公开(公告)号：US09811330B2

公开(公告)日：2017-11-07

申请号：US11758387

申请日：2007-06-05

Applicant: Stephane Rodgers

Inventor： Stephane Rodgers

IPC: G06F3/00 ,  G06F9/445 ,  G06F21/57

CPC classification number: G06F8/65 ,  G06F21/57

Abstract: Methods and systems for securing code in a reprogrammable security system are provided and may comprise detecting when a prior version of code is copied over a subsequent version of code. Operations within the system may be controlled based upon detection of the prior version of code. A unique version identifier may be associated with each successive version of code. The system may compare instances of unique version identifier from varied storage mechanisms on a device which may include flash memory, latch memory and one time programmable memory. The same instances of unique version identifier may be compared with a unique version identifier instance independently received from an external entity. When a comparison reveals a prior version of code copied over a subsequent version of code the system may conduct operations specified for a security breach.

公开(公告)号：US09026800B2

公开(公告)日：2015-05-05

申请号：US11743545

申请日：2007-05-02

Applicant: Stephane Rodgers ,  Andrew Dellow ,  Iue-Shuenn Chen ,  Xuemin Chen ,  Carolyn Walker

Inventor： Stephane Rodgers ,  Andrew Dellow ,  Iue-Shuenn Chen ,  Xuemin Chen ,  Carolyn Walker

IPC: G06F21/00 ,  G06F21/57 ,  G06F21/60 ,  G06F21/64 ,  G06F21/12 ,  H04L9/06 ,  H04L29/06 ,  H04N7/16 ,  H04N21/426 ,  H04N21/458 ,  H04N21/4623 ,  H04N21/81 ,  G06F21/10

CPC classification number: G06F21/572 ,  G06F21/10 ,  G06F21/12 ,  G06F21/121 ,  G06F21/60 ,  G06F21/64 ,  G06F2221/033 ,  H04L9/0643 ,  H04L63/12 ,  H04L63/123 ,  H04N7/162 ,  H04N21/42623 ,  H04N21/4586 ,  H04N21/4623 ,  H04N21/8193

Abstract: Methods and systems for allowing customer or third party testing of secure programmable code are disclosed and may include verifying code loaded in a set-top box utilizing a test hash or a production hash prior to execution of the code, where the test hash and production hash may be stored in a memory, such as an OTP, within the set-top box, and may allow migration from corresponding test code to production code, which may be verified utilizing the test hash and production hash, respectively. The test and production hashes may be customer specific. The migration from test code to production code may be authenticated using at least a set-top box specific password. The test hash may be stored in a first portion of a one-time programmable memory and the production hash in a remaining portion, with the first portion being less than or equal to the remaining portion.

Abstract translation: 公开了用于允许客户或第三方测试安全可编程代码的方法和系统，并且可以包括在执行代码之前利用测试散列或生产散列验证加载在机顶盒中的代码，其中测试散列和生产散列 可以存储在机顶盒内的诸如OTP的存储器中，并且可以允许从相应的测试代码迁移到生产代码，这可以分别使用测试散列和生产散列进行验证。 测试和生产散列可能是客户特定的。 从测试代码到生产代码的迁移可以至少使用机顶盒专用密码进行认证。 测试散列可以存储在一次性可编程存储器的第一部分中，并且剩余部分中的生成散列，其中第一部分小于或等于其余部分。

公开(公告)号：US20120224689A1

公开(公告)日：2012-09-06

申请号：US13074131

申请日：2011-03-29

Applicant: Steve (Stephane) Rodgers

Inventor： Steve (Stephane) Rodgers

IPC: G06F21/24 ,  H04K1/00

CPC classification number: H04N21/4627 ,  H04N21/8355

Abstract: A Set Top Box (STB) or client computer includes a communication interface operable to receive digital messages and digital content, memory, a transcoder, a central processing unit, and security processing circuitry. The security processor (or other components of the STB) is operable to identify protected digital content of the digital content that is to be isolated from the central processing unit during transcoding and to isolate the protected digital content from the central processing unit during the transcoding. The CPU may be denied access to a protected portion of the memory during the transcoding in which the transcoder stores non-scrambled protected digital content. The protected portion of the memory may be buffer memory accessible by the transcoder and not accessible by the central processing unit. The protected digital content may be identified from the digital message.

