in response to said request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 14, 28, 42)
- - 2. The method according to claim 1, wherein said license is encrypted with a public key of said secure device to allow said secure device to access said license.
  - 3. The method according to claim 1, wherein said license is encrypted with a secret key of said secure device to allow said secure device to access said license.
  - 4. The method according to claim 1, further comprising:
    - establishing a secure channel to communicate securely with said secure device.
  - 5. The method according to claim 4, wherein said establishing further comprises:
    - encrypting said transport key with a personal public key; and
      
      transmitting said transport key to said secure device.
  - 6. The method according to claim 5, wherein said receiving further comprises:
    - receiving said session content key encrypted with said transport key; and
      
      decrypting said session content key to be used in decrypting said watercrypted content.
  - 7. The method according to claim 1, wherein said secure device is a smart card device.
  - 8. The method according to claim 1, further comprising receiving said license from a content server which distributed said watercrypted content.
  - 9. The method according to claim 1, further comprising receiving said license from an entity connected to a content server which distributed said watercrypted content, said entity storing said client identifier and being configured to encrypt said product key with a public key of said secure device.
  - 10. The method according to claim 1, further comprising receiving said entitlement control message from a content server which distributed said watercrypted content.
  - 14. The method according to claim 4, wherein said transmitting further comprises transmitting said session content key encrypted with said transport key to said decoder.
  - 28. The apparatus according to claim 4, further comprising means for transmitting said session content key encrypted with said transport key to said decoder.
  - 42. The apparatus according to claim 4, wherein said secure device further transmits said session content key encrypted with said transport key to said decoder.

11. A computerized method to provide secure key selection comprising:
- electronically storing a license containing a product key of a watercrypted content and a client identifier from a decoder;
  
  receiving via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content from said decoder;
  
  receiving a request to provide a session content key from said plurality of content keys, said session content key to be used to decrypt said watercrypted content;
  
  selecting said session content key using said product key and said client identifier from said license;
  
  receiving a transport key encrypted with a public key of said decoder;
  
  encrypting said session content key with said transport key; and
  
  transmitting said session content key to said decoder in response to said request.
- View Dependent Claims (12, 13)
- - 12. The method according to claim 11, wherein said license is encrypted with a personal public key to allow access to said license.
  - 13. The method according to claim 12, further comprising decrypting said license using said personal public key.

15. Electronic apparatus to provide secure key selection comprising:
- means for transmitting a license from a server to a secure device for storage, the license containing a product key of a watercrypted content and a client;
  
  means for transmitting via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content to said secure device;
  
  means for transmitting a request to provide a session content key from said plurality of content keys, said session content key encrypted at said secure device using a transport key encrypted with a public key associated with said server, and said session content key being used to decrypt said watercrypted content; and
  
  means for receiving said session content key from said secure device in response to said request.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 16. The apparatus according to claim 15, wherein said license is encrypted with a public key of said secure device to allow said secure device to access said license.
  - 17. The apparatus according to claim 15, wherein said license is encrypted with a secret key of said secure device to allow said secure device to access said license.
  - 18. The apparatus according to claim 15, further comprising:
    - means for establishing a secure channel to communicate securely with said secure device.
  - 19. The apparatus according to claim 18, further comprising:
    - means for encrypting a transport key with a personal public key; and
      
      means for transmitting said transport key to said secure device.
  - 20. The apparatus according to claim 19, further comprising:
    - means for receiving said session content key encrypted with said transport key; and
      
      means for decrypting said session content key to be used in decrypting said watercrypted content.
  - 21. The apparatus according to claim 15, wherein said secure device is a smart card device.
  - 22. The apparatus according to claim 15, further comprising means for receiving said license from a content server which distributed said watercrypted content.
  - 23. The apparatus according to claim 15, further comprising means for receiving said license from an entity connected to a content server which distributed said watercrypted content, said entity storing said client identifier and being configured to encrypt said product key with a public key of said secure device.
  - 24. The apparatus according to claim 15, further comprising means for receiving said entitlement control message from a content server which distributed said watercrypted content.

