Secure device authentication system and method

US 7,624,276 B2
Filed: 10/24/2006
Issued: 11/24/2009
Est. Priority Date: 10/16/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

accessing a header including a data structure and a set of hash values;

obtaining from the data structure a first root hash of a hierarchical hash tree;

computing a second root hash from the set of hash values;

comparing the first root hash to the second root hash;

if the first root hash and the second root hash match,obtaining an encrypted key from the data structure;

securely decrypting the encrypted key;

securely storing the key such that the key is not passed in the clear;

providing a reference to the key;

decrypting a data block with the reference to the key;

loading authentication data from a sub-block associated with the data block;

identifying, in the authentication data, a first set of hash values associated with a first level of the hierarchical hash tree;

computing a cryptographic hash of the data block to determine a first hash value;

comparing the first hash value to a corresponding value in the first set of hash values;

rejecting a block data request if the first hash value and the corresponding value in the first set of hash values do not match.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A technique for security and authentication on block-based media includes involves the use of protected keys, providing authentication and encryption primitives. A system according to the technique may include a secure device having a security kernel with protected keys. A disk drive security mechanism may support authentication of data, secrecy, and ticket validation using the security kernel and, for example, a ticket services module (e.g., a shared service that may or may not be used by other storage devices like flash).

146 Citations

21 Claims

1. A method comprising:
- accessing a header including a data structure and a set of hash values;
  
  obtaining from the data structure a first root hash of a hierarchical hash tree;
  
  computing a second root hash from the set of hash values;
  
  comparing the first root hash to the second root hash;
  
  if the first root hash and the second root hash match,obtaining an encrypted key from the data structure;
  
  securely decrypting the encrypted key;
  
  securely storing the key such that the key is not passed in the clear;
  
  providing a reference to the key;
  
  decrypting a data block with the reference to the key;
  
  loading authentication data from a sub-block associated with the data block;
  
  identifying, in the authentication data, a first set of hash values associated with a first level of the hierarchical hash tree;
  
  computing a cryptographic hash of the data block to determine a first hash value;
  
  comparing the first hash value to a corresponding value in the first set of hash values;
  
  rejecting a block data request if the first hash value and the corresponding value in the first set of hash values do not match.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the data structure is public key signed.
  - 3. The method of claim 1, further comprising authenticating the data structure.
  - 4. The method of claim 1, further comprising securely storing the set of hash values included in the header.
  - 5. The method of claim 1, further comprising caching the hierarchical hash tree.
  - 6. The method of claim 1, further comprising rejecting the header if the first root hash and the second root hash do not match.
  - 7. The method of claim 1, further comprising validating a rights management ticket from a source other than the header.
  - 8. The method of claim 1, wherein the reference to the key is provided in the clear.
  - 9. The method of claim 1, wherein decrypting a data block with the reference to the key further comprises:
    - providing the reference to the key to a secure decryption engine;
      
      decrypting the data block such that the key is not passed in the clear.
  - 10. The method of claim 1, further comprising decrypting at least a portion of the sub-block.
  - 11. The method of claim 1, further comprising, in each hash block:
    - inserting a calculated hash in an appropriate location;
      
      computing the hash of the hash block.
  - 12. The method of claim 1, if the first hash value matches the corresponding value in the first set of hash values, further comprising:
    - computing a second hash value corresponding to the first set of hash values;
      
      identifying, in the authentication data, a second set of hash values associated with a second level of the hierarchical hash tree;
      
      comparing the second hash value to a corresponding value in the second set of hash values;
      
      rejecting the block data request if the second hash value and the corresponding value in the second set of hash values do not match.
  - 13. The method of claim 12, if the second hash value matches the corresponding value in the second set of hash values, further comprising:
    - computing a third hash value corresponding to the second set of hash values;
      
      identifying, in the authentication data, a third set of hash values associated with a third level of the hierarchical hash tree;
      
      comparing the third hash value to a corresponding value in the third set of hash values;
      
      rejecting the block data request if the third hash value and the corresponding value in the third set of hash values do not match.
  - 14. The method of claim 13, if the third hash value matches the corresponding value in the third set of hash values, wherein the set of hash values of the header are a fourth set of hash values, and wherein the fourth set of hash values are associated with a fourth level of the hierarchical hash tree, further comprising:
    - computing a fourth hash value corresponding to the third set of hash values;
      
      providing a fourth set of hash values associated with a fourth level of the hierarchical hash tree;
      
      comparing the fourth hash value to a corresponding value in the fourth set of hash values;
      
      rejecting the block data request if the fourth hash value and the corresponding value in the fourth set of hash values do not match;
      
      returning the data block if the fourth hash value and the corresponding value in the fourth set of hash values match.

