Host device and method for super-distribution of content protected with a localized content encryption key
First Claim
Patent Images
1. A host device comprising:
- one or more memories storing a super-distribution key and a content encryption key; and
a controller in communication with the one or more memories, wherein the controller is operative to;
retrieve content from a storage device, wherein the content is encrypted with the content encryption key;
create a super-distribution token by encrypting the content encryption key with a first encryption key and then encrypting a result of that encryption with the super-distribution key, wherein the super distribution token includes a reference to the first encryption key, wherein the reference is unencrypted; and
store the super-distribution token and the encrypted content retrieved from the source storage device in a target storage device, wherein the target storage device stores a plurality of encryption keys and uses the reference in the super distribution token to select one of the plurality of encryption keys to decrypt the content encryption key.
2 Assignments
0 Petitions
Accused Products
Abstract
In one embodiment, a host device creates a super-distribution token by encrypting a content encryption key with a super-distribution key and stores the super-distribution token and encrypted content retrieved from a source storage device in a target storage device. In another embodiment, a host device provides a super-distribution token to a server, wherein the server is configured to generate an activation token from the super-distribution token, receive the activation token from the server, retrieve a content encryption key from the activation token, and decrypt encrypted content received from a storage device using the content encryption key retrieved from the activation token.
23 Citations
84 Claims
-
1. A host device comprising:
-
one or more memories storing a super-distribution key and a content encryption key; and a controller in communication with the one or more memories, wherein the controller is operative to; retrieve content from a storage device, wherein the content is encrypted with the content encryption key; create a super-distribution token by encrypting the content encryption key with a first encryption key and then encrypting a result of that encryption with the super-distribution key, wherein the super distribution token includes a reference to the first encryption key, wherein the reference is unencrypted; and store the super-distribution token and the encrypted content retrieved from the source storage device in a target storage device, wherein the target storage device stores a plurality of encryption keys and uses the reference in the super distribution token to select one of the plurality of encryption keys to decrypt the content encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for super-distribution of content, the method comprising:
performing the following in a host device storing a super-distribution key and a content encryption key, the host device being in communication with a source storage device storing content encrypted with the content encryption key; creating a super-distribution token by encrypting the content encryption key with a first encryption key and then encrypting a result of that encryption with the super-distribution key, wherein the super distribution token includes a reference to the first encryption key, wherein the reference is unencrypted; and storing the super-distribution token and the encrypted content retrieved from the source storage device in a target storage device, wherein the target storage device stores a plurality of encryption keys and uses the reference in the super distribution token to select one of the plurality of encryption keys to decrypt the content encryption key. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
27. A host device comprising:
-
a memory storing a super-distribution token and a plurality of additional encryption keys, wherein the super-distribution token comprises a content encryption key encrypted with one of the plurality of additional encryption keys and then encrypted with a super-distribution key; and a controller in communication with the memory, wherein the controller is operative to; receive the encrypted content from a storage device, wherein the encrypted content is encrypted with the content encryption key; provide the super-distribution token to a server, wherein the server is configured to generate an activation token from the super-distribution token by decrypting the super-distribution token with the super-distribution key, wherein the activation token contains the content encryption key encrypted with the one of the plurality of additional encryption keys and further contains a reference to the one of the plurality of additional encryption keys, wherein the reference is unencrypted; receive the activation token from the server; select one of the additional keys based on the reference in the activation token; decrypt the content encryption key from the activation token using the selected one of the additional keys; and decrypt the encrypted content received from the storage device using the content encryption key. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A method for super-distribution of content, the method comprising:
performing the following in a host device in communication with a storage device storing content encrypted with a content encryption key, wherein the host device stores a plurality of additional encryption keys and a super-distribution token comprising the content encryption key encrypted with one of the plurality of additional encryption keys and then encrypted with a super-distribution key; providing the super-distribution token to a server, wherein the server is configured to generate an activation token from the super-distribution token by decrypting the super-distribution token with the super-distribution key, wherein the activation token contains the content encryption key encrypted with the one of the plurality of additional encryption keys and further contains a reference to the one of the plurality of additional encryption keys wherein the reference is unencrypted; receiving the activation token from the server; selecting one of the additional keys based on the reference in the activation token; decrypting the content encryption key from the activation token using the selected one of the additional keys; and decrypting the encrypted content retrieved from the storage device using the content encryption key. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44)
-
45. A storage device comprising:
-
one or more memories storing a super-distribution key and a content encryption key; and a controller in communication with the one or more memories, wherein the controller is operative to; create a super-distribution token by encrypting the content encryption key with a first encryption key and then encrypting a result of that encryption with the super-distribution key, wherein the super distribution token includes a reference to the first encryption key, wherein the reference is unencrypted; and provide the super-distribution token to a host device for storage in a target storage device, wherein the target storage device stores a plurality of encryption keys and uses the reference in the super distribution token to select one of the plurality of encryption keys to decrypt the content encryption key. - View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
-
58. A method for super-distribution of content, the method comprising:
performing the following in a storage device in communication with a host device, wherein the storage device stores a super-distribution key and a content encryption key; creating a super-distribution token by encrypting the content encryption key with a first encryption key and then encrypting a result of that encryption with the super-distribution key, wherein the super distribution token includes a reference to the first encryption key, wherein the reference is unencrypted; and providing the encrypted content and the super-distribution token to the host device for storage in a target storage device, wherein the target storage device stores a plurality of encryption keys and uses the reference in the super distribution token to select one of the plurality of encryption keys to decrypt the content encryption key. - View Dependent Claims (59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69)
-
70. A storage device comprising:
-
one or more memories storing content encrypted with a content encryption key, a plurality of additional encryption keys, and a super-distribution token, wherein the super-distribution token comprises the content encryption key encrypted with one of the plurality of additional encryption keys and then encrypted with a super-distribution key; and a controller in communication with the one or more memories, wherein the controller is operative to; provide the super-distribution token to a server via a host device, wherein the server is operative to generate an activation token from the super-distribution token by decrypting the super-distribution token with the super-distribution key, wherein the activation token contains the content encryption key encrypted with the one of the plurality of additional encryption keys and further contains a reference to the one of the plurality of additional encryption keys, wherein the reference is unencrypted; receive the activation token from the server via the host device; select one of the additional keys based on the reference in the activation token; decrypt the content encryption key from the activation token using the selected one of the additional keys; and decrypt the encrypted content using the content encryption key. - View Dependent Claims (71, 72, 73, 74, 75, 76)
-
-
77. A method for super-distribution of content, the method comprising:
performing the following in a storage device in communication with a host device, wherein the storage device stores content encrypted with a content encryption key, a plurality of additional encryption keys, and a super-distribution token, and wherein the super-distribution token comprises the content encryption key encrypted with one of the plurality of additional encryption keys and then encrypted with a super-distribution key; providing the super-distribution token to a server via the host device, wherein the server is operative to generate an activation token from the super-distribution token by decrypting the super-distribution token with the super-distribution key, and wherein the activation token contains the content encryption key encrypted with the one of the plurality of additional encryption keys and further contains a reference to the one of the plurality of additional encryption keys, wherein the reference is unencrypted; receiving the activation token from the server via the host device; selecting one of the additional keys based on the reference in the activation token; decrypting the content encryption key from the activation token using the selected one of the additional keys; and decrypting the encrypted content using the content encryption key. - View Dependent Claims (78, 79, 80, 81, 82, 83, 84)
Specification