Abstract translation: 机顶盒（STB）或客户计算机包括可操作以接收数字消息和数字内容的通信接口，存储器，代码转换器，中央处理单元和安全处理电路。 安全处理器（或STB的其他组件）可操作以识别在代码转换期间与中央处理单元隔离的数字内容的受保护数字内容，并且在转码期间将受保护的数字内容与中央处理单元隔离开。 在代码转换器存储非加密保护的数字内容的代码转换期间，CPU可能被拒绝访问存储器的受保护部分。 存储器的受保护部分可以是可由代码转换器访问的缓冲存储器，并且不能被中央处理单元访问。 受保护的数字内容可以从数字消息中识别。

公开(公告)号：US20120224688A1

公开(公告)日：2012-09-06

申请号：US13074083

申请日：2011-03-29

Applicant: Steve (Stephane) Rodgers ,  Sherman (Xuemin) Chen

Inventor： Steve (Stephane) Rodgers ,  Sherman (Xuemin) Chen

IPC: H04N7/167

CPC classification number: H04N21/4627 ,  H04N21/8355

Abstract: A Set Top Box (STB) or client computer includes a communication interface operable to receive digital messages and digital content, memory operable, and processing circuitry coupled to the communication interface and to the memory. The STB is operable to receive a digital message, extract a key portion from the digital message, decrypt the key portion, descramble the digital content using the decrypted key portion, extract a rights portion from the digital message, decrypt the rights portion, determine protected and unprotected digital content based upon the rights portion, write the unprotected digital content to an unprotected portion of the memory, and write the protected digital content to a protected portion of the memory. The decrypted key portion may include a plurality of Program IDs (PIDs) and the decrypted rights portion may include protection data for each PID. A security processor may prevent a central processing unit from accessing the protected portion of the memory.

Abstract translation: 机顶盒（STB）或客户端计算机包括可操作以接收数字消息和数字内容的通信接口，可操作的存储器，以及耦合到通信接口和存储器的处理电路。 STB可操作以接收数字消息，从数字消息中提取密钥部分，解密密钥部分，使用解密密钥部分对数字内容进行解扰，从数字消息中提取权限部分，解密权限部分，确定受保护的 以及基于权利部分的未受保护的数字内容，将未受保护的数字内容写入存储器的未受保护的部分，并将受保护的数字内容写入存储器的受保护部分。 解密的密钥部分可以包括多个节目ID（PID），并且解密的权限部分可以包括每个PID的保护数据。 安全处理器可以防止中央处理单元访问存储器的受保护部分。

公开(公告)号：US20120216038A1

公开(公告)日：2012-08-23

申请号：US13170764

申请日：2011-06-28

Applicant: Xuemin Chen ,  Stephane Rodgers ,  Rajesh Mamidwar

Inventor： Xuemin Chen ,  Stephane Rodgers ,  Rajesh Mamidwar

IPC: G06F15/16 ,  H04L9/32

CPC classification number: H04N21/4402 ,  H04L9/083 ,  H04L9/14 ,  H04L63/0428 ,  H04L63/062 ,  H04L2209/60 ,  H04N21/26613 ,  H04N21/43615 ,  H04N21/4408 ,  H04N21/44231 ,  H04N21/4621 ,  H04N21/4623 ,  H04N21/63345 ,  H04N21/64322 ,  H04N21/8456

Abstract: A home gateway may be used to handle at least a portion of processing of content obtained for consumption by client devices serviced via the home gateway. The home gateway may receive a single copy of content having a first format, and may convert the received content to one or more other formats suitable for presentation by at least one of the client devices based on knowledge of the client devices. The home gateway may maintain secure and/or protected access of the content handled via the home gateway. During protected access the home gateway may partition the content into a plurality of encrypted segments that are forwarded separately to the client devices. The client devices may utilize a corresponding plurality of encryption keys for decrypting the encrypted segments. The encryption keys may be obtained from an external key server. The home gateway may also generate the encryption keys.

Abstract translation: 家庭网关可以用于处理通过家庭网关服务的客户端设备获得的用于消费的内容的处理的至少一部分。 家庭网关可以接收具有第一格式的内容的单个副本，并且可以基于客户端设备的知识将接收的内容转换成适合于至少一个客户端设备呈现的一个或多个其他格式。 家庭网关可以保持通过家庭网关处理的内容的安全和/或受保护的访问。 在受保护的访问期间，家庭网关可以将内容分割成分别转发到客户端设备的多个加密段。 客户端设备可以利用相应的多个加密密钥来解密加密的段。 可以从外部密钥服务器获得加密密钥。 家庭网关也可以生成加密密钥。