15. A system comprising:
- a block-based media driver coupled to a security API, wherein, in operation, the block-based media driver accesses a header associated with a block-based media device and extracts authentication data from the header;
  
  ticket services coupled to the block-based media driver and the security API, wherein, in operation, the ticket services receive the authentication data from the block-based media driver and send a key decryption request to the security API;
  
  a security kernel including the security API, an encryption/decryption engine, and a key store accessible to the security API, wherein, in operation, the encryption/decryption engine decrypts the key, the key is stored in the key store, and the security API returns a reference to the key to the ticket services;
  
  wherein, in operation, the ticket services validates the authentication data and returns the reference to the key to the block-based media driver;
  
  wherein, in operation, the block-based media driver accesses data blocks of the block-based media device, sends a block decryption request to the security API, and the security kernel decrypts the blocks and validates a hierarchical hash tree associated with the data blocks.
- View Dependent Claims (16, 17)
- - 16. The system of claim 15, further comprising the block-based media device, wherein the header associated with the block-based media device includes a root hash value and a plurality of root-child hash values.
  - 17. The system of claim 15, further comprising the block-based media device, wherein the data blocks each include a hash sub-block and a plurality of content data blocks.

18. A system having a means for secure content delivery with block-based media, comprising:
- a secure key store means;
  
  a means for accessing an encrypted key from a header of a block-based media device;
  
  a means for securely decrypting the encrypted key;
  
  a means for securely storing the key in the key store;
  
  a means for referencing the key to securely decrypt data blocks of the block-based media device;
  
  a means for providing hash values in association with the block-based media device and each data block of the block-based media device.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18, further comprising a means for aborting block-based media device access if hash values in the header are rejected.
  - 20. The system of claim 18, further comprising a means for aborting data block access if hash values in the data block are rejected.

21. A method comprising:
- accessing a header including a data structure and a set of hash values;
  
  obtaining from the data structure a first root hash of a hierarchical hash tree;
  
  computing a second root hash from the set of hash values;
  
  comparing the first root hash to the second root hash;
  
  if the first root hash and the second root has match,obtaining an encrypted key from the data structure;
  
  securely decrypting the encrypted key;
  
  securely storing the key such that the key is not passed in the clear;
  
  providing a reference to the key;
  
  loading authentication data from a sub-block associated with an encrypted data block;
  
  identifying, in the authentication data, a first set of hash values associated with a first level of the hierarchical hash tree;
  
  computing a cryptographic hash of the encrypted data block to determine a first hash value;
  
  comparing the first hash value to a corresponding value in the first set of hash values;
  
  rejecting a block data request if the first hash value and the corresponding value in the first set of hash values do not match;
  
  decrypting the encrypted data block with the reference to the key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Broadon Communications Corp. (Acer, Inc.)
Inventors
Srinivasan, Pramila, Princen, John, Anderson, Craig Steven
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
ALMEIDA, DEVIN E

Application Number

US11/586,446
Publication Number

US 20080091945A1
Time in Patent Office

1,127 Days
Field of Search

713155-159, 713/170, 713/201, 713/193, 380/229, 380/232, 380247-250
US Class Current

713/177
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G11B 20/00086   Circuits for prevention of ...

G11B 20/0021   involving encryption or dec...

G11B 20/00333   the key being stored in hea...

G11B 20/00507   wherein consecutive physica...

H04L 2209/605   Copy protection

H04L 9/0897   involving additional device...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3236   using cryptographic hash fu...

H04L 9/3265   using certificate chains, t...

H04L 9/50   using hash chains, e.g. blo...

Secure device authentication system and method

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

146 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

Secure device authentication system and method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

146 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others