公开(公告)号：US07600118B2

公开(公告)日：2009-10-06

申请号：US10256803

申请日：2002-09-27

申请人： David A. Lee ,  Gary L Graunke ,  C. Brendan Traw

发明人： David A. Lee ,  Gary L Graunke ,  C. Brendan Traw

IPC分类号： G06F21/00 ,  H04L9/00 ,  H04K1/00

CPC分类号： H04L9/0844 ,  H04L2209/60

摘要： In a cryptographic system, a nonce is removed from a communication stream. The nonce is encrypted based on a shared secret. The encrypted nonce is inserted into the communication stream. The encrypted nonce is removed from the communication stream. The encrypted nonce is decrypted based on the shared secret formed by an authenticated key exchange. The decrypted nonce is inserted into the communication stream. The nonce may be an An value generated by a HDCP function. The authenticated key exchange may use Diffie-Hellman Key Exchange.

摘要翻译： 在密码系统中，从通信流中删除随机数。 该随机数是基于共享密钥进行加密的。 加密的随机数插入到通信流中。 加密的随机数从通信流中删除。 基于由认证密钥交换形成的共享秘密对加密的随机数进行解密。 解密的随机数被插入到通信流中。 随机数可以是由HDCP功能生成的值。 经认证的密钥交换可以使用Diffie-Hellman密钥交换。

公开(公告)号：US06920221B1

公开(公告)日：2005-07-19

申请号：US09540190

申请日：2000-03-31

申请人： Robert W. Faber ,  David A. Lee ,  Brendan Traw ,  Gary L. Graunke ,  Richard P. Mangold

发明人： Robert W. Faber ,  David A. Lee ,  Brendan Traw ,  Gary L. Graunke ,  Richard P. Mangold

IPC分类号： G06F21/00 ,  H04N7/167 ,  H04L9/32

CPC分类号： H04N21/4122 ,  G06F21/10 ,  G06F21/445 ,  G06F2221/2103 ,  G06F2221/2107 ,  H04N7/1675 ,  H04N21/4367 ,  H04N21/4408

摘要： A video source application in a video source device requests from a video hardware interface of the video source device status with respect to a link linking the video source device to an external video sink device, and supplements the status request with a first basis value to a symmetric ciphering/deciphering process. The video source application, upon receiving from the video hardware interface the requested status and a verification key, generated using said symmetric ciphering/deciphering process and employing the first basis value, verifies the correctness of the verification key to determine whether to trust said provided status. In like manner, the video source application requests from the video hardware interface a secret the video hardware interface uses to cipher video to be transmitted by the video hardware interface to the external video sink device. The secret request is supplemented with a second basis value to the symmetric ciphering/deciphering process. The secret is returned in a cipher form, ciphered using a ciphering key generated using the second basis value. The video source application deciphers the secret using its own independently generated copy of the ciphering key.

摘要翻译： 视频源设备中的视频源应用相对于将视频源设备链接到外部视频接收设备的链接，从视频源设备的视频硬件接口请求状态，并将第一基础值的状态请求补充到 对称加密/解密过程。 视频源应用程序在从视频硬件接口接收到使用所述对称加密/解密处理并采用第一基值产生的请求状态和验证密钥时，验证验证密钥的正确性以确定是否信任所提供的状态 。 以类似的方式，视频源应用程序从视频硬件接口请求视频硬件接口用于将视频硬件接口传输的视频加密到外部视频接收器设备的秘密。 秘密请求以对称加密/解密处理的第二基础值补充。 秘密以加密形式返回，使用使用第二基础值生成的加密密钥进行加密。 视频源应用程序使用其自己独立生成的加密密钥的副本来解密秘密。

公开(公告)号：US06477252B1

公开(公告)日：2002-11-05

申请号：US09385590

申请日：1999-08-29

申请人： Robert W. Faber ,  David A. Lee ,  Brendan S. Traw ,  Gary L. Graunke

发明人： Robert W. Faber ,  David A. Lee ,  Brendan S. Traw ,  Gary L. Graunke

IPC分类号： H04N7167

CPC分类号： H04N21/4367 ,  G06F21/445 ,  G06F2221/2103 ,  G06F2221/2107 ,  G11B20/00086 ,  H04K1/00 ,  H04L9/0662 ,  H04L9/0866 ,  H04L2209/60 ,  H04N7/1675 ,  H04N21/25816 ,  H04N21/4122 ,  H04N21/4143 ,  H04N21/4627 ,  H04N21/63345

