Systems and methods for authenticating and protecting the integrity of data streams and other data

US 9,401,896 B2
Filed: 06/13/2014
Issued: 07/26/2016
Est. Priority Date: 12/14/1999
Status: Expired due to Term

First Claim

Patent Images

1. A computer-implemented method for authenticating a streamed transmission of a digital file, the method being performed by a system comprising a processor and a non-transitory computer-readable storage medium storing instructions that when executed by the processor, cause the system to perform the method, the method comprising;

receiving a streamed transmission of a digital the and a progression of check values, each check value in the progression of check values being derived from at least one other check value in the progression and from a portion of the digital file, the progression of check values comprising an encrypted final check value corresponding to a beginning portion of the digital file and being included in proximity to a beginning of the streamed transmission;

decrypting the encrypted final check value;

determining the integrity of one or more portions of the digital file based, at least in part, on the decrypted final check value; and

determining if the streamed transmission is authentic based on the determined integrity of the one or more portions of the digital file before the entire digital file is received.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are disclosed for enabling a recipient of a cryptographically-signed electronic communication to verify the authenticity of the communication on-the-fly using a signed chain of check values, the chain being constructed from the original content of the communication, and each check value in the chain being at least partially dependent on the signed root of the chain and a portion of the communication. Fault tolerance can be provided by including error-check values in the communication that enable a decoding device to maintain the chain'"'"'s security in the face of communication errors. In one embodiment, systems and methods are provided for enabling secure quasi-random access to a content file by constructing a hierarchy of hash values from the file, the hierarchy deriving its security in a manner similar to that used by the above-described chain. The hierarchy culminates with a signed hash that can be used to verify the integrity of other hash values in the hierarchy, and these other hash values can, in turn, be used to efficiently verify the authenticity of arbitrary portions of the content file.

Citations

20 Claims

1. A computer-implemented method for authenticating a streamed transmission of a digital file, the method being performed by a system comprising a processor and a non-transitory computer-readable storage medium storing instructions that when executed by the processor, cause the system to perform the method, the method comprising;
- receiving a streamed transmission of a digital the and a progression of check values, each check value in the progression of check values being derived from at least one other check value in the progression and from a portion of the digital file, the progression of check values comprising an encrypted final check value corresponding to a beginning portion of the digital file and being included in proximity to a beginning of the streamed transmission;
  
  decrypting the encrypted final check value;
  
  determining the integrity of one or more portions of the digital file based, at least in part, on the decrypted final check value; and
  
  determining if the streamed transmission is authentic based on the determined integrity of the one or more portions of the digital file before the entire digital file is received.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-implemented method of claim 1, wherein the streamed transmission further comprises error-check values, each error-check value being inserted in proximity to a part of the digital file to which said error-check value corresponds, each error-check value being configured to facilitate authentication of a part of the digital file and a check value in the progression of check values.
  - 3. The computer-implemented method of claim 2, wherein each error-check value comprises a hash of the part of the digital file to which the error-check value corresponds.
  - 4. The computer-implemented method of claim 2, wherein at least one error check value comprises a hash of a combination of the hash part of the digital file to which the error-check value corresponds and at least one other error-check value.
  - 5. The computer-implemented method of claim 1, wherein determining the integrity of the one or more portions of the digital file comprises determining that the one or more portions of the digital file are authentic and the method further comprises authenticating the streamed transmission.
  - 6. The computer-implemented method of claim 1, wherein determining the integrity of the one or more portions of the digital file comprises determining that the one or more portions of the digital file are not authentic and the method further comprises implementing at least one defensive action.
  - 7. The computer-implemented method of claim 6, wherein the at least one defensive action comprises terminating a connection with a source of the streamed transmission.
  - 8. The computer-implemented method of claim 6, wherein the at least one defensive action comprises preventing a user of the system from using the digital file.
  - 9. The computer-implemented method of claim 6, wherein the at least one defensive action comprises terminating an application executing on the system receiving the streamed transmission.
  - 10. The computer-implemented method of claim 6, wherein the at least one defensive action comprises recording the determination that the one or more portions of the digital file are not authentic.

11. A non-transitory computer-readable storage medium storing instructions that, when executed by a processor, are configured to cause the processor to perform a method for authenticating of a streamed transmission, the method comprising:
- receiving a streamed transmission of a digital file and a progression of check values, each check value in the progression being derived from at least one other check value in the progression and from a portion of the digital file, the progression of check values comprising an encrypted final check value corresponding to a beginning portion of the digital file and being included in proximity to a beginning of the streamed transmission;
  
  decrypting the encrypted final check value;
  
  determining the integrity of one or more portions of the digital file based, at least in part, on the decrypted final check value; and
  
  determining if the streamed transmission is authentic based on the determined integrity of the one or more portions of the digital file before the entire digital file is received.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The non-transitory computer-readable storage medium of claim 11, wherein the streamed transmission further comprises error-check values, each error-check value being inserted in proximity to a part of the digital file to which said error-check value corresponds, each error-check value being configured to facilitate authentication of a part of the digital file and a check value in the progression of check values.
  - 13. The non-transitory computer-readable storage medium of claim 12, wherein each error-check value comprises a hash of the part of the digital file to which the error-check value corresponds.
  - 14. The non-transitory computer-readable storage medium of claim 12, wherein at least one error check value comprises a hash of a combination of the hash part of the digital file to which the error-check value corresponds and at least one other error-check value.
  - 15. The non-transitory computer-readable storage medium of claim 11, wherein determining the integrity of the one or more portions of the digital file comprises determining that the one or more portions of the digital file are authentic and the method further comprises authenticating the streamed transmission.
  - 16. The non-transitory computer-readable storage medium of claim 11, wherein determining the integrity of the one or more portions of the digital file comprises determining that the one or more portions of the digital file are not authentic and the method further comprises implementing at least one defensive action.
  - 17. The non-transitory computer-readable storage medium of claim 16, wherein the at least one defensive action comprises terminating a connection with a source of the streamed transmission.
  - 18. The non-transitory computer-readable storage medium of claim 16, wherein the at least one defensive action comprises preventing a user from using the digital file.
  - 19. The non-transitory computer-readable storage medium of claim 16, wherein the at least one defensive action comprises terminating an application executing on the system receiving the streamed transmission.
  - 20. The non-transitory computer-readable storage medium of claim 16, wherein the at least one defensive action comprises recording the determination that the one or more portions of the digital file are not authentic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
PLS IV, LLC (Pretium Partners, LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Serret-Avila, Xavier
Primary Examiner(s)
BROWN, CHRISTOPHER J

Application Number

US14/304,422
Publication Number

US 20140289523A1
Time in Patent Office

774 Days
Field of Search

713/168, 713/161, 713/176
US Class Current

1/1
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/64   Protecting data integrity, ...

G06F 2221/2149   Restricted operating enviro...

H04L 2209/30   Compression, e.g. Merkle-Da...

H04L 2209/603   Digital right managament [DRM]

H04L 63/0428   wherein the data content is...

H04L 9/3236   using cryptographic hash fu...

H04L 9/50   using hash chains, e.g. blo...

Systems and methods for authenticating and protecting the integrity of data streams and other data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for authenticating and protecting the integrity of data streams and other data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links