Method and apparatus for content protection within an open architecture system

DC CAFC

US 7,502,470 B2
Filed: 10/03/2003
Issued: 03/10/2009
Est. Priority Date: 01/13/2003
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. A method for content protection in an apparatus comprising:

receiving encrypted data in the apparatus according to a first encryption protocol wherein the apparatus comprises;

an open system architecture configured to allow end users to add or remove hardware components, software modules, or both;

a closed subsystem of the apparatus to receive the encrypted data, wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom; and

combiner circuitry that may add unprotected graphics and audio data to raw data;

generating raw data in a closed subsystem of the apparatus within the open system architecture, the raw data being generated in the closed subsystem by decrypting the encrypted data and performing additional processing on the encrypted data wherein the additional processing comprises;

decompressing the encrypted data if compressed encrypted data is received;

and manipulating the encrypted data for output;

preventing access to the raw data outside of the closed subsystem;

adding any applicable unprotected graphics and audio data to the raw data using the combiner circuitry;

generating protected data in the closed subsystem by re-encrypting the raw data using a second encryption protocol to generate protected data with any added graphics and audio data; and

asserting the protected data from the closed subsystem to an external device or system.

View all claims

3 Assignments

Timeline View

Assignment View

Litigations

2 Petitions

Accused Products

Abstract

In a class of embodiments, the invention is an open computing system (e.g., a PC) in which a protected, closed subsystem is embedded. The closed subsystem typically includes multiple parts that ensure that content protection keys and protected content are never revealed outside the closed subsystem. Content (e.g., high-definition digital video) that enters the closed subsystem (and is typically decrypted and re-encrypted within the closed subsystem) is afforded a similar level of protection within the open system as can be obtained in standalone closed systems. Other aspects of the invention are methods for protecting content within an open computing system, a closed system (or disk drive thereof) configured to be embedded in an open computing system, and circuitry configured to be embedded in an open computing system for combining the output of a closed subsystem with other output (e.g., graphics and/or audio output) of the open computing system.

49 Citations

View as Search Results

33 Claims

1. A method for content protection in an apparatus comprising:
- receiving encrypted data in the apparatus according to a first encryption protocol wherein the apparatus comprises;
  
  an open system architecture configured to allow end users to add or remove hardware components, software modules, or both;
  
  a closed subsystem of the apparatus to receive the encrypted data, wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom; and
  
  combiner circuitry that may add unprotected graphics and audio data to raw data;
  
  generating raw data in a closed subsystem of the apparatus within the open system architecture, the raw data being generated in the closed subsystem by decrypting the encrypted data and performing additional processing on the encrypted data wherein the additional processing comprises;
  
  decompressing the encrypted data if compressed encrypted data is received;
  
  and manipulating the encrypted data for output;
  
  preventing access to the raw data outside of the closed subsystem;
  
  adding any applicable unprotected graphics and audio data to the raw data using the combiner circuitry;
  
  generating protected data in the closed subsystem by re-encrypting the raw data using a second encryption protocol to generate protected data with any added graphics and audio data; and
  
  asserting the protected data from the closed subsystem to an external device or system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the apparatus is an entertainment device.
  - 3. The method of claim 1, wherein the encrypted data comprises digital video data.
  - 4. The method of claim 3, wherein receiving encrypted data includes reading the digital video data from a disk.
  - 5. The method of claim 3, wherein the digital video data comprises high-definition digital video data, and wherein re-encrypting the raw data includes re-encrypting the raw data in accordance with the HDCP (High-bandwidth Digital Data Protection) protocol.
  - 6. The method of claim 1, wherein re-encrypting the raw data includes the use of key data, and further comprising preventing the key data from being disclosed outside of the closed subsystem except to the external device or system.
  - 7. The method of claim 1, wherein the encrypted data is received from a source external to the apparatus.
  - 8. The method of claim 7, wherein the source external to the apparatus is the Internet.
  - 9. The method of claim 1, further comprising generating additional unprotected data and asserting the additional unprotected data to the closed system.
  - 10. The method of claim 9, further comprising asserting the additional unprotected data from the closed system to the external device or system without encryption.
  - 11. The method of claim 1, wherein the external device or system comprises a display device.

12. An apparatus comprising:
- an open system architecture configured to allow end users to add or remove hardware components, software modules, or both;
  
  combiner circuitry that may add unprotected graphics and audio data to raw data;
  
  a closed subsystem within the open system architecture wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom, the closed subsystem configured to;
  
  receive encrypted data according to a first encryption protocol,decrypt and perform additional processing on the encrypted data to generate raw data wherein the additional processing comprises;
  
  decompressing the encrypted data if compressed encrypted data is received, andmanipulating the encrypted data for output,add any applicable unprotected graphics and audio data to the raw data using the combiner circuitry, andre-encrypt the raw data to generate protected data usin a second encryption protocol to generate protected data with any added graphics and audio data,further wherein the closed system prevents access to the raw data outside of the closed subsystem; and
  
