System and method to securely store information in a recoverable manner on an untrusted system
    61.
    发明授权
    System and method to securely store information in a recoverable manner on an untrusted system 失效
    在不可信系统上以可恢复的方式安全地存储信息的系统和方法

    公开(公告)号:US06920563B2

    公开(公告)日:2005-07-19

    申请号:US09754396

    申请日:2001-01-05

    CPC分类号: H04L9/0894

    摘要: A method (and system) for storing information in a recoverable manner on an untrusted system, includes sending, by a client, a request to a recovery server for recovery of a failed database, determining whether the request is legitimate, based on the determining, sending a local key to the client, decrypting by the client the failed database with the local key, to recover the failed database, and re-encrypting the recovered database with a new key.

    摘要翻译: 一种用于在不可信系统上以可恢复的方式存储信息的方法(和系统),包括:由客户端向所述恢复服务器发送用于恢复故障数据库的请求,基于所述确定来确定所述请求是否合法, 向客户端发送本地密钥,由客户端使用本地密钥解密失败的数据库,以恢复故障的数据库,并使用新的密钥重新加密恢复的数据库。

    Intermediate system transmitting relevant selections based on permutation function applied consumer/information signature vectors for privacy
    62.
    发明授权
    Intermediate system transmitting relevant selections based on permutation function applied consumer/information signature vectors for privacy 有权
    中间系统基于置换功能发送相关选择应用消费者/信息签名向量进行隐私

    公开(公告)号:US06345289B1

    公开(公告)日:2002-02-05

    申请号:US09300437

    申请日:1999-04-28

    IPC分类号: G06F1760

    摘要: A method and system for client/server communications in which stored user information controls revealed and delivered information. A client system is Communicatively coupled to a server through an intermediate system, which acts as a persona module. User information about a user on the client system is stored on the client system. Information about advertising information is stored on the server. The intermediate system receives information about user information from the client system and information about advertising information from the server. The intermediate system acts as a user's agent to filter out irrelevant advertisement material. The intermediate system can also function to customize the advertisements received by the client system from the server, but not returning information about the user's interest or preferences to the server. A user's privacy may be further protected if the information returned to a server is at least partially untruthful.

    摘要翻译: 用于客户/服务器通信的方法和系统,其中存储的用户信息控件显示和传递信息。 客户机系统通过中间系统通信地耦合到服务器,中间系统充当角色模块。 关于客户端系统上的用户的用户信息存储在客户端系统上。 有关广告信息的信息存储在服务器上。 中间系统从客户端系统接收关于用户信息的信息,以及从服务器发送的关于广告信息的信息。 中间系统充当用户代理,以过滤掉不相关的广告资料。 中间系统还可以用于定制客户端系统从服务器接收的广告,但是不向服务器返回有关用户兴趣或偏好的信息。 如果返回到服务器的信息至少部分不真实,则用户的隐私可能会进一步受到保护。

    Method and system for protection of digital information
    63.
    发明授权
    Method and system for protection of digital information 失效
    数字信息保护方法及系统

    公开(公告)号:US06038316A

    公开(公告)日:2000-03-14

    申请号:US936207

    申请日:1997-09-24

    摘要: An information processing system including an encryption processing logic module and a decryption processing logic module for enabling the encryption of digital information to be decrypted with a decryption key K. The encryption processing module includes logic for encrypting the digital information, distributing the digital information and authorizing a user to decrypt the information. The decryption processing module includes logic for the user to communicate a user number n.sub.i to receive an authorization number a.sub.i from the authorization logic in the encryption processing module and extrication logic for extricating the decryption key. The user number n.sub.i uniquely identifies, and is valuable to, the user, so valuable in fact that the user would be unwilling to publically dislcose it. The extrication logic operates on a digital signet pair (a.sub.i, n.sub.i) consisting of the authorization number and user number, to extract K. The decryption logic then uses K to make the content available to the user. The extrication function is fully available to the user as a publicly-computable function in which it is computationally infeasible to use the extrication function to determine other valid digital signet pairs which can be used to extract K.

    摘要翻译: 一种包括加密处理逻辑模块和解密处理逻辑模块的信息处理系统,用于能够利用解密密钥K解密数字信息的加密。加密处理模块包括用于加密数字信息,分发数字信息和授权的逻辑 用户解密信息。 解密处理模块包括用于使用户传达用户号码ni以从加密处理模块中的授权逻辑接收授权号码ai的逻辑,以及用于解密密钥的解密逻辑。 用户号ni唯一地标识并且对于用户是有价值的,实际上用户将不愿意公开地将其弄糟。 提取逻辑在由授权号码和用户号码组成的数字签名对(ai,ni)上进行操作,以提取K。解密逻辑然后使用K使内容可供用户使用。 提取函数作为可公开计算的函数完全可用于其中,其中计算上不可行地使用提取函数来确定可用于提取K的其他有效数字签名对。