摘要： A video source device provides a basis value to a symmetric ciphering/deciphering process to a video sink device, to which the video source device is to provide a video content. The video source device ciphers the video content for transmission to the video sink device, including generation of a first cipher key through functional transformation of the basis value. The video source device further verifies periodically that the transmitted video content is indeed being symmetrically deciphered by the video sink device. The video sink device practices symmetric deciphering, including generation of a first decipher key through functional transformation of the basis value. The video sink device also provides verification values to the video source device to facilitate confirmation of symmetric deciphering. In one embodiment, the video source and sink devices further authenticate each other, including generation of an authentication key, which is used in the generation of the first cipher/decipher key.

摘要翻译： 视频源设备向视频信宿设备提供对称加密/解密处理的基础值，视频源设备将提供视频内容。 视频源设备加密用于传输到视频宿设备的视频内容，包括通过基础值的功能转换来生成第一密码密钥。 视频源设备进一步验证所发送的视频内容确实被视频宿设备对称地解密。 视频宿设备实行对称解密，包括通过基础值的功能转换生成第一解密密钥。 视频宿设备还向视频源设备提供验证值以便于对称解密的确认。 在一个实施例中，视频源和宿设备进一步认证彼此，包括生成认证密钥，其用于生成第一密码/解密密钥。

公开(公告)号：US06947558B1

公开(公告)日：2005-09-20

申请号：US09385589

申请日：1999-08-29

申请人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

发明人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

IPC分类号： H04K1/06 ,  H04L9/00 ,  H04L9/06 ,  H04L9/18

CPC分类号： H04L9/0618 ,  H04L9/065 ,  H04L2209/08 ,  H04L2209/12

摘要： A stream cipher is provided with one or more data bit generators to generate a first, second and third set of data bits. The stream cipher is further provided with a combiner function having a network of shuffle units to combine the third set of data bits, using the first and second sets of data bits as first input data bits and control signals respectively of the network of shuffle units. In one embodiment, the shuffle units are binary shuffle units and they are serially coupled to one another.

摘要翻译： 流密码器被提供有一个或多个数据位发生器以产生第一，第二和第三组数据位。 流密码还被提供有组合器功能，其具有混洗单元网络，以组合第三组数据位，使用第一和第二组数据位作为分别为混洗单元网络的第一输入数据位和控制信号。 在一个实施例中，混洗单元是二进制洗牌单元，并且它们彼此串联耦合。

公开(公告)号：US07068786B1

公开(公告)日：2006-06-27

申请号：US09385591

申请日：1999-08-29

申请人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

发明人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

IPC分类号： H04L9/00 ,  H04K1/06

CPC分类号： H04L9/0618 ,  H04L9/065 ,  H04L2209/34

摘要： A dual use block/stream cipher is provided with a first key section and a data section. The first key section is to be initialized with a first cipher key, and to successively transform the first cipher key or a modified version of the first cipher key. The data section, coupled to the first key section, is to be initialized with either a block of plain text or a random number, and to successively and dependently, on the first key section, transform the plain text/random number. The cipher is further provided with a second key section and a mapping function. The second key section, coupled to the first key section, is selectively enableable to modify the first cipher key. The mapping section, coupled to the first key section, is to generate a pseudo random bit sequence when the second key section is selectably enabled to modify the stored first cipher key.