  an output, the closed subsystem to assert the protected data to an external device or system via the output.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 13. The apparatus of claim 12, wherein the protected data comprises encrypted high-definition digital video data.
  - 14. The apparatus of claim 12, further comprising a second subsystem configured to generate additional unprotected data and to assert the additional unprotected data to the closed subsystem.
  - 15. The apparatus of claim 14, wherein the additional unprotected data comprises audiovisual data.
  - 16. The apparatus of claim 14, wherein the additional unprotected data comprises menu information.
  - 17. The apparatus of claim 14, wherein the closed subsystem is operable in a first mode to assert the protected data to the output and in a second to assert the additional unprotected data to the output.
  - 18. The apparatus of claim 12, wherein the closed subsystem is operable to re-encrypt the raw data using key data.
  - 19. The apparatus of claim 18, wherein the closed subsystem is operable to prevent release of the key data outside of the closed subsystem except to the external device or system.
  - 20. The apparatus of claim 12, wherein the output includes one or more HDMI (Definition Multimedia Interface) compatible links from the apparatus to the external device or system.
  - 21. The apparatus of claim 12, wherein the closed subsystem comprises an HD-DVD drive configured to decrypt high-definition digital video read from a disk to generate decrypted data, to perform decompression on the decrypted data to generate raw data, and to generate the protected data by re-encrypting the raw data.
  - 22. The apparatus of claim 12, wherein the closed subsystem is configured to re-encrypt the raw data in accordance with the HDCP (High-bandwidth Digital Data Protection) protocol.
  - 23. The apparatus of claim 12, wherein the apparatus is configured to communicate bidirectionally with the external device or system to execute an authentication protocol the prior to assertion of the re-encrypted data to the external device or system.
  - 24. The apparatus of claim 23, wherein the apparatus executing the authentication protocol includes verifying that the external device or system is authorized to receive the protected data and to establish shared secret values for use in encryption and decryption of data.
  - 25. The apparatus of claim 12, wherein the apparatus is an entertainment device.
  - 26. The apparatus of claim 14, wherein the closed subsystem is to re-encrypt the raw data using key data, and is to prevent release of the key data outside of the closed subsystem except to the external device or system.
  - 27. The apparatus of claim 14, wherein the apparatus is configured to communicate bidirectionally with the external device or system to execute an authentication protocol the prior to assertion of the re-encrypted data to the external device or system.
  - 28. The apparatus of claim 27, wherein the apparatus executing the authentication protocol includes verifying that the external device or system is authorized to receive the protected data and to establish shared secret values for use in encryption and decryption of data.

29. A system comprising:
- a first apparatus with an open system architecture configured to allow end users to add or remove hardware components, software modules, or both, the first apparatus including combiner circuitry that may add unprotected graphics and audio data to raw data, a closed subsystem within the open system architecture wherein the closed subsystem does not allow end users to add hardware components or software modules thereto or remove hardware components or software modules therefrom, the closed subsystem configured toreceive encrypted content according to a first encryption protocol,decrypt and perform additional processing on the encrypted data to generate raw data wherein the additional processing comprises;
  
  decompressing the encrypted data if compressed encrypted data is received, andmanipulating the encrypted data for output,add any applicable unprotected graphics and audio data to the raw data using the combiner circuitry,re-encrypt the raw content to generate protected content using a second encryption protocol to generate protected data with any added graphics and audio data, andtransmit the protected data via an output, the closed system preventing access to the raw content outside of the closed subsystem; and
  
  a second apparatus including an input to receive the protected content and decryption circuitry to generate raw content by decrypting the encrypted video data.
- View Dependent Claims (30, 31, 32, 33)
- - 30. The system of claim 29, wherein the protected content comprises encrypted high-definition digital video data.
  - 31. The system of claim 30, wherein the second apparatus includes a digital video monitor.
  - 32. The system of claim 29, wherein the closed subsystem is configured to receive the encrypted content from a remote source.
  - 33. The system of claim 29, wherein the closed subsystem is further to perform decompression on the decrypted data in the generation of the raw content.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Optimum Content Protection LLC (Acacia Research Corporation)
Original Assignee
Silicon Image, Inc. (Lattice Semiconductor Corporation)
Inventors
Hanko, James G., Lyle, James D., Northcutt, J. Duane, Lavelle, Michael G.
Primary Examiner(s)
TRAN, ELLEN C

Application Number

US10/679,055
Publication Number

US 20080148063A1
Time in Patent Office

1,985 Days
Field of Search

713/165, 713/162, 380/200, 380/217, 380/239, 380/241
US Class Current

380/200
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/85   interconnection devices, e....

G11B 20/00086   Circuits for prevention of ...

G11B 20/0021   involving encryption or dec...

H04L 2463/101   applying security measures ...

H04L 63/0464   using hop-by-hop encryption...

H04L 63/0823   using certificates cryptogr...

H04L 63/0869   for achieving mutual authen...

H04N 21/2541   Rights Management protectin...

H04N 21/4334   Recording operations record...

H04N 21/4367   Establishing a secure commu...

H04N 21/4405   involving video stream decr...

H04N 21/4408   involving video stream encr...

H04N 21/4627   Rights management associate...

H04N 21/835   Generation of protective da...

H04N 5/913   for scrambling ; for copy p...

H04N 7/088   the inserted signal being d...

H04N 7/1675   Providing digital key or au...

Method and apparatus for content protection within an open architecture system

First Claim

3 Assignments

Litigations

2 Petitions

Accused Products

Abstract

49 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for content protection within an open architecture system

First Claim

3 Assignments

Subscription Required

Subscription Required

Litigations

2 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links