Apparatus and method for a secure broadcast system

US 20050010774A1
Filed: 06/16/2004
Published: 01/13/2005
Est. Priority Date: 07/08/2003
Status: Active Grant

First Claim

Patent Images

1. A method for secure processing in a device that securely stores a secret key, the method comprising:

receiving a plurality of challenges from a network;

generating a plurality of ciphering keys based on the secret key and the plurality of challenges; and

generating an access key based on the plurality of ciphering keys.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus and method for provisioning an access key used for a controlled access broadcast service is disclosed. In one aspect, a method for secure processing in a device that securely stores a secret key comprises receiving a plurality of challenges from a network, generating a plurality of ciphering keys based on the secret key and the plurality of challenges, and generating an access key based on the plurality of ciphering keys.

157 Citations

View as Search Results

38 Claims

1. A method for secure processing in a device that securely stores a secret key, the method comprising:
- receiving a plurality of challenges from a network;
  
  generating a plurality of ciphering keys based on the secret key and the plurality of challenges; and
  
  generating an access key based on the plurality of ciphering keys.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, further comprising:
    - using the plurality of challenges and the secret key to generate a plurality of authentication responses; and
      
      sending at least one authentication response to the network.
  - 3. The method of claim 2, further comprising:
    - discarding any authentication responses not sent to the network.
  - 4. The method of claim 1, wherein receiving a plurality of challenges comprises:
    - receiving a plurality of random values.
  - 5. The method of claim 1, wherein the access key is longer than a ciphering key.
  - 6. The method of claim 5, wherein generating the access key comprises:
    - concatenating the plurality of ciphering keys.
  - 7. The method of claim 5, wherein generating the access key comprises:
    - using a hash function on the plurality of ciphering keys.
  - 8. The method of claim 7, wherein the hash function comprises SHA-1 to mix the plurality of ciphering keys.
  - 9. The method of claim 1, wherein storing the secret key comprises:
    - storing a 128 bit subscriber authentication key as the secret key in a subscriber identity module of a mobile phone using Global System for Mobile communication standard.
  - 10. The method of claim 9, wherein generating the plurality of ciphering keys comprises generating 64-bit ciphering keys;
    - and wherein generating the access key comprises generating a 128 bit broadcast access key using two ciphering keys.
  - 11. The method of claim 1, wherein storing the secret key comprises:
    - storing a 128 bit subscriber authentication key as the secret key in a universal subscriber identity module of a mobile phone using Universal Mobile Telecommunications System standard.
  - 12. The method of claim 11, wherein generating the plurality of ciphering keys comprises generating 64-bit ciphering keys;
    - and wherein generating the access key comprises generating a 128 bit broadcast access key using two ciphering keys.
  - 13. The method of claim 1, wherein generating the access key comprises generating a broadcast access key;
    - and wherein the method further comprises;
      
      receiving encrypted broadcast content; and
      
      decrypting the broadcast content based on the broadcast access key.
  - 14. The method of claim 13, wherein the decrypting the content comprises:
    - generating a temporary decryption key based on each challenge and the broadcast access key; and
      
      decrypting the broadcast content using the temporary decryption key.

15. Apparatus for use in a mobile phone comprising:
- an integrated circuit card (ICC) configured to securely store a secret key and to generate a plurality of ciphering key based on the secret key and a plurality of challenges received from a network; and
  
  a processor coupled to the ICC and configured to generate an access key based on the plurality of ciphering keys.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
- - 16. The apparatus of claim 15, further comprising:
    - a transmitter coupled to the ICC;
      
      wherein the ICC uses the plurality of challenges and the secret key to generate a plurality of authentication responses; and
      
      wherein the transmitter is configured to send at least one authentication response to the network.
  - 17. The apparatus of claim 15, wherein the challenge comprises a random value.
  - 18. The apparatus of claim 15, wherein the ICC is a subscriber identity module (SIM) of a mobile phone using Global System for Mobile communication standard.
  - 19. The apparatus of claim 18, wherein the SIM stores a 128 bit subscriber authentication key as the secret key and generates 64-bit ciphering keys;
    - and wherein the processor generates a 128 bit broadcast access key using two ciphering keys.
  - 20. The apparatus of claim 15, wherein the ICC is a universal subscriber identity module (USIM) of a mobile phone using Universal Mobile Telecommunications System standard.
  - 21. The apparatus of claim 20, wherein the USIM stores a 128 bit subscriber authentication key as the secret key and generates 64-bit ciphering keys;
    - and wherein the processor generates a 128 bit broadcast access key using two ciphering keys.
  - 22. The apparatus of claim 15, wherein the receiver receives encrypted broadcast content;
    - and wherein the processor generates a broadcast access key to decrypt the broadcast content.

