公开(公告)号：US08571209B2

公开(公告)日：2013-10-29

申请号：US12356067

申请日：2009-01-19

申请人： Thomas Alexander Bellwood ,  Robert Glenn Deen ,  Hongxia Jin ,  Jeffrey Bruce Lotspiech ,  Sigfredo Ismael Nin ,  Matthew Francis Rutkowski

发明人： Thomas Alexander Bellwood ,  Robert Glenn Deen ,  Hongxia Jin ,  Jeffrey Bruce Lotspiech ,  Sigfredo Ismael Nin ,  Matthew Francis Rutkowski

IPC分类号： H04L9/06

CPC分类号： H04L9/0822 ,  H04L9/16 ,  H04L63/06 ,  H04L2209/60 ,  H04L2209/606 ,  H04L2463/062 ,  H04N7/1675 ,  H04N21/2541 ,  H04N21/4334 ,  H04N21/4408 ,  H04N21/4627 ,  H04N21/63345

摘要： Embodiments of the invention relate to obtaining forensic information for an anonymous attack of digital content without variations in a broadcast encryption system. In one embodiment a media device, being configured to record digital content on recordable media, receives digital content, a unified media key block, and a recording key table. The device calculates a set of recording keys from the recording key table using a media key variant from the unified media key block. The device then generates a title key and encrypts by the digital content in the generated title key. The device then encrypts the generated title key in each one of the calculated recording keys, adds a header including the encrypted titles keys to the encrypted digital content, and stores the encrypted digital content with the header on recordable media.

摘要翻译： 本发明的实施例涉及获得无广播加密系统中的变化的数字内容的匿名攻击的取证信息。 在一个实施例中，被配置为在可记录介质上记录数字内容的媒体设备接收数字内容，统一媒体密钥块和记录密钥表。 该设备使用来自统一媒体密钥块的媒体密钥变体从记录密钥表计算一组记录密钥。 然后，该设备生成标题密钥，并通过生成的标题密钥中的数字内容进行加密。 然后，该设备对所计算的记录密钥中的每一个加密生成的标题密钥，将包括加密的标题密钥的标题添加到加密的数字内容，并将具有标题的加密的数字内容存储在可记录介质上。

公开(公告)号：US20100183148A1

公开(公告)日：2010-07-22

申请号：US12356067

申请日：2009-01-19

申请人： Thomas Alexander Bellwood ,  Robert Glen Deen ,  Hongxia Jin ,  Jeffrey Bruce Lotspiech ,  Sigfredo Ismael Nin ,  Matthew Francis Rutkowski

发明人： Thomas Alexander Bellwood ,  Robert Glen Deen ,  Hongxia Jin ,  Jeffrey Bruce Lotspiech ,  Sigfredo Ismael Nin ,  Matthew Francis Rutkowski

IPC分类号： H04L9/06

CPC分类号： H04L9/0822 ,  H04L9/16 ,  H04L63/06 ,  H04L2209/60 ,  H04L2209/606 ,  H04L2463/062 ,  H04N7/1675 ,  H04N21/2541 ,  H04N21/4334 ,  H04N21/4408 ,  H04N21/4627 ,  H04N21/63345

摘要： According to one embodiment of the present invention, a method for protecting content in a broadcast-encryption-based system, where the devices in the system receive a recording key table. Each device generates a set of recording keys from the recording key table using a media key variant calculated from the broadcast encryption system's media key block. The digital content is encrypted in a title key picked by the recorder. The selected title key is also encrypted in each one of the recorder's generated recording keys. To play back the content, a player uses one of its generated recording keys to decrypt the title key and the decrypt the content. The recording key table is designed so that any two devices are guaranteed to have at least one key in common during normal operation, although during a forensic situation, this rule can be abandoned.

摘要翻译： 根据本发明的一个实施例，一种用于保护基于广播加密的系统中的内容的方法，其中系统中的设备接收记录密钥表。 每个设备使用从广播加密系统的媒体密钥块计算的媒体密钥变体从记录密钥表生成一组记录密钥。 数字内容以记录器拾取的标题密钥加密。 所选择的标题密钥也在记录器生成的记录密钥中的每一个中被加密。 要播放内容，播放器使用其生成的记录密钥之一来解密标题密钥并对内容进行解密。 记录键表被设计成使得任何两个装置在正常操作期间被保证具有至少一个共同的钥匙，尽管在取证情况下，该规则可以被放弃。

