Interpreter using cryptographic values of a playback device's keys to authorize the playback device

US 7,756,272 B2
Filed: 10/26/2007
Issued: 07/13/2010
Est. Priority Date: 03/28/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A non-transitory computer-readable medium comprising:

encrypted digital content, the encrypted digital content including representations of a plurality of versions of a plurality of regions of the encrypted digital content, each version of the plurality of versions being encrypted with a unique cryptographic key; and

program logic for processing by an interpreter in a playback device, including;

program logic configured to query said playback device to obtain the results of cryptographic computations performed by said playback device, where said cryptographic operations use a plurality of cryptographic keys, each cryptographic key of the plurality of cryptographic kegs corresponding to a unique version of the plurality of versions, the plurality of cryptographic keys not being accessible by said program logic;

program logic configured to determine whether playback is authorized to proceed on said playback device by using said obtained results; and

program logic configured to derive values of the plurality of cryptographic keys for decrypting a particular version of the plurality of versions and thereby enable playback of the particular version, if it is it determined that playback is authorized.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an exemplary embodiment, digital content is mastered as a combination of encrypted data and data processing operations that enable use in approved playback environments. Player devices having a processing environment compatible with the content'"'"'s data processing operations are able to decrypt and play the content. Players can also provide content with basic functions, such as loading data from media, performing network communications, determining playback environment configuration, controlling decryption/playback, and/or performing cryptographic operations using the player'"'"'s keys. These functions allow the content to implement and enforce its own security policies. If pirates compromise individual players or content titles, new content can be mastered with new security features that block the old attacks. A selective decryption capability can also be provided, enabling on-the-fly watermark insertion so that attacks can be traced back to a particular player. Features to enable migration from legacy formats are also provided.

52 Citations

View as Search Results

24 Claims

1. A non-transitory computer-readable medium comprising:
- encrypted digital content, the encrypted digital content including representations of a plurality of versions of a plurality of regions of the encrypted digital content, each version of the plurality of versions being encrypted with a unique cryptographic key; and
  
  program logic for processing by an interpreter in a playback device, including;
  
  program logic configured to query said playback device to obtain the results of cryptographic computations performed by said playback device, where said cryptographic operations use a plurality of cryptographic keys, each cryptographic key of the plurality of cryptographic kegs corresponding to a unique version of the plurality of versions, the plurality of cryptographic keys not being accessible by said program logic;
  
  program logic configured to determine whether playback is authorized to proceed on said playback device by using said obtained results; and
  
  program logic configured to derive values of the plurality of cryptographic keys for decrypting a particular version of the plurality of versions and thereby enable playback of the particular version, if it is it determined that playback is authorized.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The non-transitory computer-readable medium of claim 1 where said program logic is further configured to:
    - not derive values of the plurality of cryptographic keys if playback is not authorized.
  - 3. The non-transitory computer-readable medium of claim 1 further comprising program logic configured to:
    - obtain from said playback device information identifying said playback device;
      
      and use said identifying information to modify the playback of said video so that a third party with knowledge of how said modification is performed can identify said playback device from a copy of the playback output.
  - 4. The non-transitory computer-readable medium of claim 1 further comprising:
    - information identifying the manufacturer of said medium, at least one characteristic identifiable by said player identifying that said medium is not consumer-recordable.
  - 5. The non-transitory computer-readable medium of claim 1 further comprising a serial number uniquely identifying said medium.

6. A device for playing encrypted digital content, comprising:
- an input interface usable to input said encrypted digital content and associated program logic, the encrypted digital content including representations of a plurality of versions of a plurality of regions of the encrypted digital content, each version of the plurality of versions being encrypted with a unique cryptographic key;
  
  a memory usable to store inputs read from said interface;
  
  a processor usable to read data from said interface and to store data in said memory;
  
  an interpreter, implemented using software executable on said processor and configured to interpret program logic read from said interface and stored in said memory;
  
  a cryptographic module;
  
  having access to a plurality of cryptographic keys, each cryptographic key of the plurality of cryptographic keys corresponding to a unique version of the plurality of versions; and
  
  configured to perform cryptographic processing using the plurality of cryptographic keys as directed by said program logic, such that said program logic can obtain the results of said cryptographic processing but cannot determine values of the plurality of cryptographic keys; and
  
  an output interface for outputting after decryption, a particular version of the plurality of versions by using the results of the cryptographic processing.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 7. The device of claim 6, where said input interface is a network interface capable of receiving a transmission over the Internet.
  - 8. The device of claim 6 where said input interface is coupled to a removable module comprising:
    - a memory containing said encrypted digital content and associated program logic; and
      
      cryptographic computation logic usable by said program logic and necessary to decrypt said content.
  - 9. The device of claim 6 where said interpreter is configured to provide said program logic with access to information describing:
    - said playback device;
      
      at least one action requested by a user of said playback device; and
      
      at least one device coupled to said output interface.
  - 10. The device of claim 6 where said cryptographic subunit comprises a removable, tamper-resistant hardware module.
  - 11. The device of claim 6:
    - where said encrypted digital content includes encrypted digital video distributed on an optically-readable medium; and
      
