-
公开(公告)号:US20110158411A1
公开(公告)日:2011-06-30
申请号:US12648416
申请日:2009-12-29
申请人: Alexander Medvinsky , Paul Moroney , Jiang Zhang
发明人: Alexander Medvinsky , Paul Moroney , Jiang Zhang
CPC分类号: H04L9/0833 , H04L9/0844 , H04L9/3263 , H04L63/06 , H04L63/0823 , H04L63/10 , H04L2209/80 , H04N21/26606 , H04N21/26613 , H04W12/04
摘要: In a method of registering a plurality of client devices with a device registration server for secure data communications, a unique symmetric key is generated for each of the client devices using a cryptographic function on a private key of the device registration server and a respective public key of each of the client devices, and a broadcast message containing the public key of the device registration server is sent to the client devices, in which the client devices are configured to generate a respective unique symmetric key from the public key of the device registration server and its own private key using a cryptographic function, and in which the unique symmetric key generated by each client device matches the respective unique symmetric key generated by the device registration server for the respective client device.
摘要翻译: 在使用用于安全数据通信的设备注册服务器登记多个客户端设备的方法中,使用设备注册服务器的私钥的密码功能和相应的公钥来为每个客户端设备生成独特的对称密钥 并且将包含设备注册服务器的公开密钥的广播消息发送到客户端设备,其中客户端设备被配置为从设备注册服务器的公开密钥生成相应的唯一对称密钥 和其自己的私钥使用加密功能,并且其中由每个客户端设备生成的唯一对称密钥与由相应客户端设备的设备注册服务器生成的相应唯一对称密钥匹配。
-
公开(公告)号:US20090323954A1
公开(公告)日:2009-12-31
申请号:US12490124
申请日:2009-06-23
CPC分类号: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
摘要: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
摘要翻译: 公开了一种安全的因特网协议(IP)电话系统,装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器(CTA)的通信来保护。 该系统可以包括一个或多个CTA,网络服务器,配置为信令控制器的服务器,密钥分配中心(KDC),并且可以包括将IP电话系统耦合到公共交换电话网络(PSTN)的网关。 每个CTA都可以配置为安全硬件,并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。
-
13.发明申请Method and Apparatus for Composing a Digital Rights Management License Format 审中-公开构建数字版权管理许可证格式的方法和装置公开(公告)号:US20080270311A1
公开(公告)日:2008-10-30
申请号:US11843312
申请日:2007-08-22
申请人: Petr Peterka , Alexander Medvinsky , Paul Moroney
发明人: Petr Peterka , Alexander Medvinsky , Paul Moroney
IPC分类号: G06Q10/00
摘要: A process composes a content license for a set of content. The content license has a static portion and a dynamic portion. Further, the process inserts a master key into the static portion. In addition, the process inserts a plurality of content rule sets of values into the dynamic portion and composes a unique content encryption key for each segment of content associated with one of the content rule sets of values as each of the content rule sets of values is sequentially received during recording of the content. The unique content encryption key is based on the master key and at least a subset of the content rule set of values for a corresponding segment of the content. The unique content encryption key is utilized for encryption of each segment of the content to generate a plurality of encrypted content segments for storage on the storage medium.
摘要翻译: 一个进程组成一组内容的内容许可证。 内容许可证具有静态部分和动态部分。 此外,该过程将主密钥插入静态部分。 此外,该过程将多个内容规则集值集合插入到动态部分中,并且对于与内容规则集值之一相关联的每个内容段,构成唯一内容加密密钥,因为每个内容规则集值是 在记录内容期间顺序地接收。 唯一内容加密密钥基于主密钥以及内容的相应段的内容规则集合的集合的至少一个子集。 独特的内容加密密钥用于加密内容的每个段,以生成用于存储在存储介质上的多个加密的内容段。
-
公开(公告)号:US20080267398A1
公开(公告)日:2008-10-30
申请号:US12108719
申请日:2008-04-24
IPC分类号: H04N7/167
CPC分类号: G11B20/00086 , G11B20/00166 , G11B20/0021 , G11B20/00507 , G11B20/00731 , G11B27/30 , G11B2220/2516 , H04N7/1675 , H04N21/2541 , H04N21/4135 , H04N21/4147 , H04N21/43615 , H04N21/43622 , H04N21/4367 , H04N21/4408 , H04N21/4627 , H04N21/835 , H04N21/8355 , H04N21/8456
摘要: A process may be utilized by the DVR. The process receives a plurality of segments of a set of content and a plurality of corresponding content rule sets. Further, the process provides one or more instructions to record and encrypt the plurality of segments of the set of content on a storage medium. In addition, the process provides the plurality of content rule sets to the DRM component to be inserted into a locally generated and secured content license associated with the encryption of the set of content. The secured content license includes a master key and a list of the plurality of corresponding content rule sets that have been received in order of reception. The process receives a plurality of marker tokens from the DRM component in order to facilitate trick mode playback.