    Simple nonautonomous peering media clone detection

    公开(公告)号:US10740453B2

    公开(公告)日:2020-08-11

    申请号:US12839105

    申请日:2010-07-19

    摘要: A playback device includes a port configured to receive content from an external memory device, a device memory residing in the device, and a controller programmed to execute instructions that cause the controller to read a read data pattern from the defined region in the external memory device and determine if the read data pattern correlates to an expected data pattern to a predetermined level, wherein the expected data pattern is derived at least in part from a defect map of the defined region. A memory device includes an array of memory cells configured to store at least one bit of data, the array of memory cells being organized into regions, at least one first region of the array of memory cells having stored therein a defect map of the array of memory cells, and at least one second region of the array of memory cells being designated as a defined region having a known defect pattern. A method of validating a memory device includes writing, using a controller in a playback device, a known data pattern to a defined region in the memory device, reading, with the controller, a read data pattern from the defined region, comparing, at the controller, the read data pattern to an expected data pattern, the expected data pattern derived from the known data pattern and a defect map of the defined region, and validating, with the controller, the memory device based upon a correlation result from the comparing.

    System and method for tracing Tardos fingerprint codes
    65.
    发明授权
    System and method for tracing Tardos fingerprint codes 有权
    跟踪Tardos指纹码的系统和方法

    公开(公告)号:US07975313B2

    公开(公告)日:2011-07-05

    申请号:US11838835

    申请日:2007-08-14

    摘要: A system and method is provided for identifying the source of an unauthorized copy of content. The method includes embedding a unique user fingerprint code to into each of a plurality of authorized copies of content and identifying an unknown fingerprint code in an unauthorized copy of the content. Each member of the unknown fingerprint code is compared to each corresponding member in each of the user fingerprint codes. A score is assigned to each of the user fingerprint codes based on the comparison and users associated with scores exceeding a threshold are identified as a source of the unauthorized copy.

    摘要翻译: 提供了一种系统和方法,用于识别未经授权的内容副本的来源。 该方法包括将唯一用户指纹码嵌入到内容的多个授权副本中的每一个中,并且在未经授权的内容副本中识别未知指纹码。 将未知指纹码的每个成员与每个用户指纹码中的每个相应成员进行比较。 基于比较将得分分配给每个用户指纹码,并将与超过阈值的分数相关联的用户识别为未经授权复制的来源。

    Content guard system for copy protection of recordable media
    66.
    发明授权
    Content guard system for copy protection of recordable media 有权
    可录制媒体复制保护的内容保护系统

    公开(公告)号:US07770030B2

    公开(公告)日:2010-08-03

    申请号:US12052083

    申请日:2008-03-20

    IPC分类号: G06F12/14 H04N7/167

    CPC分类号: G11B20/00086 G11B20/00362

    摘要: A system and method for enabling broadcast programs to be copied once only by consumer recorders includes writing a unique media identification on each blank disk to which content is to copied in a read-only area of the disk before it is initially recorded. Also, a one-way key management media key block is written to the disk. A content key is derived by combining a media key, derived from the media key block, with the media identification. Additionally, to facilitate copying the content one time only, an exchange key is established between the recorder and a sender such as a satellite receiver or a disk player that is associated with the recorder, and the exchange key is modified with one or more special numbers representing control commands including copy once and copy no more. The modified exchange key is then encrypted using the content key to render an encrypted modified exchange key, and the encrypted modified exchange key is then hashed with a nonce to render a bus content key. The bus content key is then used to encrypt the data for copying the data to a disk. Unauthorized attempts to copy the data after the first authorized copy has been made cannot succeed because the media ID is different on subsequent blank media. Further, if illegal clones are manufactured that can calculate the media key, new blank media can change the media key block such that the clones can no longer calculate the correct media key. Authorized players, however, can decrypt the data to display it.

    摘要翻译: 仅通过消费者记录器使广播节目能够被复制一次的系统和方法包括在最初记录盘之前,将要复制内容的每个空白盘上写入唯一的媒体标识在盘的只读区域中。 此外,单向密钥管理媒体密钥块被写入磁盘。 通过将从媒体密钥块导出的媒体密钥与媒体标识组合来导出内容密钥。 此外,为了便于一次复制内容,在记录器和与记录器相关联的诸如卫星接收机或磁盘播放器的发送者之间建立交换密钥,并且交换密钥被修改为一个或多个特殊号码 代表控制命令,包括复制一次,不复制。 然后,使用内容密钥对修改的交换密钥进行加密,以呈现加密的修改的交换密钥,然后将加密的修改的交换密钥与随机数进行散列以呈现总线内容密钥。 总线内容密钥然后用于加密用于将数据复制到磁盘的数据。 未经授权的尝试在第一个授权复印件之后复制数据将无法成功,因为随后的空白介质上的介质ID不同。 此外,如果制造可以计算媒体密钥的非法克隆,则新的空白媒体可以改变媒体密钥块,使得克隆不再能够计算正确的媒体密钥。 然而,授权玩家可以解密数据以显示它。

