Content encryption using at least one content pre-key

US 8,462,954 B2
Filed: 05/28/2009
Issued: 06/11/2013
Est. Priority Date: 05/30/2008
Status: Active Grant

First Claim

Patent Images

1. A method for encrypting content, said method comprising steps performed by a computing apparatus of:

receiving the content in a device, said content being associated with a unique content identification (ID) and copy control bits;

storing at least a portion of the content, thereby associating the content with one of a first copy control state and a second copy control state;

creating a first content pre-key using a local storage key unique to the device as a key to encrypt the content ID of the contentcreating at least one of a second content pre-key using the first content pre-key as a key to encrypt the first copy control state and a third content key using the second content pre-key as a key to encrypt the second copy control state;

encrypting the content using one of the second content pre-key and the third content key;

determining a usage model of the content; and

issuing one of the first content pre-key and the second content pre-key based upon the determined usage model.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a method for encrypting content, the content is received in a device and at least a portion of the content is stored to thereby associate the content with one of a first copy control state and a second copy control state. The method includes creating at least one of a first content pre-key using a local storage key unique to the device as a key to encrypt the content ID of the content and a second content pre-key using the first content pre-key as a key to encrypt the first copy control state, creating a content encryption key using one of the first content pre-key as a key to encrypt the first copy control state and the second content pre-key as a key to encrypt the second copy control state, and encrypting the content using the content encryption key.

Citations

17 Claims

1. A method for encrypting content, said method comprising steps performed by a computing apparatus of:
- receiving the content in a device, said content being associated with a unique content identification (ID) and copy control bits;
  
  storing at least a portion of the content, thereby associating the content with one of a first copy control state and a second copy control state;
  
  creating a first content pre-key using a local storage key unique to the device as a key to encrypt the content ID of the contentcreating at least one of a second content pre-key using the first content pre-key as a key to encrypt the first copy control state and a third content key using the second content pre-key as a key to encrypt the second copy control state;
  
  encrypting the content using one of the second content pre-key and the third content key;
  
  determining a usage model of the content; and
  
  issuing one of the first content pre-key and the second content pre-key based upon the determined usage model.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, said method further comprising steps performed by a computing apparatus of:
    - creating both the second content pre-key and the third content key.
  - 3. The method according to claim 1, wherein the content is encrypted by a conditional access module, said method further comprising a step performed by a computing apparatus of:
    - receiving transmitted copy control bits from the conditional access module.
  - 4. The method according to claim 1, said method further comprising steps performed by a computing apparatus of:
    - using one of the first copy control state and the second copy control state to set copy protection on outputs of the content based upon the determined usage model.
  - 5. The method according to claim 1, said method further comprising steps performed by a computing apparatus of:
    - decrypting an encrypted content by;
      
      creating the first content pre-key using a local storage key unique to the device as a key to encrypt the content identification (ID) of the content;
      
      creating at least one of the second content pre-key using the first content pre-key as a key to encrypt the first copy control state and a third content key using the second content pre-key as a key to encrypt the second copy control state; and
      
      decrypting the content using one of the second content pre-key and the third content key.
  - 6. The method according to claim 1, wherein the first copy control state is less restrictive than the second copy control state.
  - 7. The method according to claim 1, wherein the local storage key comprises a value that is one of stored in an obfuscated form and protected by a security chip in the device.

8. A method for encrypting content, said method comprising steps performed by a computing apparatus of:
- receiving the content in a device, said content being associated with a unique content identification (ID) and copy control bits;
  
  storing at least a portion of the content, thereby associating the content with one of a first copy control state and a second copy control state;
  
  creating a first content pre-key using a local storage key unique to the device as a key to encrypt the content ID of the contentcreating at least one of a second content pre-key using the first content pre-key as a key to encrypt the first copy control state and a third content key using the second content pre-key as a key to encrypt the second copy control state;
  
  determining whether rights associated with the encrypted content are grantable to a destination device;
  
  securely communicating one of the first content pre-key and the first copy control state, and the second content pre-key and the second copy control state, to the destination device; and
  
  encrypting the content using one of the second content pre-key and the third content key.
- View Dependent Claims (9, 10, 11)
- - 9. The method according to claim 8, further comprising steps performed by the destination device of:
    - receiving the first content pre-key and the first copy control state;
      