摘要翻译: DVR可以利用一个过程。 该过程接收一组内容和多个对应的内容规则集合的多个片段。 此外,该过程提供一个或多个指令以在存储介质上记录和加密该组内容的多个段。 此外,该过程向DRM组件提供多个内容规则集以被插入到与该组内容的加密相关联的本地生成和安全的内容许可中。 安全内容许可证包括主密钥和已经按照接收顺序接收的多个对应的内容规则集的列表。 该过程从DRM组件接收多个标记符号以便于特技模式回放。
-
公开(公告)号:US20060047976A1
公开(公告)日:2006-03-02
申请号:US11159754
申请日:2005-06-23
申请人: Paul Moroney , Alexander Medvinsky
发明人: Paul Moroney , Alexander Medvinsky
IPC分类号: G06F12/14
CPC分类号: H04N7/1675 , H04H60/23 , H04L9/083 , H04L2209/60 , H04N21/26613 , H04N21/6118 , H04N21/6168 , H04N21/6332 , H04N21/63345
摘要: The present invention discloses an apparatus and method for securely generating a content decryption key in an endpoint device. In one example, a nonce is acquired from a packet header from a message received at the endpoint device. The content decryption key is derived utilizing a one-way content function that uses a channel key and the nonce as input parameters.
摘要翻译: 本发明公开了一种在终端设备中安全地生成内容解密密钥的装置和方法。 在一个示例中,从在端点设备处接收的消息的分组报头中获取随机数。 使用使用信道密钥和随机数作为输入参数的单向内容函数导出内容解密密钥。
-
公开(公告)号:US07568223B2
公开(公告)日:2009-07-28
申请号:US10893047
申请日:2004-07-15
IPC分类号: H04L9/00
CPC分类号: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
摘要: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
摘要翻译: 公开了一种安全的因特网协议(IP)电话系统,装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器(CTA)的通信来保护。 该系统可以包括一个或多个CTA,网络服务器,配置为信令控制器的服务器,密钥分配中心(KDC),并且可以包括将IP电话系统耦合到公共交换电话网络(PSTN)的网关。 每个CTA都可以配置为安全硬件,并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。
-
17.发明申请公开(公告)号:US20080015997A1
公开(公告)日:2008-01-17
申请号:US11457219
申请日:2006-07-13
申请人: Paul Moroney , Alexander Medvinsky
发明人: Paul Moroney , Alexander Medvinsky
IPC分类号: G06Q99/00
CPC分类号: G06F21/10 , G06F2221/0753 , G06F2221/0755 , G06F2221/0777
摘要: The present invention discloses an apparatus and method for transferring digital content data. In one example, original digital content data stored on a first device content data. In one example, original digital content data stored on a first device in an encrypted state is transcoded (after being decrypted) to create a modified version of the original digital content data. The modified version of the original digital content data is then encrypted with a new content key. The modified version and at least one content key generator are transferred to a second device, where the at least one content key generator is used to recreate the new content key for enabling (and decrypting) the modified version of the original digital content data at the second device. Notably, the original digital content data stored in the first device is disabled contemporaneously with the transfer of the modified version and the at least one content key generator to the second device. Afterwards, the disabled original digital content data is re-enabled on the first device, and disabled on the second device.
