System, method, and service for tracing traitors from content protection circumvention devices
First Claim
1. A processor implemented method of tracing a traitor from a circumvention device comprising:
- generating a hypothesized model on a hypothesized set of device keys that models a hypothesis that the circumvention device comprises the hypothesized set of device keys;
identifying a compromised device key;
removing the compromised key, adding new keys to the hypothesized set of keys and updating the hypothesized model until a media key block (MKB) created on the hypothesized set of device keys disables the circumvention device;
iteratively detecting additional compromised device keys from the set of compromised device keys, until a majority of the compromised device keys in the set of compromised device keys are identified so as to disable the circumvention device;
generating probabilities of the newly added keys being in the circumvention device;
generating a circumvention device model that models a behavior of a circumvention device, wherein the circumvention device comprises a plurality of compromised device keys; and
the circumvention device incorporates predetermined hypotheses regarding hypothetical compromised keys,wherein the circumvention device model includes a set of tests from which the test is selected, a set of key sets comprising one key set for each of the set of tests, and a respective probability for each of the key sets indicating likelihood, based on history of iterative tests including said set of tests, that the circumvention device will play the one of the set of tests associated with the key set;
storing a history of the set of tests;
selecting a test based on a hypothesized model and the circumvention device model to apply to the circumvention device;
encrypting the selected test;
receiving a response from the circumvention device, the response indicating success of the selected test in playing a protected content on the circumvention device;
updating the hypothesized model using the received response, the selected test, a current version of the hypothesized model, and a current version of the circumvention device model for selecting at least one test that identifies the compromised device keys obtained from the traitor; and
testing the hypothesized model to determine the strength of the belief that the compromised device key is contained in the circumvention device.
5 Assignments
0 Petitions
Accused Products
Abstract
A traitor tracing system generates a hypothesized model of the circumvention device that models a hypothesized set of device keys compromised by the circumvention device. The system iteratively invokes a subset tracing system to identify a compromised device key until substantially all the compromised device keys in the set of compromised device keys are identified so as to disable the circumvention device. A subset tracing system generates a circumvention device model that models behavior of a circumvention device using prior knowledge and The system iteratively selects and applies to the circumvention device a test based on the hypothesized model and the circumvention device model and receives a response from the circumvention device indicating a success of the test in playing protected content on the circumvention device. The system updates the hypothesized model using the received response, the selected test, a current version of the hypothesized model, and a current version of the circumvention device model to focus the test selecting process in determining the device keys obtained from the traitor.
10 Citations
27 Claims
-
1. A processor implemented method of tracing a traitor from a circumvention device comprising:
-
generating a hypothesized model on a hypothesized set of device keys that models a hypothesis that the circumvention device comprises the hypothesized set of device keys; identifying a compromised device key; removing the compromised key, adding new keys to the hypothesized set of keys and updating the hypothesized model until a media key block (MKB) created on the hypothesized set of device keys disables the circumvention device; iteratively detecting additional compromised device keys from the set of compromised device keys, until a majority of the compromised device keys in the set of compromised device keys are identified so as to disable the circumvention device; generating probabilities of the newly added keys being in the circumvention device; generating a circumvention device model that models a behavior of a circumvention device, wherein the circumvention device comprises a plurality of compromised device keys; and
the circumvention device incorporates predetermined hypotheses regarding hypothetical compromised keys,wherein the circumvention device model includes a set of tests from which the test is selected, a set of key sets comprising one key set for each of the set of tests, and a respective probability for each of the key sets indicating likelihood, based on history of iterative tests including said set of tests, that the circumvention device will play the one of the set of tests associated with the key set; storing a history of the set of tests; selecting a test based on a hypothesized model and the circumvention device model to apply to the circumvention device; encrypting the selected test; receiving a response from the circumvention device, the response indicating success of the selected test in playing a protected content on the circumvention device; updating the hypothesized model using the received response, the selected test, a current version of the hypothesized model, and a current version of the circumvention device model for selecting at least one test that identifies the compromised device keys obtained from the traitor; and testing the hypothesized model to determine the strength of the belief that the compromised device key is contained in the circumvention device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer program product stored on a non-transitory computer storage medium having a plurality of executable instruction codes stored on a computer readable medium for tracing a traitor from a circumvention device, the circumvention device comprising at least one compromised device key obtained from the traitor, the computer program product comprising:
-
a set of instruction codes for generating a hypothesized model on a hypothesized set of device keys that models a hypothesis that the circumvention device comprises a hypothesized set of device keys; a set of instruction codes for passing the hypothesized model and invoking a subset tracing method to identify the compromised device key; a set of instruction codes for iteratively detecting additional compromised device keys from the set of compromised device keys, until a majority of the compromised device keys in a set of compromised device keys are identified so as to disable the circumvention device; a set of instruction codes for generating a circumvention device model that models a behavior of the circumvention device, wherein the circumvention device model comprises a set of tests from which the test is selected, a set of key sets comprising one key set for each of the set of tests, and a probability for each of the key sets indicating a likelihood that the circumvention device will play the one of the set of tests associated with the key set, with the probability based on a history of iterative tests including said set of tests; a set of instruction codes for storing the history of the iterative tests; a set of instruction codes for selecting a test based on the hypothesized model and the circumvention device model to apply to the circumvention device; a set of instruction codes for encrypting the selected test; a set of instruction codes for receiving a response from the circumvention device, the response indicating a success of the test in playing a protected content on the circumvention device; a set of instruction codes for updating the hypothesized model using the received response, the selected test, a current version of the hypothesized model, and a current version of the circumvention device model for selecting at least one test that identifies compromised device keys obtained from the traitor; and a set of instruction codes for testing the hypothesized model to determine the strength of the belief that the compromised device key is contained in the circumvention device. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer processor-implemented system for tracing a traitor from a circumvention device, the circumvention device comprising at least one compromised device key obtained from the traitor, the system comprising:
-
a memory; a hypothesized model on a hypothesized set of device keys stored in the memory that models a hypothesis that the circumvention device comprises a hypothesized set of device keys; a significance module stored in the memory that passes the hypothesized model to a subset tracing method to identify a compromised device key; an update module stored in the memory that removes the compromised device key, adding new keys to the hypothesized set of device keys and updating the hypothesized model until a MKB created on the hypothesized model can disable the circumvention device; a detection module stored in the memory that iteratively detects additional compromised device keys from the set of compromised device keys, until the compromised device keys in the set of compromised device keys are identified so as to disable the circumvention device; an encryption module stored in the memory that encrypts the selected test; a circumvention device model module stored in the memory for generating a circumvention device model that models a behavior of the circumvention device, wherein the circumvention device model includes a set of tests from which the test is selected, a set of key sets comprising one key set for each of the set of tests, and a respective probability for each of the key sets indicating likelihood, based on a stored history of iterative tests including said set of tests, that the circumvention device will play the one of the set of tests associated with the key set; a test selection module stored in the memory for selecting a test based on the hypothesized model and the circumvention device model to apply to the circumvention device; a hypothesis update module stored in the memory for receiving a response from the circumvention device, the response indicating a success of the test in playing a protected content on the circumvention device; the hypothesis update module updating the hypothesized model using the received response, the selected test, a current version of the hypothesized model, and a current version of the circumvention device model for selecting at least one test that identifies the compromised device keys obtained from the traitor, wherein the system incorporates predetermined hypotheses regarding hypothetical compromised keys; and the significance module further for testing the hypothesized model to determine the strength of the belief that the compromised device key is contained in the circumvention device. - View Dependent Claims (27)
-
Specification