公开(公告)号：US20120030391A1

公开(公告)日：2012-02-02

申请号：US13252484

申请日：2011-10-04

Applicant: Stephane Rodgers ,  Xuemin Chen

Inventor： Stephane Rodgers ,  Xuemin Chen

IPC: G06F13/00

CPC classification number: H04N7/1675 ,  G06F21/79 ,  G06F2221/2107 ,  H04N21/4181 ,  H04N21/4367

Abstract: A slave device may receive commands from a host device communicatively coupled to the slave device, via a secure interface configured between the slave device and the host device over that coupling. An integrated memory within the slave device may be configured into a plurality of memory portions or regions based on the received commands. The memory regions may be utilized during operations associated with authentication of subsequent commands from the host device. A first memory region may enable storage of encrypted host commands and data. A second region may enable storage of decrypted host commands and data. A third region may enable storage of internal variables and/or intermediate results from operations performed by the slave device. Another region may comprise internal registers that enable storage of information only accessible to the slave device. Access to some of the memory regions may be controlled and/or restricted by the slave device

Abstract translation: 从设备可以经由通过该耦合在从设备和主机设备之间配置的安全接口从通信地耦合到从设备的主机设备接收命令。 可以根据所接收的命令将从设备内的集成存储器配置成多个存储器部分或区域。 可以在与来自主机设备的后续命令的认证相关联的操作期间利用存储器区域。 第一存储器区域可以实现加密的主机命令和数据的存储。 第二区域可以实现解密的主机命令和数据的存储。 第三区域可以实现从设备执行的操作的内部变量和/或中间结果的存储。 另一区域可以包括内部寄存器，其能够存储只能由从设备访问的信息。 对一些存储器区域的访问可以被从设备控制和/或限制

公开(公告)号：US20110219242A1

公开(公告)日：2011-09-08

申请号：US13112801

申请日：2011-05-20

Applicant: Stephane Rodgers

Inventor： Stephane Rodgers

IPC: G06F12/14 ,  G06F21/00

CPC classification number: G06F21/6209 ,  G06F21/52 ,  G06F21/6281 ,  G06F2221/2105

Abstract: A secure processor in a PC-slave device may manage secure loading of execution code and/or data, which may be stored, in encrypted form, in a PC hard-drive. The secure processor may cause decryption of the execution code and/or data by the PC-slave device, and storage of the decrypted execution code and/or data in a restricted portion of a memory that is dedicated for use by the PC-slave device, with the restricted portion of the dedicated memory being only accessible by the PC-slave device. The secure processor may validate decrypted execution code and/or data. The secure processor may block operations of a main processor in the PC-slave device during secure loading of execution code and/or data, and may discontinue that blocking after validating the decrypted execution code and/or data. The secure processor may store encryption keys that are utilized during decryption of the encrypted execution code and/or data.

Abstract translation: PC从设备中的安全处理器可以管理可以以加密形式存储在PC硬盘驱动器中的执行代码和/或数据的安全加载。 安全处理器可以引起PC从设备对执行代码和/或数据的解密，以及解密的执行代码和/或数据在专用于PC从设备的存储器的限制部分中的存储 专用存储器的限制部分只能由PC从设备访问。 安全处理器可验证解密的执行代码和/或数据。 在执行代码和/或数据的安全加载期间，安全处理器可以阻止PC从设备中的主处理器的操作，并且可以在验证解密的执行代码和/或数据之后中断该阻塞。 安全处理器可以存储在解密加密的执行代码和/或数据期间使用的加密密钥。

公开(公告)号：US07966465B2

公开(公告)日：2011-06-21

申请号：US12015648

申请日：2008-01-17

Applicant: Stephane Rodgers

Inventor： Stephane Rodgers

IPC: G06F12/00

CPC classification number: G06F21/6209 ,  G06F21/52 ,  G06F21/6281 ,  G06F2221/2105

Abstract: A PC-slave device may securely load and decrypt an execution code and/or data, which may be stored, encrypted, in a PC hard-drive. The PC-slave device may utilize a dedicated memory, which may be partitioned into an accessible region and a restricted region that may only be accessible by the PC-slave device. The encrypted execution code and/or may be loaded into the accessible region of the dedicated memory; the PC-slave device may decrypt the execution code and/or data, internally, and store the decrypted execution code and/or data into the restricted region of the dedicated memory. The decrypted execution code and/or data may be validated, and may be utilized from the restricted region. The partitioning of the dedicated memory, into accessible and restricted regions, may be performed dynamically during secure code loading. The PC-slave device may comprise a dedicated secure processor that may perform and/or manage secure code loading.

