Self-protecting digital content
First Claim
1. A non-transitory storage medium containing content with protections against unauthorized copying, the storage medium comprising:
- digital signature authenticating at least an identifier of the storage medium;
a revocations list for identifying at least one revoked storage medium;
content that is encrypted by using broadcast encryption, whereby;
each of a plurality of authorized playback devices has cryptographic keys sufficient for decrypting the content, andeach of a plurality of revoked playback devices does not have keys sufficient for decrypting the content;
program logic for an interpreter of a Turing complete language, the program logic being a portion of the content and adapted for execution on a playback device in order to play another portion of the same content, the program logic being loaded with the content on the playback device, the program logic further configured for cryptographically authenticating the revocations list, the program logic further configured to perform a security check that interrogates a playback environment of the playback device and to verify at least one of;
a playback device identity, including at least one of a player serial number, specific subscriber information, a player model, or a player software version, and a user identity, including at least one of a user name, geographical region, email address, or a web address, the program logic further configured to reduce output quality if a result of the interrogation of the playback environment is uncertain;
a plurality of versions for each of a plurality of portions of the content, wherein;
said versions for each portion are distinguished from each other,said versions are encrypted with different keys, such that each of said authorized playback devices is capable of deciphering at least one, but not all, of said versions for each of said portions, andthe combination of said portions decipherable by a given player being usable to identify said player, the program logic being further configured to provide a correct set of decryption keys for decrypting each of said versions decipherable by a given player, at least one decryption key of the set of decryption keys for decrypting a corresponding one of said versions decipherable by a given player; and
interface logic defining an interface usable to interact with a user and to control playback of the content by using the program logic.
7 Assignments
0 Petitions
Accused Products
Abstract
Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title'"'"'s security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.
292 Citations
22 Claims
-
1. A non-transitory storage medium containing content with protections against unauthorized copying, the storage medium comprising:
-
digital signature authenticating at least an identifier of the storage medium; a revocations list for identifying at least one revoked storage medium; content that is encrypted by using broadcast encryption, whereby; each of a plurality of authorized playback devices has cryptographic keys sufficient for decrypting the content, and each of a plurality of revoked playback devices does not have keys sufficient for decrypting the content; program logic for an interpreter of a Turing complete language, the program logic being a portion of the content and adapted for execution on a playback device in order to play another portion of the same content, the program logic being loaded with the content on the playback device, the program logic further configured for cryptographically authenticating the revocations list, the program logic further configured to perform a security check that interrogates a playback environment of the playback device and to verify at least one of;
a playback device identity, including at least one of a player serial number, specific subscriber information, a player model, or a player software version, and a user identity, including at least one of a user name, geographical region, email address, or a web address, the program logic further configured to reduce output quality if a result of the interrogation of the playback environment is uncertain;a plurality of versions for each of a plurality of portions of the content, wherein; said versions for each portion are distinguished from each other, said versions are encrypted with different keys, such that each of said authorized playback devices is capable of deciphering at least one, but not all, of said versions for each of said portions, and the combination of said portions decipherable by a given player being usable to identify said player, the program logic being further configured to provide a correct set of decryption keys for decrypting each of said versions decipherable by a given player, at least one decryption key of the set of decryption keys for decrypting a corresponding one of said versions decipherable by a given player; and interface logic defining an interface usable to interact with a user and to control playback of the content by using the program logic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A device for securely playing content, the content including a plurality of regions each having multiple versions thereof, the device comprising:
-
a media reader for use in reading data from a storage medium; a nonvolatile memory containing; a set of cryptographic player keys for use with a broadcast encryption system, and identifiers of revoked media; a bulk decryption module for decrypting encrypted content from the storage medium; a Turing-complete interpreter for executing program logic, the program logic being a portion of the content and configured to; load with the content from the media reader, the program logic being adapted for execution on the device in order to play another portion of the same content on the device; cryptographically authenticate identifiers of revoked media; interrogate a playback environment of the device and to verify at least one of;
a device identity, including at least one of a player serial number, specific subscriber information, a player model, or a player software version, and a user identity, including at least one of a user name, geographical region, email address, or a web address, the program logic further configured to reduce output quality if a result of the interrogation of the playback environment is uncertain;verify whether digital signatures contained on the storage medium authenticate the storage medium; verify whether the storage medium is identified as revoked in said nonvolatile memory; select a version of each of the plurality of regions, thereby generating a set of selected versions; provide a correct set of decryption keys for decrypting each of said selected versions, at least one decryption key of the set of decryption keys for decrypting a corresponding one of said versions; and decrypt said selected version, whereby a combination of said versions selected in the course of playing content from the storage medium uniquely identifies said device; and at least one codec for decoding content. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A method for playing encrypted content from a storage medium, the method comprising:
-
verifying a digital signature for authenticating said medium; retrieving at least one player key from a nonvolatile memory; using said at least one player key with a broadcast encryption system; using a result of said broadcast encryption system to decrypt at least a portion of the content; reading program logic for a Turing-complete interpreted language from the medium, the program logic being a portion of the content, the program logic being adapted for execution on a media player device in order to play another portion of the same content on the media player device; using an interpreter to execute said program logic, wherein said interpreter performs operations specified in said program logic including; cryptographically authenticating identifiers of revoked media; interrogating a playback environment of the device and to verify at least one of;
adevice identity, including at least one of a player serial number, specific subscriber information, a player model, or a player software version, and a user identity, including at least one of a user name, geographical region, email address, or a web address, the program logic further configured to reduce output quality if a result of the interrogation of the playback environment is uncertain; verifying whether digital signatures contained on the medium authenticate the medium; verifying whether the medium is identified as revoked in said nonvolatile memory; selecting a variant from a plurality of variants for each of a plurality of portions of the content, wherein; said media player device for decrypting said selected variant; and said media player device lacks at least one cryptographic key required to decrypt at least one non-selected variant for each portion; providing a correct set of decryption keys for decrypting each selected variant, at least one decryption key of the set of decryption keys for decrypting a corresponding one of said selected variants; and decrypting each selected variant by using the provided correct set of decryption keys. - View Dependent Claims (19, 20, 21, 22)
-
Specification