Renewable traitor tracing

US 9,520,993 B2
Filed: 09/19/2005
Issued: 12/13/2016
Est. Priority Date: 01/26/2001
Status: Active Grant

First Claim

Patent Images

1. A method of preventing re-use of compromised sequence keys in a broadcast encryption system, the method comprising:

receiving a distributed protected file and a sequence key block at a receiver, the sequence key block being formulated to cryptographically revoke traitorous receivers;

selecting a first Sequence Key from a plurality of Sequence Keys, the plurality of Sequence Keys being associated with the receiver, and the plurality of Sequence Keys being related by the sequence key block;

determining by cryptographic testing that the first Sequence Key is compromised,cryptographic testing comprising applying the first Sequence Key to the sequence key block;

determining that at least one additional Sequence Key is available;

traversing the sequence key block to select a second Sequence Key from the plurality of sequence keys;

determining by cryptographic testing that the second sequence key is compromised,cryptographic testing comprising applying the first Sequence Key to the sequence key block;

traversing the remainder of the sequence key block and thereby determining that no uncompromised sequence keys can be determined from the sequence key block;

identifying the receiver as traitorous based on the lack of uncompromised sequence keys.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides a method performed on a computer of preventing re-use of compromised keys in a broadcast encryption system. In an exemplary embodiment, the method includes (1) incorporating a particular set of Sequence Keys assigned by a license agency into individual receivers, (2) assigning a Sequence Key Block (SKB) by the license agency to at least one distributed protected file, (3) performing incremental cryptographic testing by the individual receivers to determine if a selected Sequence Key from the set of Sequence Keys is compromised, (4) if the selected Sequence Key is not compromised, decrypting the file, and (5) if the selected Sequence Key is compromised and if a subsequent Sequence Key from the set of Sequence Keys is available, selecting the subsequent Sequence Key.

Citations

20 Claims

1. A method of preventing re-use of compromised sequence keys in a broadcast encryption system, the method comprising:
- receiving a distributed protected file and a sequence key block at a receiver, the sequence key block being formulated to cryptographically revoke traitorous receivers;
  
  selecting a first Sequence Key from a plurality of Sequence Keys, the plurality of Sequence Keys being associated with the receiver, and the plurality of Sequence Keys being related by the sequence key block;
  
  determining by cryptographic testing that the first Sequence Key is compromised,cryptographic testing comprising applying the first Sequence Key to the sequence key block;
  
  determining that at least one additional Sequence Key is available;
  
  traversing the sequence key block to select a second Sequence Key from the plurality of sequence keys;
  
  determining by cryptographic testing that the second sequence key is compromised,cryptographic testing comprising applying the first Sequence Key to the sequence key block;
  
  traversing the remainder of the sequence key block and thereby determining that no uncompromised sequence keys can be determined from the sequence key block;
  
  identifying the receiver as traitorous based on the lack of uncompromised sequence keys.
- View Dependent Claims (2, 3, 4, 5, 6, 13, 15)
- - 2. The method of claim 1, wherein the distributed protected file includes digital forms of at least one of:
    - a cryptographic key, text, audio, an image, video, a multimedia presentation, music, a movie, an operating system, a video game, play instructions that select segments according to an inner codeword, and a software application.
  - 3. The method of claim 1, wherein the distributed protected file is distributed by at least one of:
    - computer networks, satellite networks, cable networks, television transmission, and physical storage media.
  - 4. The method of claim 1, wherein the plurality of Sequence Keys is related by a linked list.
  - 5. The method of claim 1, wherein the cryptographic testing of the first sequence key comprises:
    - determining that a Link Key is available;
      
      cryptographically applying the first Sequence Key and the Link Key to the Sequence Key Block to obtain a predetermined value indicating whether the first Sequence Key is compromised.
  - 6. The method of claim 5, further comprising:
    - generating a Link Key leading to the second Sequence Key.
  - 13. The method of claim 1, wherein traversing the sequence key block comprises:
    - obtaining a link key based on the first sequence key; and
      
      determining the second sequence key based on the link key.
  - 15. The method of claim 1, wherein traversing the remainder of the sequence key block comprises:
    - obtaining a link key based on the second sequence key.