Abstract translation: PC从设备可以安全地加载和解密可以存储，加密的PC硬盘驱动器中的执行代码和/或数据。 PC从设备可以利用专用存储器，其可以被划分为只能由PC从设备访问的可访问区域和受限区域。 加密的执行代码和/或可以被加载到专用存储器的可访问区域中; PC从设备可以在内部解密执行代码和/或数据，并将解密的执行代码和/或数据存储到专用存储器的受限区域中。 解密的执行代码和/或数据可以被验证，并且可以从受限区域使用。 可以在安全代码加载期间动态地执行专用存储器到可访问和限制区域的划分。 PC从设备可以包括可以执行和/或管理安全代码加载的专用安全处理器。

公开(公告)号：US20080086641A1

公开(公告)日：2008-04-10

申请号：US11743533

申请日：2007-05-02

Applicant: Stephane Rodgers ,  Andrew Dellow

Inventor： Stephane Rodgers ,  Andrew Dellow

IPC: H04L9/32

CPC classification number: H04L9/3247 ,  G06F21/10 ,  G06F2221/0711 ,  G06F2221/0771 ,  H04L9/0891 ,  H04L63/0435 ,  H04L63/123 ,  H04L63/1458 ,  H04L2209/60 ,  H04L2209/605 ,  H04L2463/062

Abstract: Methods and systems for preventing revocation denial of service attacks are disclosed and may include receiving and decrypting a command for revoking a secure key utilizing a hidden key, and revoking the secure key upon successful verification of a signature. The command may comprise a key ID that is unique to a specific set-top box. A key corresponding to the command for revoking the secure key may be stored in a one-time programmable memory, compared to a reference, and the security key may be revoked based on the comparison. The command for revoking the secure key may be parsed from a transport stream utilizing a hardware parser. The method and system may also comprise generating a command for revoking a secure key. The command may be encrypted and signed utilizing a hidden key and may comprise a key ID that is unique to a specific set-top box.

Abstract translation: 公开了用于防止撤销拒绝服务攻击的方法和系统，并且可以包括使用隐藏密钥接收和解密用于撤销安全密钥的命令，以及在成功验证签名时撤销安全密钥。 该命令可以包括特定机顶盒唯一的密钥ID。 与参考相比，与撤销安全密钥的命令相对应的密钥可以存储在一次性可编程存储器中，并且可以基于比较来撤销安全密钥。 用于撤销安全密钥的命令可以使用硬件解析器从传输流中解析出来。 该方法和系统还可以包括生成用于撤销安全密钥的命令。 命令可以使用隐藏密钥进行加密和签名，并且可以包括特定机顶盒唯一的密钥ID。

公开(公告)号：US20070266438A1

公开(公告)日：2007-11-15

申请号：US11558630

申请日：2006-11-10

Applicant: Stephane Rodgers ,  Xuemin Chen

Inventor： Stephane Rodgers ,  Xuemin Chen

IPC: H04N7/16 ,  G06F12/14

CPC classification number: H04N7/1675 ,  G06F21/79 ,  G06F2221/2107 ,  H04N21/4181 ,  H04N21/4367

Abstract: Aspects of a method and system for memory attack protection to achieve a secure interface are provided. An integrated memory within a slave device may be configured into a plurality of memory portions or regions by commands from a host device. The memory regions may be utilized during operations associated with authentication of subsequent commands from the host device. A first memory region may enable storage of encrypted host commands and data. A second region may enable storage of decrypted host commands and data. A third region may enable storage of internal variables and/or intermediate results from operations performed by the slave device. Another region may comprise internal registers that enable storage of information only accessible to the slave device. Access to some of the memory regions may be controlled by a bus controller and/or a memory interface integrated within the slave device.

Abstract translation: 提供了一种用于内存攻击保护以实现安全接口的方法和系统。 从设备中的集成存储器可以通过来自主机设备的命令被配置成多个存储器部分或区域。 可以在与来自主机设备的后续命令的认证相关联的操作期间利用存储器区域。 第一存储器区域可以实现加密的主机命令和数据的存储。 第二区域可以实现解密的主机命令和数据的存储。 第三区域可以实现从设备执行的操作的内部变量和/或中间结果的存储。 另一区域可以包括内部寄存器，其能够存储只能由从设备访问的信息。 访问某些存储区域可以由集成在从设备中的总线控制器和/或存储器接口来控制。