摘要翻译： 双重使用块/流密码提供有第一密钥部分和数据部分。 第一密钥部分将用第一密码密钥初始化，并且连续地变换第一密码密钥或第一密码密钥的修改版本。 耦合到第一关键部分的数据部分将用明文或随机数的块来初始化，并且依次依赖地在第一关键部分上转换纯文本/随机数。 该密码还具有第二密钥部分和映射功能。 耦合到第一密钥部分的第二密钥部分选择性地能够修改第一密码密钥。 耦合到第一密钥部分的映射部分是当可选择地使能第二密钥部分来修改所存储的第一密码密钥时，生成伪随机比特序列。

公开(公告)号：US06731758B1

公开(公告)日：2004-05-04

申请号：US09385592

申请日：1999-08-29

申请人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

发明人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

IPC分类号： H04N7167

CPC分类号： H04N21/4183 ,  H04N7/1675 ,  H04N21/4108 ,  H04N21/4181 ,  H04N21/4627 ,  H04N21/63345 ,  H04N21/63775

摘要： A video source device generates a session key for each transmission session wherein a multi-frame video content is to be transmitted to a video sink device. The video source device uses the session key to generate a successive number of frame keys. The frame keys in turn are used to generate corresponding pseudo random bit sequences for ciphering the corresponding frames to protect the video content from unauthorized copying during transmission. The video sink device practices a complementary approach to decipher the received video content. In one embodiment, both devices are each provided with an integrated block/stream cipher to practice the transmission protection method.

摘要翻译： 视频源设备为每个传输会话生成会话密钥，其中将多帧视频内容发送到视频宿设备。 视频源设备使用会话密钥来生成连续数量的帧密钥。 这些帧密钥依次用于生成相应的伪随机比特序列，用于加密对应的帧，以保护视频内容免于在传输期间的未经授权的复制。 视频接收器设备实现了对接收的视频内容进行解密的补充方法。 在一个实施例中，两个设备都被提供有集成的块/流密码以实现传输保护方法。

公开(公告)号：US07426274B2

公开(公告)日：2008-09-16

申请号：US10773850

申请日：2004-02-05

申请人： Robert W. Faber ,  David A. Lee ,  Brendan S. Traw ,  Gary L. Graunke

发明人： Robert W. Faber ,  David A. Lee ,  Brendan S. Traw ,  Gary L. Graunke

IPC分类号： H04N7/167 ,  H04L9/00

CPC分类号： H04N21/4122 ,  G06F21/10 ,  G06F21/445 ,  G06F2221/2103 ,  G06F2221/2107 ,  H04N7/1675 ,  H04N21/4367 ,  H04N21/4408

摘要： A video source device includes a cipher unit. The video source device uses the cipher unit to generate cipher bits for ciphering video to be transmitted to protect the video from unauthorized copying. The video source device authenticates video receiving devices using a symmetric ciphering/deciphering process that requires the video source device to generate and provide the video receiving device with a pseudo random number as the seed/basis number for the symmetric ciphering/deciphering process. The video source device is further provided with a state machine that controls the cipher unit to generate the required pseudo random number for the video source devices, thereby eliminating the need of having to provide separate circuitry to generate the required pseudo random numbers.

摘要翻译： 视频源设备包括密码单元。 视频源设备使用密码单元来生成用于加密要发送的视频的密码比特，以保护视频免受未经授权的复制。 视频源设备使用对称加密/解密处理对视频接收设备进行认证，该处理要求视频源设备生成并向视频接收设备提供伪随机数作为对称加密/解密处理的种子/基数。 视频源设备还设置有状态机，其控制密码单元以生成视频源设备所需的伪随机数，从而不需要提供分离的电路来生成所需的伪随机数。

公开(公告)号：US07233666B2

公开(公告)日：2007-06-19

申请号：US10448780

申请日：2003-05-29

申请人： David A. Lee ,  Gary L. Graunke

发明人： David A. Lee ,  Gary L. Graunke

IPC分类号： H04L9/00

CPC分类号： H04L9/0662 ,  G06F7/58 ,  H04L2209/605

摘要： A method and apparatus for increasing the entropy of a pseudorandom number (PRN). An intervener unit receives one or more signals from an authenticating device during a false authentication attempt. The intervener unit generates, in response to the one or more signals, a first PRN with an associated level of entropy, and transmits the first PRN to the authenticating device. The entropy level of the first PRN causes the authenticating device to generate during a subsequent authentication attempt a second PRN with a greater level of entropy than the first PRN.

