公开(公告)号：US07672452B2

公开(公告)日：2010-03-02

申请号：US10428882

申请日：2003-05-01

Applicant: Madhusudhan R. Penugonda ,  Michael W. Johnson ,  Eric J. Sprunk ,  An Tonthat

Inventor： Madhusudhan R. Penugonda ,  Michael W. Johnson ,  Eric J. Sprunk ,  An Tonthat

IPC: H04K1/00

CPC classification number: G01R31/318541 ,  G01R31/31719 ,  G01R31/318588 ,  H04L9/0637 ,  H04L9/0643 ,  H04L2209/26

Abstract: According to the invention, a circuit that is capable of automated scan testing is disclosed. Included in the circuit are a cryptographic engine, a digital circuit, an input pin, and an output pin. The cryptographic engine capable of performing at least one of encryption and decryption of one or more digital signals. The digital circuit includes combinatorial logic and a number of memory cells. The memory cells have scan inputs connected serially in a scan chain. The input pin and output pin are coupled to the scan chain. At least one of the input pin and the output pin carries at least some cipher text data of the scan chain.

Abstract translation: 根据本发明，公开了能够进行自动扫描测试的电路。 电路中包括加密引擎，数字电路，输入引脚和输出引脚。 能够执行一个或多个数字信号的加密和解密中的至少一个的加密引擎。 数字电路包括组合逻辑和多个存储单元。 存储单元具有扫描链中的串行连接的扫描输入。 输入引脚和输出引脚耦合到扫描链。 输入引脚和输出引脚中的至少一个至少携带扫描链的一些密文数据。

公开(公告)号：US07660986B1

公开(公告)日：2010-02-09

申请号：US09576516

申请日：2000-05-23

Applicant: Xin Qiu ,  Eric J. Sprunk ,  Paul Moroney

Inventor： Xin Qiu ,  Eric J. Sprunk ,  Paul Moroney

IPC: H04L9/32 ,  H04N7/167

CPC classification number: H04N21/4623 ,  H04L9/002 ,  H04L9/088 ,  H04N7/1675 ,  H04N21/26606

Abstract: A system to change security levels is used to change the level of security used in a secured processing system. The system uses a status indicator to designate the security level being implemented. The security level can be upgraded to allow a higher level of security to be implemented with relative ease. However, in order to change from a higher level of security to a lower level of security, an authorization code is utilized to confirm that the change in security is authorized.

Abstract translation: 用于更改安全级别的系统用于改变安全处理系统中使用的安全级别。 系统使用状态指示器来指定正在执行的安全级别。 可以升级安全级别，以便相对容易地实现更高级别的安全性。 然而，为了从更高的安全级别改为较低级别的安全性，使用授权码来确认安全性的改变是否被授权。

公开(公告)号：US07607022B1

公开(公告)日：2009-10-20

申请号：US09587932

申请日：2000-06-06

Applicant: Xin Qiu ,  Eric J. Sprunk

Inventor： Xin Qiu ,  Eric J. Sprunk

IPC: H04N7/16 ,  H04N7/167

CPC classification number: H04N7/52 ,  H04L9/088 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/2365 ,  H04N21/4347 ,  H04N21/4405

Abstract: A system to transmit a set of programs from a transmitter to a receiver is used to accommodate different levels of security used for each program. When a high level of security is necessary for transmitting or receiving a program the transmitter and/or receiver is operable to accommodate that level of security. Thus, both transmitters and receivers are operable to be reconfigured to encrypt or decrypt, respectively, at different levels. Accordingly, differing amounts of programs can be transmitted or received based on the resource requirements needed at any level of security. Consequently, a high level of encryption/decryption requires more resources and allows the processing of fewer services, while a lower level of encryption/decryption allows more services to be transmitted/received.

Abstract translation: 用于将一组程序从发射机发射到接收机的系统被用于适应用于每个节目的不同级别的安全性。 当需要高水平的安全性来发送或接收程序时，发射器和/或接收器可操作以适应该级别的安全性。 因此，发射机和接收机都可以被重新配置以分别在不同的级别进行加密或解密。 因此，可以基于任何安全级别所需的资源要求来发送或接收不同数量的程序。 因此，高级别的加密/解密需要更多的资源并且允许处理较少的服务，而较低级别的加密/解密允许发送/接收更多的服务。

公开(公告)号：US20090202075A1

公开(公告)日：2009-08-13

申请号：US12345741

申请日：2008-12-30

Applicant: Lawrence D. Vince ,  Eric J. Sprunk

Inventor： Lawrence D. Vince ,  Eric J. Sprunk

IPC: H04L9/00 ,  H04L9/06

CPC classification number: H04H60/15 ,  H04H60/23 ,  H04L9/0861 ,  H04L2209/601 ,  H04N7/165 ,  H04N21/43853 ,  H04N21/4623 ,  H04N21/63345

Abstract: A method and apparatus is provided for decrypting an encrypted transport stream, comprising. The method includes receiving the encrypted transport stream over a content delivery network. The encrypted transport stream is encrypted using a first control word that serves as an encryption/decryption key. A variable control word is received over the content delivery network. The variable control word is mathematically constrained to create a second control word. The encrypted transport stream is decrypted using the second control word if the second control word is the same as the first control word.