25. Electronic apparatus to provide secure key selection comprising:
- means for electronically storing a license containing a product key of a watercrypted content and a client identifier from a decoder;
  
  means for receiving via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content from said decoder;
  
  means for receiving a request to provide a session content key from said plurality of content keys, said session content key to be used to decrypt said watercrypted content;
  
  means for selecting said session content key using said product key and said client identifier from said license;
  
  means for receiving a transport key encrypted with a public key of said decoder;
  
  means for encrypting said session content key with said transport key; and
  
  means for transmitting said session content key to said decoder in response to said request.
- View Dependent Claims (26, 27)
- - 26. The apparatus according to claim 25, wherein said license is encrypted with a personal public key to allow access to said license.
  - 27. The apparatus according to claim 26, further comprising means for decrypting said license using said personal public key.

29. A computer readable medium containing executable instructions, which, when executed in a processing system, cause said processing system to perform a method to provide secure key selection comprising:
- transmitting a license from a server to a secure device for storage, the license containing a product key of a watercrypted content and a client identifier;
  
  transmitting via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content to said secure device;
  
  receiving a request to provide a session content key from said plurality of content keys, said session content key encrypted at said secure device using a transport key encrypted with a public key associated with said server, and said session content key being used to decrypt said watercrypted content; and
  
  receiving said session content key from said secure device in response to said request.

30. A computer readable medium containing executable instructions, which, when executed in a processing system, cause said processing system to perform a method to provide secure key selection comprising:
- electronically storing a license containing a product key of a watercrypted content and a client identifier from a decoder;
  
  receiving via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content from said decoder;
  
  receiving a request to provide a session content key from said plurality of content keys, said session content key to be used to decrypt said watercrypted content;
  
  selecting said session content key using said product key and said client identifier from said license;
  
  receiving a transport key encrypted with a public key of said decoder;
  
  encrypting said session content key with said transport key; and
  
  transmitting said session content key to said decoder in response to said request.

31. Electronic apparatus to provide secure key selection comprising:
- a decoder; and
  
  a secure device coupled to said decoder to store a license sent from said decoder, said license containing a product key of a watercrypted content and a client identifier, to receive via an electronic network an entitlement control message containing a plurality of content keys associated with said watercrypted content from said decoder and to receive a request to provide a session content key from said plurality of content keys, said secure device further receives a transport key encrypted with a decoder public key of said decoder and encrypts said session content key with said transport key, said session content key used to decrypt said watercrypted content, to select said session content key using said product key and said client identifier from said license, and to transmit said session content key to said decoder in response to said request.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 32. The apparatus according to claim 31, wherein said license is encrypted with a public key of said secure device to allow said secure device to access said license.
  - 33. The apparatus according to claim 31, wherein said license is encrypted with a secret key of said secure device to allow said secure device to access said license.
  - 34. The apparatus according to claim 31, wherein said decoder further establishes a secure channel to communicate securely with said secure device.
  - 35. The apparatus according to claim 34, wherein, in establishing said secure channel, said decoder further encrypts a transport key with a decoder public key and transmits said transport key to said secure device.
  - 36. The apparatus according to claim 35, wherein said decoder further receives said session content key encrypted with said transport key and decrypts said session content key to be used in decrypting said watercrypted content.
  - 37. The apparatus according to claim 31, wherein said secure device is a smart card device.
  - 38. The apparatus according to claim 31, wherein said decoder further receives said license from a content server, which distributed said watercrypted content.
  - 39. The apparatus according to claim 31, wherein said decoder further receives said license from an entity connected to a content server which distributed said watercrypted content, said entity storing said client identifier and being configured to encrypt said product key with a public key of said secure device.
  - 40. The apparatus according to claim 31, wherein said decoder further receives said entitlement control message from a content server, which distributed said watercrypted content.
  - 41. The apparatus according to claim 32, wherein said secure device further decrypts said license using said public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Irdeto USA Incorporated (MultiChoice Group Ltd.)
Original Assignee
Entriq Incorporated
Inventors
Fransdonk, Robert
Primary Examiner(s)
Fischer; Andrew J.
Assistant Examiner(s)
WINTER, JOHN M

Application Number

US10/082,498
Time in Patent Office

2,370 Days
Field of Search

705/59, 705/1, 705/50, 705/51, 705/55, 380/4
US Class Current

705/59
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04N 21/26606   for generating or managing ...

H04N 21/63345   by transmitting keys key di...

H04N 21/8358   involving watermark protect...

Method and system to provide secure key selection using a secure device in a watercrypting environment

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

57 Citations

42 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system to provide secure key selection using a secure device in a watercrypting environment

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

42 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links