23. Apparatus for secure processing in a device having means for securely storing a secret key, the apparatus comprising:
- means for generating a plurality of ciphering keys based on a plurality of challenges received from a network and the secret key; and
  
  means for generating an access key based on the plurality of ciphering keys.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 24. The apparatus of claim 23, further comprising:
    - means for using the plurality of challenges and the secret key to generate a plurality of authentication responses; and
      
      means for sending at least one authentication response to the network.
  - 25. The apparatus of claim 24, further comprising:
    - means for discarding any authentication responses not sent to the network.
  - 26. The apparatus of claim 23, wherein the means for generating the access key comprises:
    - means for concatenating the plurality of ciphering keys.
  - 27. The apparatus of claim 23, wherein the means for generating the access key comprises:
    - means for using a hash function on the plurality of ciphering keys.
  - 28. The apparatus of claim 23, wherein the means for securely storing the secret key is a subscriber identity module (SIM) of a mobile phone using Global System for Mobile communication standard, and wherein the secret key is a subscriber authentication key.
  - 29. The apparatus of claim 28, wherein the SIM stores a 128 bit subscriber authentication key and comprises means for generating 64-bit ciphering keys;
    - and wherein the means for generating the access key comprises means for generating a 128 bit broadcast access key using two ciphering keys.
  - 30. The apparatus of claim 23, wherein the means for securely storing the secret key is a universal subscriber identity module (USIM) of a mobile phone using Universal Mobile Telecommunications System standard, and wherein the secret key is a subscriber authentication key.
  - 31. The apparatus of claim 30, wherein the USIM stores a 128 bit subscriber authentication key and comprises means for generating 64-bit ciphering keys;
    - and wherein the means for generating the access key comprises means for generating a 128 bit broadcast access key using two ciphering keys.
  - 32. The apparatus of claim 23, wherein the means for generating the access key generates a broadcast access key;
    - and wherein the apparatus further comprises;
      
      means for receiving encrypted broadcast content; and
      
      means for decrypting the broadcast content based on the broadcast access key.

33. An article of manufacture for use in a computer system embodying a system that securely stores a secret key and receives a plurality of challenges from a network, said article of manufacture comprising a machine readable medium having machine readable code means embodied in said medium comprising:
- machine readable code means embodied in said machine readable medium for generating a plurality of ciphering keys based on the plurality of challenges and the secret key; and
  
  machine readable code means embodied in said machine readable medium for generating an access key based on the plurality of ciphering keys.
- View Dependent Claims (34, 35, 36, 37, 38)
- - 34. The article of manufacture of claim 33, further comprising:
    - machine readable code means embodied in said machine readable medium for using the plurality of challenges and the secret key to generate a plurality of authentication responses; and
      
      machine readable code means embodied in said machine readable medium for sending at least one authentication response to the network.
  - 35. The article of manufacture of claim 34, further comprising:
    - machine readable code means embodied in said machine readable medium for discarding any authentication responses not sent to the network.
  - 36. The article of manufacture of claim 33, wherein the machine readable code means for generating the access key comprises:
    - machine readable code means embodied in said machine readable medium for concatenating the plurality of ciphering keys.
  - 37. The article of manufacture of claim 33, wherein the machine readable code means for generating the access key comprises:
    - machine readable code means embodied in said machine readable medium for using a hash function on the plurality of ciphering keys.
  - 38. The article of manufacture of claim 33, wherein the system receives encrypted broadcast content, wherein the machine readable code means for generating the access key generates a broadcast access key;
    - and wherein the article of manufacture further comprises;
      
      machine readable code means embodied in said machine readable medium for decrypting the broadcast content based on the broadcast access key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Rose, Gregory Gordon, Semple, James, Quick, Roy Franklin

Granted Patent

US 8,718,279 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

H04L 2209/601   Broadcast encryption

H04L 2209/80   Wireless network architectu...

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 9/0844   with user authentication or...

H04L 9/14   using a plurality of keys o...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/08   Access security

H04W 84/12   WLAN [Wireless Local Area N...

Apparatus and method for a secure broadcast system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

157 Citations

38 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and method for a secure broadcast system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

157 Citations

38 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others