      using the received first copy control state to set copy protection on outputs of the content;
      
      creating the second content pre-key using the first content pre-key as a key to encrypt the first copy control state; and
      
      decrypting the encrypted content using the second content pre-key.
  - 10. The method according to claim 8, further comprising steps performed by the destination device of:
    - receiving the first content pre-key and the first copy control state;
      
      using the received first copy control state to set copy protection on outputs of the content;
      
      creating the second content pre-key using the first content pre-key as a key to encrypt the first copy control state;
      
      deriving the second copy control state from the first copy control state;
      
      creating a content encryption key using the second content pre-key as a key to encrypt the second copy control state; and
      
      decrypting the encrypted content using the content encryption key.
  - 11. The method according to claim 8, further comprising steps performed by the destination device of:
    - receiving the second content pre-key and the second copy control state;
      
      using the received second copy control state to set copy protection on outputs of the content;
      
      creating a content encryption key using the second content pre-key as a key to encrypt the second copy control state; and
      
      decrypting the encrypted content using the content encryption key.

12. A device configured to enforce digital rights management rules for content, said device comprising:
- a tuner for receiving the content, said content being associated with a content identification (ID) and copy control bits;
  
  storage means for storing at least a portion of the content, thereby associating the content with one of a first copy control state and a second copy control state;
  
  an encryption module configured to create a first content pre-key using a local storage key unique to the device as a key to encrypt the content ID of the content and at least one of a second content pre-key using the first content pre-key as a key to encrypt the first copy control state and a third content key using the second content pre-key as a key to encrypt the second copy control state, and to encrypt the content using one of the second content pre-key and the third content key; and
  
  a rights manager configured to determine a usage model of the content and to at least one of use one of the first copy control state and the second copy control state to set copy protection on outputs of the content based upon the determined usage model, and issue one of the first content pre-key and the second content pre-key based upon the determined usage model.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The device according to claim 12, wherein the tuner is configured to receive encrypted content, said device further comprising:
    - a conditional access module configured to decrypt the encrypted content, wherein the encryption module is configured to receive copy control bits from the conditional access module.
  - 14. The device according to claim 12, wherein the encryption module is further configured to determine whether rights associated with the encrypted content are grantable to a destination device and to securely communicate one of the first content pre-key and the first copy control state, and the second content pre-key and the second copy control state, to the destination device.
  - 15. The device according to claim 12, wherein the encryption module is configured to decrypt an encrypted content through a re-creation of the first content pre-key, and at least one of the second content pre-key and the third content key.
  - 16. The device according to claim 12, wherein the local storage key comprises a value that is one of stored in an obfuscated form and protected by a security chip in the device.

17. A non-transitory computer readable storage medium on which is embedded one or more computer programs, said one or more computer programs implementing a method for encrypting content, said one or more computer programs comprising a set of instructions for:
- receiving the content in a device, said content being associated with a unique content identification (ID) and copy control bits;
  
  storing at least a portion of the content, thereby associating the content with one of a first copy control state and a second copy control state;
  
  creating a first content pre-key using a local storage key unique to the device as a key to encrypt the content ID of the contentcreating at least one of a second content pre-key using the first content pre-key as a key to encrypt the first copy control state and a third content key using the second content pre-key as a key to encrypt the second copy control state;
  
  determining whether rights associated with the encrypted content are grantable to a destination device; and
  
  securely communicating one of the first content pre-key and the first copy control state, and the second content pre-key and the second copy control state, to the destination device;
  
  encrypting the content using one of the second content pre-key and the third content key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Motorola Mobility LLC (Lenovo Group Ltd.)
Inventors
Moroney, Paul, Peterka, Petr
Primary Examiner(s)
Colin, Carl
Assistant Examiner(s)
Siddiqi, Mohammad A

Application Number

US12/474,259
Publication Number

US 20090296940A1
Time in Patent Office

1,475 Days
Field of Search

380/278, 380/44, 713/189
US Class Current

380/278
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04N 21/4408   involving video stream encr...

H04N 21/4627   Rights management associate...

H04N 21/8352   involving content or source...

H04N 21/8355   involving usage data, e.g. ...

Content encryption using at least one content pre-key

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Content encryption using at least one content pre-key

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links