Abstract translation: 提供了一种解密加密的传输流的方法和装置，包括： 该方法包括通过内容传送网络接收加密的传输流。 使用用作加密/解密密钥的第一控制字对加密的传输流进行加密。 通过内容传送网络接收可变控制字。 可变控制字在数学上被约束以产生第二控制字。 如果第二控制字与第一控制字相同，则使用第二控制字对加密的传输流进行解密。

公开(公告)号：US07568223B2

公开(公告)日：2009-07-28

申请号：US10893047

申请日：2004-07-15

Applicant: Eric J. Sprunk ,  Paul Moroney ,  Alexander Medvinsky ,  Steven E. Anderson ,  Jonathan A. Fellows

Inventor： Eric J. Sprunk ,  Paul Moroney ,  Alexander Medvinsky ,  Steven E. Anderson ,  Jonathan A. Fellows

IPC: H04L9/00

CPC classification number: H04L29/06027 ,  G06F12/1408 ,  G06F21/606 ,  G06F2207/7219 ,  G06F2211/008 ,  G06F2221/2129 ,  H04L9/083 ,  H04L9/0841 ,  H04L9/3213 ,  H04L9/3263 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/061 ,  H04L63/062 ,  H04L63/0807 ,  H04L63/12 ,  H04L65/1043

Abstract: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.

Abstract translation: 公开了一种安全的因特网协议（IP）电话系统，装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器（CTA）的通信来保护。 该系统可以包括一个或多个CTA，网络服务器，配置为信令控制器的服务器，密钥分配中心（KDC），并且可以包括将IP电话系统耦合到公共交换电话网络（PSTN）的网关。 每个CTA都可以配置为安全硬件，并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。

公开(公告)号：US07486792B2

公开(公告)日：2009-02-03

申请号：US10646398

申请日：2003-08-21

Applicant: Eric J. Sprunk

Inventor： Eric J. Sprunk

IPC: H04N7/167 ,  H04L9/00

CPC classification number: H04N21/2541 ,  H04N7/162 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/25816 ,  H04N21/26613 ,  H04N21/42684 ,  H04N21/4405 ,  H04N21/4408 ,  H04N21/4623 ,  H04N21/835

Abstract: According to the invention, a method for protecting digital television from unauthorized digital receivers within a population of digital receivers is disclosed. Each digital receiver in the population has a unique identifier. In one step, provisioning information is received from a subset of the population of digital receivers indicating that the subset is potentially within range to receive digital television from a broadcaster. First decryption information is distributed to the subset of the population of digital receivers. The first decryption information allows for potentially decrypting a plurality of programs coextensively in time. The unauthorized digital receivers are cryptographically excluded from using the first decryption information. A first program is encrypted using a first method that is cryptographically related to second decryption information. The first program is sent. The second decryption information is distributed and cryptographically secured with the first decryption information.

Abstract translation: 根据本发明，公开了一种在数字接收机群体内保护数字电视免受未经授权的数字接收机的方法。 群体中的每个数字接收器具有唯一的标识符。 在一个步骤中，从数字接收机的子集的子集接收供应信息，指示该子集潜在地在从广播者接收数字电视的范围内。 第一解密信息被分发给数字接收机的群体的子集。 第一解密信息允许在时间上共同地解密多个节目。 未经授权的数字接收机被加密地排除在使用第一解密信息之外。 使用与第二解密信息密码相关的第一方法对第一程序进行加密。 第一个程序被发送。 利用第一解密信息分发和密码地保护第二解密信息。

公开(公告)号：US06959089B1

公开(公告)日：2005-10-25

申请号：US09697656

申请日：2000-10-26

Applicant: Eric J. Sprunk

Inventor： Eric J. Sprunk

IPC: G09C1/00 ,  G11B20/00 ,  G11B31/00 ,  H04L9/08 ,  H04L9/32 ,  H04N7/167

CPC classification number: H04N21/63775 ,  G11B20/00086 ,  G11B31/006 ,  H04N7/1675 ,  H04N21/25816 ,  H04N21/63345

Abstract: An apparatus and method are utilized for transmitting data across an interface between a sender and a receiver. The sender and receiver can be provided with a shared key, a receiver—key and a sender—key. A payload message can be combined with the keys to generate a unique message for transmission across the interface. The payload message can be authenticated utilizing the same input and the same algorithm on the receiving end of the transmission. The resulting confirmatory payload message can be utilized with the authenticating payload message to authenticate the payload message.