      further configured to output said digital content in a form re-encrypted to deter unauthorized access to said output.
  - 12. The device of claim 6, further comprising a decryption circuit configured to decrypt the particular version by using cryptographic keys derived by said program logic.
  - 13. The device of claim 12, where said decryption circuit is configured to embed information received from said interpreter in the decrypted particular version such that a third party can determine said information by analyzing a recording of said decrypted particular version outputted from said output interface.
  - 14. The device of claim 13 where:
    - said device is capable of embedding said information by using said information to select the particular version to output from among said plurality of versions; and
      
      said decryption circuit includes logic to synchronize decryption key changes.
  - 15. The device of claim 6 further comprising:
    - an internal nonvolatile memory;
      
      containing security-related data accessible by said program logic operating on said interpreter; and
      
      usable by said program logic to verify the security of said playback device; and
      
      cryptographic authentication logic to validate the authenticity of updates to said security-related data.
  - 16. The device of claim 6 further comprising a visual indicator notifying a user of said playback device whether the quality of said digital content provided on said output interface has been reduced.

17. A method for playing encrypted digital content, the method comprising:
- reading data from a medium, where said data incorporates processing instructions combined with encrypted digital content, the encrypted digital content including representations of a plurality of versions of a plurality of regions of the encrypted digital content, each version of the plurality of versions being encrypted with a unique cryptographic key;
  
  using an interpreter within a player device, performing said processing instructions;
  
  using cryptographic keys of a plurality of cryptographic keys in a cryptographic operation to produce a result, each cryptographic key of the plurality of cryptographic keys corresponding to a unique version of the plurality of versions, the plurality of cryptographic keys being accessible to said player device,returning the result to said processing instructions;
  
  using the result to decrypt said encrypted digital content; and
  
  outputting a representation of said decrypted digital content by using an output interface.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The method of claim 17 further comprising:
    - identifying a device coupled to said output interface;
      
      determining that the security of said coupled device is insufficient for high-quality playback, as a result of executing said processing instructions;
      
      said processing instructions specifying an output quality that is lower than the best quality represented on said medium, supported by said output interface, and supported by said coupled device; and
      
      outputting said decrypted digital content at said specified output quality.
  - 19. The method of claim 17 further comprising:
    - updating a protected nonvolatile memory to indicate that said digital content was played; and
      
      securely reporting to a third party to enable billing for playback.
  - 20. The method of claim 19 further comprising using a public key to verify a digital signature on at least a portion of said processing instructions prior to allowing access to said nonvolatile memory.
  - 21. The method of claim 17 including transmitting at least one message via said output interface to a user of said player device.
  - 22. The method of claim 17 further comprising:
    - analyzing information including a type of said player device; and
      
      based on said analysis, enabling playback of additional bonus digital content stored on said media.
  - 23. The method of claim 17 further comprising using a codec implemented in said processing instructions operating on said interpreter to decompress said digital content.
  - 24. The method of claim 17 further comprising:
    - transmitting a value to an output device coupled to said output interface; and
      
      receiving a cryptographically-transformed representation of said value from said output device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Irdeto USA Incorporated (MultiChoice Group Ltd.)
Original Assignee
Rovi Solutions Corporation (Adeia Inc.)
Inventors
Jun, Benjamin Che-Ming, Pearson, Peter Kelley, Kocher, Paul Carl, Jaffe, Joshua Michael, Carter, Matthew Thomas
Primary Examiner(s)
Barron, Jr.; Gilberto
Assistant Examiner(s)
PERUNGAVOOR, VENKATANARAY

Application Number

US11/977,862
Publication Number

US 20080049935A1
Time in Patent Office

991 Days
Field of Search

380/37, 380/42, 380201-203, 380239-242, 380210-211, 713/170, 713/161, 713/168, 713/179, 713193-194, 726 32- 33, 726/21
US Class Current

380/202
CPC Class Codes

G11B 20/00086   Circuits for prevention of ...

G11B 20/00166   involving measures which re...

G11B 20/00173   wherein the origin of the c...

G11B 20/0021   involving encryption or dec...

G11B 20/00246   wherein the key is obtained...

G11B 20/00659   involving a control step wh...

G11B 20/00818   wherein the usage restricti...

G11B 20/0084   wherein the usage restricti...

G11B 20/00884   involving a watermark, i.e....

H04L 2209/603   Digital right managament [DRM]

H04L 2209/608   Watermarking

H04L 9/0891   Revocation or update of sec...

H04L 9/3247   involving digital signatures

H04N 2005/91335   the copy protection signal ...

H04N 2005/91342   the copy protection signal ...

H04N 21/26613   for generating or managing ...

H04N 21/4135   external recorder interface...

H04N 21/4181   for conditional access

H04N 21/4325   by playing back content fro...

H04N 21/4405   involving video stream decr...

H04N 21/44236 : Monitoring of piracy proces...

H04N 21/4627 : Rights management associate...

H04N 21/8355 : involving usage data, e.g. ...

H04N 21/8358 : involving watermark protect...

H04N 5/913 : for scrambling ; for copy p...

View All

Interpreter using cryptographic values of a playback device's keys to authorize the playback device

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Interpreter using cryptographic values of a playback device's keys to authorize the playback device

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links