摘要翻译： 一种用于增加伪随机数（PRN）的熵的方法和装置。 在虚假身份验证尝试期间，交互单元从认证设备接收一个或多个信号。 交互单元响应于一个或多个信号产生具有相关熵级别的第一PRN，并将第一PRN发送到认证设备。 第一PRN的熵级使认证装置在后续认证尝试期间生成具有比第一PRN更大的熵水平的第二PRN。

公开(公告)号：US07043021B2

公开(公告)日：2006-05-09

申请号：US10825009

申请日：2004-04-14

申请人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

发明人： Gary L. Graunke ,  David A. Lee ,  Robert W. Faber

IPC分类号： H04N7/167

CPC分类号： H04N21/4183 ,  H04N7/1675 ,  H04N21/4108 ,  H04N21/4181 ,  H04N21/4627 ,  H04N21/63345 ,  H04N21/63775

摘要： A video source device generates a session key for each transmission session wherein a multi-frame video content is to be transmitted to a video sink device. The video source device uses the session key to generate a successive number of frame keys. The frame keys in turn are used to generate corresponding pseudo random bit sequences for ciphering the corresponding frames to protect the video content from unauthorized copying during transmission. The video sink device practices a complementary approach to decipher the received video content. In one embodiment, both devices are each provided with an integrated block/stream cipher to practice the transmission protection method.

摘要翻译： 视频源设备为每个传输会话生成会话密钥，其中将多帧视频内容发送到视频宿设备。 视频源设备使用会话密钥来生成连续数量的帧密钥。 这些帧密钥依次用于生成相应的伪随机比特序列，用于加密对应的帧，以保护视频内容免于在传输期间的未经授权的复制。 视频接收器设备实现了对接收的视频内容进行解密的补充方法。 在一个实施例中，两个设备都被提供有集成的块/流密码以实现传输保护方法。

公开(公告)号：US06956949B1

公开(公告)日：2005-10-18

申请号：US09675645

申请日：2000-09-29

申请人： Robert W. Faber ,  Brendan S. Traw ,  Gary L. Graunke ,  David A. Lee

发明人： Robert W. Faber ,  Brendan S. Traw ,  Gary L. Graunke ,  David A. Lee

IPC分类号： G06F21/00 ,  H04N7/167 ,  H04L9/00

CPC分类号： H04N21/4122 ,  G06F21/10 ,  G06F21/445 ,  G06F2221/2103 ,  G06F2221/2107 ,  H04N7/1675 ,  H04N21/4367 ,  H04N21/4408

摘要： A video source device and a video repeater device cooperatively authenticates said video repeater apparatus to said video source device. In one embodiment, the authentication is performed using an identical authentication process a video sink device would authenticate itself to the video source device. The video repeater device augment the identical process identifying itself as a repeater device. The video repeater device also in cooperation with at least one video sink device authenticates the at least one video sink device. The video repeater device in turn, in cooperation with the video source device, authenticates the at least one video sink device to the video source device. In one embodiment, the video repeater device also in cooperation with another video repeater device, authenticates yet another at least one video sink device to the video repeater device. In like manner, the video repeater device, in cooperation with the video source device, authenticates the yet another at least one video sink device to the video source device. In one embodiment, the video repeater device includes topological information of the video sink devices among the authentication information provided to the video source device. Accordingly, video sink devices may be hierarchically organized to the video source device.

摘要翻译： 视频源设备和视频中继器设备将所述视频中继器设备协作地认证到所述视频源设备。 在一个实施例中，使用视频宿设备将其自身认证到视频源设备的相同认证处理来执行认证。 视频中继器装置增强了将其自身识别为中继器设备的相同过程。 还与至少一个视频宿设备协作的视频中继器设备认证至少一个视频宿设备。 视频中继器依次与视频源设备协作，将至少一个视频宿设备认证到视频源设备。 在一个实施例中，视频转发器设备还与另一视频中继器设备协作，向视频中继器设备认证另一个至少一个视频宿设备。 以类似的方式，视频中继器设备与视频源设备协作，将另一至少一个视频宿设备认证给视频源设备。 在一个实施例中，视频中继器设备包括提供给视频源设备的认证信息中的视频宿设备的拓扑信息。 因此，视频宿设备可以被分层地组织到视频源设备。