7. A computer program product for preventing re-use of compromised sequence keys in a broadcast encryption system, the computer program product comprising a non-transitory computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising computer readable code for:
- receiving a distributed protected file and a sequence key block at a receiver, the sequence key block being formulated to cryptographically revoke traitorous receivers;
  
  selecting a first Sequence Key from a plurality of Sequence Keys, the plurality of Sequence Keys being associated with the receiver, and the plurality of Sequence Keys being related by the sequence key block;
  
  determining by cryptographic testing that the first Sequence Key is compromised,cryptographic testing comprising applying the first Sequence Key to the sequence key block;
  
  determining that at least one additional Sequence Key is available;
  
  traversing the sequence key block to select a second Sequence Key from the plurality of sequence keys;
  
  determining by cryptographic testing that the second sequence key is compromised,cryptographic testing comprising applying the first Sequence Key to the sequence key block;
  
  traversing the remainder of the sequence key block and thereby determining that no uncompromised sequence keys can be determined from the sequence key blockidentifying the receiver as traitorous based on the lack of uncompromised sequence keys.
- View Dependent Claims (8, 9, 10, 11, 12, 14, 16, 17, 18, 19, 20)
- - 8. The computer program product of claim 7, wherein the distributed protected file includes digital forms of at least one of:
    - a cryptographic key, text, audio, an image, video, a multimedia presentation, music, a movie, an operating system, a video game, play instructions that select segments according to an inner codeword, and a software application.
  - 9. The computer program product of claim 7, wherein the distributed protected file is distributed by at least one of:
    - computer networks, satellite networks, cable networks, television transmission, and physical storage media.
  - 10. The computer program product of claim 7, wherein the plurality of Sequence Keys is related by a linked list.
  - 11. The computer program product of claim 7, wherein the cryptographic testing of the first sequence key comprises:
    - determining that a Link Key is available;
      
      cryptographically applying the first Sequence Key and the Link Key to the Sequence Key Block to obtain a predetermined value indicating whether the first Sequence Key is compromised.
  - 12. The computer program product of claim 11, further comprising:
    - generating a Link Key leading to the second Sequence Key.
  - 14. The computer program product of claim 7, wherein traversing the sequence key block comprises:
    - obtaining a link key based on the first sequence key; and
      
      determining the second sequence key based on the link key.
  - 16. The computer program product of claim 7, wherein traversing the remainder of the sequence key block comprises:
    - obtaining a link key based on the second sequence key.
  - 17. The method of claim 7, further comprising:
    - disabling the receiver as traitorous.
  - 18. The computer program product of claim 7, the computer readable program code further comprising computer readable code for:
    - disabling the receiver as traitorous.
  - 19. The method of claim 7, further comprising:
    - revoking the plurality of sequence keys.
  - 20. The computer program product of claim 7, the computer readable program code further comprising computer readable code for:
    - evoking the plurality of sequence keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Jin, Hongxia, Lotspiech, Jeffrey Bruce, Nin, Sigfredo Ismael
Primary Examiner(s)
Hayes, John
Assistant Examiner(s)
Winter, John M

Application Number

US11/230,022
Publication Number

US 20070067244A1
Time in Patent Office

4,103 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 2209/601   Broadcast encryption

H04L 2209/606   Traitor tracing

H04L 63/061   for key exchange, e.g. in p...

H04L 9/083   involving central third par...

H04L 9/0891   Revocation or update of sec...

H04L 9/3247   involving digital signatures

H04L 9/3268   using certificate validatio...

Renewable traitor tracing

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Renewable traitor tracing

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links