System and method for enhanced piracy protection in a wireless personal communication device

US 7,836,515 B1
Filed: 08/06/2007
Issued: 11/16/2010
Est. Priority Date: 07/31/2001
Status: Active Grant

First Claim

Patent Images

1. A method of controlling content usage in a personal communication device, comprising:

receiving a first and second key-share, encrypted content, and a set of measurement parameters over a communication link in response to a request to access the encrypted content and verification of a credit;

combining at least the first key-share, the second key-share that is received from a finance server when the credit is verified, and a device-dependent key-share that is pre-stored in the personal communication device, to generate a decryption key to decrypt the encrypted content; and

monitoring usage of the decrypted content and purging at least one of the key-shares when the usage exceeds one of the set of measurement parameters.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A key-sharing scheme is used to control distribution and use of video and audio content in personal digital assistants (PDAs) and other wireless devices. A private key is split into key-shares using a Blakley-Shamir key splitting technique and the key-shares are distributed to various network entities including a finance server and security server. Key-shares are also stored in a user'"'"'s subscriber identity module (SIM) and a security processor of the PDA. The key-shares from the network entities are provided to the PDA after the user requests specific video or audio content and a credit verification is performed. The PDA'"'"'s security processor combines the key-shares to form the decryption key for use in playing the content by the PDA'"'"'s communications processor. When a service limit is reached, the PDA'"'"'s security processor purges the key-shares to prevent further use of the content.

Citations

25 Claims

1. A method of controlling content usage in a personal communication device, comprising:
- receiving a first and second key-share, encrypted content, and a set of measurement parameters over a communication link in response to a request to access the encrypted content and verification of a credit;
  
  combining at least the first key-share, the second key-share that is received from a finance server when the credit is verified, and a device-dependent key-share that is pre-stored in the personal communication device, to generate a decryption key to decrypt the encrypted content; and
  
  monitoring usage of the decrypted content and purging at least one of the key-shares when the usage exceeds one of the set of measurement parameters.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method according to claim 1, further comprising:
    - receiving an authentication code for securing the set of measurement parameters, the authentication code being provided along with the encrypted content; and
      
      authenticating the set of measurement parameters with the authentication code to help prevent tampering with the set of measurement parameters.
  - 3. The method according to claim 1, further comprising:
    - storing the device-dependent key-share in a processor area of the personal communication device.
  - 4. The method according to claim 1, further comprising:
    - purging at least one of the key-shares when the usage of the decrypted content exceeds a service limit as indicated by one of the set of measurement parameters.
  - 5. The method according to claim 1, further comprising:
    - retrieving a user-dependent key-share from a subscriber identity module (SIM) inserted into the personal communication device.
  - 6. The method according to claim 5, wherein the user-dependent key-share is pre-stored in the subscriber identity module (SIM).
  - 7. The method according to claim 1, further comprising:
    - prohibiting storage of the decrypted content.
  - 8. The method according to claim 1, wherein the set of measurement parameters comprise at least one of a date-limit, a run-time limit, and an iteration limit.
  - 9. The method according to claim 1, wherein the set of measurement parameters are generated by a user based on the user'"'"'s intended usage of the encrypted content.
  - 10. The method according to claim 1, further comprising:
    - receiving the set of measurement parameters selectable by the user and their associated costs.

11. A method of controlling content usage in a personal communication device using a decryption key that is divided into a plurality of key-shares, the method comprising:
- providing the personal communication device a first key-share and a set of measurement parameters in response to a request for content; and
  
  verifying a credit by a finance server in communication with the personal communication device;
  
  providing the personal communication device a second key-share when the credit is confirmed by the finance server; and
  
  combining the first and second key-shares with a third key-share that is device dependent and pre-stored in the personal communication device for use in decrypting the content.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 12. The method according to claim 11, further comprising:
    - monitoring usage of the content with a security processor of the personal communications device; and
      
      purging at least one of the key-shares from the personal communication device when the usage exceeds one of the set of measurement parameters stored in the personal communications device.
  - 13. The method according to claim 12, further comprising:
    - receiving the request for the content from the personal communication device, the request identifying the content and the set of measurement parameters for the content.
  - 14. The method according to claim 11, further comprising:
    - receiving the content from a security server;
      
      encrypting the content in the security server with an encryption key; and
      
      providing the encrypted content from the security server to the personal communication device over a wireless communication link.
  - 15. The method according to claim 14, wherein a content server and the security server communicate over a non-secure network, and the method includes the content server adding security to the content prior to providing the content to the security server.
  - 16. The method according to claim 11, wherein the providing the first key-share is performed by a security server in communication with the personal communication device.
  - 17. The method according to claim 11, wherein the third key-share is stored in a subscriber identity module (SIM) associated with the user, and wherein a fourth key-share is stored in the personal communication device and associated with a security processor of the personal communication device, and wherein the security processor combines the first, second, third and fourth key-shares to decrypt the content.
  - 18. The method according to claim 11, wherein the plurality of key-shares are Blakley-Shamir key-shares.
  - 19. The method according to claim 11, wherein the content comprises at least one of video content and music content.
  - 20. The method according to claim 11, further comprising:
    - generating the set of measuring parameters comprising at least one of a date-limit, a run-time limit, and an iteration limit, andwherein the personal communication device monitors usage of the content with respect to the set of measurement parameters and purges at least one of the key-shares when the usage exceeds one of the set of measurement parameters.
  - 21. The method according to claim 20, further comprising:
    - defining the set of measurement parameters based on preferences of a content provider.
  - 22. The method according to claim 21, wherein the set of measurement parameters have an authentication code associated therewith, and wherein a security processor of the personal communication device purges at least one of the key-shares when the authentication code fails to authenticate.
  - 23. The method according to claim 20, wherein the date-limit defines an end calendar date for playing the content, the run-time limit defines a maximum amount of time for playing portions of the content, and the iteration limit defines a maximum number of times for playing the content or portions thereof.
  - 24. The method according to claim 11, wherein the personal communication device receives the first and second key-share over a wireless communication link.
  - 25. The method according to claim 11, further comprising:
    - providing the set of measurement parameters selectable by the user and their associated costs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Marvell Asia Pte Limited (Marvell Technology Group Limited)
Original Assignee
Marvell International Limited (Marvell Technology Group Limited)
Inventors
Woodward, Ernest E.
Primary Examiner(s)
Pyzocha; Michael

Application Number

US11/882,840
Time in Patent Office

1,198 Days
Field of Search

380/231, 726/31, 707/10, 705/57
US Class Current

726/31
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 9/085   Secret sharing or secret sp...

System and method for enhanced piracy protection in a wireless personal communication device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for enhanced piracy protection in a wireless personal communication device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links