Abstract translation: 一种装置和方法用于通过发送器和接收器之间的接口传输数据。 发送者和接收者可以被提供有一个共享密钥，一个接收者和一个发送者密钥。 有效负载消息可以与密钥组合以生成用于跨接口传输的唯一消息。 可以在传输的接收端使用相同的输入和相同的算法来认证有效载荷消息。 所得到的确认有效载荷消息可以与认证有效载荷消息一起使用以验证有效载荷消息。

公开(公告)号：US08687806B2

公开(公告)日：2014-04-01

申请号：US12345741

申请日：2008-12-30

Applicant: Lawrence D. Vince ,  Eric J. Sprunk

Inventor： Lawrence D. Vince ,  Eric J. Sprunk

IPC: H04L9/00 ,  H04L9/08 ,  G06F7/04 ,  G06F17/30

CPC classification number: H04H60/15 ,  H04H60/23 ,  H04L9/0861 ,  H04L2209/601 ,  H04N7/165 ,  H04N21/43853 ,  H04N21/4623 ,  H04N21/63345

Abstract: A method and apparatus is provided for decrypting an encrypted transport stream, comprising. The method includes receiving the encrypted transport stream over a content delivery network. The encrypted transport stream is encrypted using a first control word that serves as an encryption/decryption key. A variable control word is received over the content delivery network. The variable control word is mathematically constrained to create a second control word. The encrypted transport stream is decrypted using the second control word if the second control word is the same as the first control word.

Abstract translation: 提供了一种解密加密的传输流的方法和装置，包括： 该方法包括通过内容传送网络接收加密的传输流。 使用用作加密/解密密钥的第一控制字对加密的传输流进行加密。 通过内容传送网络接收可变控制字。 可变控制字在数学上被约束以产生第二控制字。 如果第二控制字与第一控制字相同，则使用第二控制字对加密的传输流进行解密。

公开(公告)号：US07929483B2

公开(公告)日：2011-04-19

申请号：US11026413

申请日：2004-12-30

Applicant: Bridget D. Kimball ,  Michael T. Habrat ,  John I. Okimoto ,  Douglas M. Petty ,  Eric J. Sprunk ,  Lawrence W. Tang

Inventor： Bridget D. Kimball ,  Michael T. Habrat ,  John I. Okimoto ,  Douglas M. Petty ,  Eric J. Sprunk ,  Lawrence W. Tang

IPC: H04B7/212

CPC classification number: G06F21/10 ,  G06F21/725 ,  H04L63/123 ,  H04L2463/121

Abstract: The present invention discloses a system and method for providing a secured system time reference to a subscriber device, e.g., a set top box or a receiver. In one embodiment, the system time reference is provided in a secure system time message that is broadcasted to a plurality of subscriber devices. Each subscriber device has a security device or software application that is capable of determining whether the received system time reference is legitimate. If the system time reference is determined to be legitimate, a local time reference is synchronized with said received system time reference.

Abstract translation: 本发明公开了一种用于向订户设备（例如机顶盒或接收机）提供安全系统时间参考的系统和方法。 在一个实施例中，在广播到多个订户设备的安全系统时间消息中提供系统时间参考。 每个用户设备具有能够确定所接收的系统时间参考是否合法的安全设备或软件应用。 如果确定系统时间参考是合法的，则将本地时间基准与所接收的系统时间参考同步。

公开(公告)号：US20090323954A1

公开(公告)日：2009-12-31

申请号：US12490124

申请日：2009-06-23

Applicant: Eric J. Sprunk ,  Paul Moroney ,  Alexander Medvinsky ,  Steven E. Anderson ,  Jonathan A. Fellows

Inventor： Eric J. Sprunk ,  Paul Moroney ,  Alexander Medvinsky ,  Steven E. Anderson ,  Jonathan A. Fellows

IPC: H04L9/08 ,  H04L12/66 ,  H04L9/32

CPC classification number: H04L29/06027 ,  G06F12/1408 ,  G06F21/606 ,  G06F2207/7219 ,  G06F2211/008 ,  G06F2221/2129 ,  H04L9/083 ,  H04L9/0841 ,  H04L9/3213 ,  H04L9/3263 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/061 ,  H04L63/062 ,  H04L63/0807 ,  H04L63/12 ,  H04L65/1043

Abstract: A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller.

Abstract translation: 公开了一种安全的因特网协议（IP）电话系统，装置和方法。 通过IP电话系统的通信可以通过保护与有线电话适配器（CTA）的通信来保护。 该系统可以包括一个或多个CTA，网络服务器，配置为信令控制器的服务器，密钥分配中心（KDC），并且可以包括将IP电话系统耦合到公共交换电话网络（PSTN）的网关。 每个CTA都可以配置为安全硬件，并且可以配置多个用于通信信令或承载信道通信的加密密钥。 KDC可以被配置为周期性地分配对称加密密钥以保护已经被提供以在系统和信令控制器中操作的设备之间的通信。 诸如CTA之类的安全设备可以通过建立用由信令控制器分配的对称密钥导出的会话专用对称密钥加密的信令和承载信道来与其他安全设备进行通信。