摘要翻译: 本发明公开了一种用于传送数字内容数据的装置和方法。 在一个示例中,存储在第一设备内容数据上的原始数字内容数据。 在一个示例中,以加密状态存储在第一设备上的原始数字内容数据被转码(在被解密之后)以创建原始数字内容数据的修改版本。 然后用新的内容密钥对原始数字内容数据的修改版本进行加密。 修改版本和至少一个内容密钥生成器被传送到第二设备,其中使用至少一个内容密钥生成器来重新创建新的内容密钥,以便在(或)解密)原始数字内容数据的修改版本 第二设备 值得注意的是,存储在第一设备中的原始数字内容数据与修改版本和至少一个内容密钥生成器的传送同时被禁用到第二设备。 之后,禁用的原始数字内容数据在第一个设备上重新启用,并在第二个设备上禁用。
-
公开(公告)号:US09184917B2
公开(公告)日:2015-11-10
申请号:US13170261
申请日:2011-06-28
CPC分类号: H04L9/3247 , G06F21/10 , H04L9/3265 , H04L63/123 , H04L2209/603 , H04L2463/101
摘要: A client, method and system for registering a DRM client is disclosed. The method (100) includes the steps of: initiating (110) a registration request via a DRM client with an encrypted registration message including an asymmetric key cryptographic identity, a customer identifier and an application specific information (AINFO) field including a digital signature and a device certificate chain; validating (120) information in the application specific information (AINFO) field by a DRM registration server; and receiving (130) a registration response, the registration response being encrypted and including access information, to obtain content. Advantageously, this method provides an enhanced and reliable means of authentication.
摘要翻译: 公开了用于注册DRM客户端的客户端,方法和系统。 所述方法(100)包括以下步骤:通过DRM客户端发起(110)注册请求,所述注册请求具有加密的注册消息,所述加密的注册消息包括非对称密钥加密标识,客户标识符和包括数字签名的应用专用信息(AINFO) 设备证书链; 通过DRM注册服务器验证应用程序特定信息(AINFO)字段中的信息(120); 并且接收(130)注册响应,所述注册响应被加密并包括访问信息,以获得内容。 有利地,该方法提供了增强和可靠的认证手段。
-
公开(公告)号:US09054879B2
公开(公告)日:2015-06-09
申请号:US11455574
申请日:2006-06-19
申请人: Alexander Medvinsky , Paul Moroney
发明人: Alexander Medvinsky , Paul Moroney
IPC分类号: H04L29/06 , H04L9/32 , H04N21/235 , H04N21/254 , H04N21/258 , H04N21/435 , H04N21/436 , H04N21/835
CPC分类号: H04L9/3268 , H04L2209/601 , H04N21/235 , H04N21/2541 , H04N21/2585 , H04N21/435 , H04N21/43615 , H04N21/835
摘要: The present invention discloses an apparatus and method for delivering a revocation list over a one-way broadcast network to receivers with limited memory capabilities. In one example, the revocation list is partitioned to form a first certificate revocation list (CRL) sequence if the number of entries in the revocation list exceeds a predetermined value. Individual identification numbers belonging to a first identification number series are subsequently assigned to partitions of the first CRL sequence. Afterwards, the first CRL sequence is interleaved into a first content transport stream.
摘要翻译: 本发明公开了一种用于通过单向广播网络将撤销列表递送到具有有限存储能力的接收机的装置和方法。 在一个示例中,如果撤销列表中的条目数超过预定值,则撤销列表被分割以形成第一证书撤销列表(CRL)序列。 属于第一标识号序列的个体标识号随后被分配给第一CRL序列的分区。 之后,第一CRL序列被交织到第一内容传输流中。
-
公开(公告)号:US08544077B2
公开(公告)日:2013-09-24
申请号:US12490124
申请日:2009-06-23
IPC分类号: G06F7/04
CPC分类号: H04L29/06027 , G06F12/1408 , G06F21/606 , G06F2207/7219 , G06F2211/008 , G06F2221/2129 , H04L9/083 , H04L9/0841 , H04L9/3213 , H04L9/3263 , H04L63/0435 , H04L63/0442 , H04L63/061 , H04L63/062 , H04L63/0807 , H04L63/12 , H04L65/1043
摘要: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.
-
-
-
-
-
-
-
-
-
搜索结果
99 条记录 (耗时 0.027 秒)
