System and method for enhanced piracy protection in a wireless personal communication device

US 8,185,965 B1
Filed: 11/10/2010
Issued: 05/22/2012
Est. Priority Date: 07/31/2001
Status: Active Grant

First Claim

Patent Images

1. A method of controlling content usage in a personal communication device, comprising:

receiving a first and second key-share, encrypted content, and a set of measurement parameters over a communication link in response to a request to access the encrypted content and verification of a credit; and

combining at least the first key-share, the second key-share that is received from a finance server when the credit is verified, and a device-dependent key-share that is pre-stored in the personal communication device, to generate a decryption key to decrypt the encrypted content.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A key-sharing scheme is used to control distribution and use of video and audio content in personal digital assistants (PDAs) and other wireless devices. A private key is split into key-shares using a Blakley-Shamir key splitting technique and the key-shares are distributed to various network entities including a finance server and security server. Key-shares are also stored in a user'"'"'s subscriber identity module (SIM) and a security processor of the PDA. The key-shares from the network entities are provided to the PDA after the user requests specific video or audio content and credit verification is performed. The PDA'"'"'s security processor combines the key-shares to form the decryption key for use in playing the content by the PDA'"'"'s communications processor. When a service limit is reached, the PDA'"'"'s security processor purges the key-shares to prevent further use of the content.

Citations

21 Claims

1. A method of controlling content usage in a personal communication device, comprising:
- receiving a first and second key-share, encrypted content, and a set of measurement parameters over a communication link in response to a request to access the encrypted content and verification of a credit; and
  
  combining at least the first key-share, the second key-share that is received from a finance server when the credit is verified, and a device-dependent key-share that is pre-stored in the personal communication device, to generate a decryption key to decrypt the encrypted content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, further comprising:
    - receiving an authentication code for securing the set of measurement parameters, the authentication code being provided along with the encrypted content; and
      
      authenticating the set of measurement parameters with the authentication code to prevent tampering with the set of measurement parameters.
  - 3. The method according to claim 1, further comprising:
    - storing the device-dependent key-share in a processor area of the personal communication device.
  - 4. The method according to claim 1, further comprising:
    - purging at least one of the key-shares when usage of the decrypted content exceeds a service limit as indicated by one of the set of measurement parameters.
  - 5. The method according to claim 1, further comprising:
    - retrieving a user-dependent key-share from a subscriber identity module (SIM) inserted into the personal communication device, the user-dependent key-share being used in part to decrypt the encrypted content.
  - 6. The method according to claim 1, further comprising:
    - prohibiting storage of the decrypted content.
  - 7. The method according to claim 1, wherein the set of measurement parameters comprise at least one of a date-limit, a run-time limit, and an iteration limit.
  - 8. The method according to claim 1, wherein the set of measurement parameters are generated by a user based on the user'"'"'s intended usage of the encrypted content.
  - 9. The method according to claim 5, wherein the user-dependent key-share is pre-stored in the subscriber identity module (SIM).

10. A method of controlling content usage in a personal communication device using a decryption key that is divided into a plurality of key-shares, the method comprising:
- providing to the personal communication device a first key-share and a set of measurement parameters in response to a request for content; and
  
  verifying a credit by a finance server in communication with the personal communication device;
  
  providing to the personal communication device a second key-share when the credit is verified by the finance server; and
  
  combining the first and second key-shares with a third key-share that is device dependent and pre-stored in the personal communication device for use in decrypting the content.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The method according to claim 10, further comprising:
    - monitoring usage of the content with a security processor of the personal communications device; and
      
      purging at least one of the key-shares from the personal communication device when the usage exceeds one of the set of measurement parameters stored in the personal communications device.
  - 12. The method according to claim 11, further comprising:
    - receiving the request for the content from the personal communication device, the request identifying the content and the set of measurement parameters for the content.
  - 13. The method according to claim 10, further comprising:
    - receiving the content from a security server;
      
      encrypting the content in the security server with an encryption key; and
      
      providing the encrypted content from the security server to the personal communication device over a wireless communication link.
  - 14. The method according to claim 13, wherein a content server and the security server communicate over a non-secure network, and the method includes the content server adding security to the content prior to providing the content to the security server.
  - 15. The method according to claim 10, wherein the providing the first key-share is performed by a security server in communication with the personal communication device.
  - 16. The method according to claim 10, wherein the third key-share is stored in a subscriber identity module (SIM) associated with a user, and wherein a fourth key-share is stored in the personal communication device and associated with a security processor of the personal communication device, and wherein the security processor combines the first, second, third and fourth key-shares to decrypt the content.
  - 17. The method according to claim 10, wherein the content comprises at least one of video content and music content.
  - 18. The method according to claim 10, further comprising:
    - generating the set of measuring parameters comprising at least one of a date-limit, a run-time limit, and an iteration limit, andwherein the personal communication device monitors usage of the content with respect to the set of measurement parameters and purges at least one of the key-shares when the usage exceeds one of the set of measurement parameters.
  - 19. The method according to claim 18, further comprising:
    - defining the set of measurement parameters based on preferences of a content provider.

20. A method of controlling content usage in a personal communication device, comprising:
- receiving a first and second key-share, encrypted content, and a set of measurement parameters over a communication link in response to a request to access the encrypted content and verification of a credit; and
  
  combining at least the first key-share, the second key-share that is held by a security server until the credit is verified by a finance server and a device-dependent key-share that is pre-stored in the personal communication device, to generate a decryption key to decrypt the encrypted content.

21. A method of controlling content usage in a personal communication device, comprising:
- receiving a first and second key-share, encrypted content, and a set of measurement parameters over a communication link in response to a request to access the encrypted content and verification of a credit; and
  
  combining at least the first key-share, the second key-share that is received from a finance server when the credit is verified, and a device-dependent key-share that is generated by a security server and provided to the personal communication device, to generate a decryption key to decrypt the encrypted content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Marvell Asia Pte Limited (Marvell Technology Group Limited)
Original Assignee
Marvell International Limited (Marvell Technology Group Limited)
Inventors
Woodward, Ernest E.
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US12/943,418
Time in Patent Office

559 Days
Field of Search

726/31, 380/231, 705/57
US Class Current

726/31
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 9/085   Secret sharing or secret sp...

System and method for enhanced piracy protection in a wireless personal communication device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for enhanced piracy protection in a wireless personal communication device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links