    Method for broadcast encryption and key revocation of stateless receivers
    67.
    发明授权
    Method for broadcast encryption and key revocation of stateless receivers 失效
    无状态接收机的广播加密和密钥撤销方法

    公开(公告)号:US07698551B2

    公开(公告)日:2010-04-13

    申请号:US11117677

    申请日:2005-04-28

    IPC分类号: H04L9/00

    摘要: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

    摘要翻译: 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时,撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥,会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥,因此可以解密内容。

    CONTENT GUARD SYSTEM FOR COPY PROTECTION OF RECORDABLE MEDIA
    68.
    发明申请
    CONTENT GUARD SYSTEM FOR COPY PROTECTION OF RECORDABLE MEDIA 有权
    用于复制保护可记录媒体的内容保护系统

    公开(公告)号:US20080181410A1

    公开(公告)日:2008-07-31

    申请号:US12052083

    申请日:2008-03-20

    IPC分类号: H04L9/06

    CPC分类号: G11B20/00086 G11B20/00362

    摘要: A system and method for enabling broadcast programs to be copied once only by consumer recorders includes writing a unique media identification on each blank disk to which content is to copied in a read-only area of the disk before it is initially recorded. Also, a one-way key management media key block is written to the disk. A content key is derived by combining a media key, derived from the media key block, with the media identification. Additionally, to facilitate copying the content one time only, an exchange key is established between the recorder and a sender such as a satellite receiver or a disk player that is associated with the recorder, and the exchange key is modified with one or more special numbers representing control commands including copy once and copy no more. The modified exchange key is then encrypted using the content key to render an encrypted modified exchange key, and the encrypted modified exchange key is then hashed with a nonce to render a bus content key. The bus content key is then used to encrypt the data for copying the data to a disk. Unauthorized attempts to copy the data after the first authorized copy has been made cannot succeed because the media ID is different on subsequent blank media. Further, if illegal clones are manufactured that can calculate the media key, new blank media can change the media key block such that the clones can no longer calculate the correct media key. Authorized players, however, can decrypt the data to display it.

    摘要翻译: 仅通过消费者记录器使广播节目能够被复制一次的系统和方法包括在最初记录盘之前,将要复制内容的每个空白盘上写入唯一的媒体标识在盘的只读区域中。 此外,单向密钥管理媒体密钥块被写入磁盘。 通过将从媒体密钥块导出的媒体密钥与媒体标识组合来导出内容密钥。 此外,为了便于一次复制内容,在记录器和与记录器相关联的诸如卫星接收机或磁盘播放器的发送者之间建立交换密钥,并且交换密钥被修改为一个或多个特殊号码 代表控制命令,包括复制一次,不复制。 然后,使用内容密钥对修改的交换密钥进行加密,以呈现加密的修改的交换密钥,然后将加密的修改的交换密钥与随机数进行散列以呈现总线内容密钥。 总线内容密钥然后用于加密用于将数据复制到磁盘的数据。 未经授权的尝试在第一个授权复印件之后复制数据将无法成功,因为随后的空白介质上的介质ID不同。 此外,如果制造可以计算媒体密钥的非法克隆,则新的空白媒体可以改变媒体密钥块,使得克隆不再能够计算正确的媒体密钥。 然而,授权玩家可以解密数据以显示它。

    Method for assigning encryption keys
    70.
    发明授权
    Method for assigning encryption keys 有权
    分配加密密钥的方法

    公开(公告)号:US06947563B2

    公开(公告)日:2005-09-20

    申请号:US09789451

    申请日:2001-02-20

    摘要: An encryption key matrix has rows grouped into segments, with a set of one segment per column establishing a slot. Slots are assigned to device manufacturers, with the keys of the slots then being assigned to decryption devices made by the respective manufacturer. In generating the slots, the number “q” of segments in a column is first defined such that a predetermined maximum number of devices can be revoked devices (in that all the keys held by the device are revoked) while ensuring that a good device remains a functional device with a probability of at least (1−Q), wherein Q is a predefined device confidence. Once the number “q” of segments has been defined, the slots themselves are defined in a provably non-discriminatory fashion using an error-correcting code such as a Reed-Solomon code. With this invention, overlap between slots can be minimized to minimize the possibility that the key set of an innocent device might be inadvertently revoked when the keys in the slots of a “bad” manufacturer are revoked.

    摘要翻译: 加密密钥矩阵将行分组成段,每列建立一个段的一组。 插槽被分配给设备制造商,然后插槽的密钥被分配给由相应制造商制造的解密设备。 在产生时隙中,首先定义列中的段数“q”,使得可以撤销预定的最大数量的设备(因为设备保持的所有密钥被撤销),同时确保良好设备保持 具有至少(1-Q)的概率的功能设备,其中Q是预定义的设备置信度。 一旦已经定义了段数“q”,则使用纠错码(例如里德 - 所罗门码)以可证明的非歧视方式来定义时隙本身。 利用本发明,可以最小化时隙之间的重叠,以最小化当“坏”制造商的时隙中的密钥被撤销时,无辜设备的密钥组可能被无意中撤销的可能性。