公开(公告)号：US09520993B2

公开(公告)日：2016-12-13

申请号：US11230022

申请日：2005-09-19

申请人： Hongxia Jin ,  Jeffrey Bruce Lotspiech ,  Sigfredo Ismael Nin

发明人： Hongxia Jin ,  Jeffrey Bruce Lotspiech ,  Sigfredo Ismael Nin

IPC分类号： G06Q20/00 ,  H04L9/08

CPC分类号： H04L9/3268 ,  H04L9/083 ,  H04L9/0891 ,  H04L9/3247 ,  H04L63/061 ,  H04L2209/601 ,  H04L2209/606

摘要： The present invention provides a method performed on a computer of preventing re-use of compromised keys in a broadcast encryption system. In an exemplary embodiment, the method includes (1) incorporating a particular set of Sequence Keys assigned by a license agency into individual receivers, (2) assigning a Sequence Key Block (SKB) by the license agency to at least one distributed protected file, (3) performing incremental cryptographic testing by the individual receivers to determine if a selected Sequence Key from the set of Sequence Keys is compromised, (4) if the selected Sequence Key is not compromised, decrypting the file, and (5) if the selected Sequence Key is compromised and if a subsequent Sequence Key from the set of Sequence Keys is available, selecting the subsequent Sequence Key.

摘要翻译： 本发明提供一种在计算机上执行的防止在广播加密系统中重复使用受损密钥的方法。 在一个示例性实施例中，该方法包括（1）将由许可证代理机构分配的特定的一组序列密钥合并到单独的接收机中，（2）将许可代理机构的序列密钥块（SKB）分配给至少一个分布式受保护文件， （3）执行各个接收机的增量密码测试，以确定序列密钥集合中所选择的序列密钥是否受到损害，（4）如果所选择的序列密钥不受影响，解密该文件，以及（5）如果选定的 序列密钥被破坏，并且如果序列密钥集合中的后续序列密钥可用，则选择随后的序列密钥。

公开(公告)号：US07523307B2

公开(公告)日：2009-04-21

申请号：US10042652

申请日：2002-01-08

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

IPC分类号： H04L9/00 ,  H04L9/32 ,  G06F12/14

CPC分类号： H04L63/0428 ,  G11B20/0021 ,  H04L9/0836 ,  H04L9/0891 ,  H04L12/18 ,  H04L2209/605 ,  H04L2209/606

摘要： A method for enforcing compliance in both the copy protect domain and service subscription domain for streamed multicast data. Each content is encrypted with a title key that itself is encrypted with a channel unique key which is a hash of a session key and a channel key. A compliant player is given the channel key upon registration for a subscription service (representing subscription protection) and is also given device keys upon activation (representing copy protection) for decrypting the session key. Consequently, the channel unique key can be obtained (and, hence, the content decrypted) only by a player that is compliant with both copy protection rules and subscription rules. The channel key can be refreshed periodically as subscriptions change or expire.

公开(公告)号：US06883097B1

公开(公告)日：2005-04-19

申请号：US09575740

申请日：2000-05-22

申请人： Jeffrey Bruce Lotspiech ,  Ariel Virgil Mirles ,  Dalit Naor ,  Sigfredo Ismael Nin

发明人： Jeffrey Bruce Lotspiech ,  Ariel Virgil Mirles ,  Dalit Naor ,  Sigfredo Ismael Nin

IPC分类号： H04H20/00 ,  H04L9/00 ,  H04L9/08 ,  H04N7/16 ,  H04N7/167 ,  H04N21/258 ,  H04N21/266

CPC分类号： H04N7/163 ,  G11B20/00362 ,  H04L9/0861 ,  H04L9/14 ,  H04L2209/34 ,  H04L2209/606 ,  H04N7/1675 ,  H04N21/2585 ,  H04N21/26613

摘要： A system for protecting content on recordable media for, e.g., DVD audio disks, flash memory media, or other media includes providing a media key block (MKB) on each media, with each MKB including 25,000 encryptions of a media key by 25,000 or so device keys. Each authorized player in the system has a single device key from among the system device keys with which to decrypt the media key. To avoid a coincidence attack in which a hacker can learn the MKB and associated media key and then guess at a device key without knowing its position in the MKB, the media key is XORed with a number representing each position in the MKB, and only then encrypted with the device key corresponding to that position.

摘要翻译： 用于保护例如DVD音频盘，闪存介质或其他媒体的可记录媒体上的内容的系统包括在每个媒体上提供媒体密钥块（MKB），每个MKB包括25,000个媒体密钥的25,000个加密 设备密钥。 系统中的每个授权的播放器具有用于解密媒体密钥的系统设备密钥中的单个设备密钥。 为了避免黑客可以学习MKB和相关媒体密钥的巧合攻击，然后在不知道其在MKB中的位置的情况下猜测设备密钥，则将媒体密钥与表示MKB中每个位置的数字进行异或， 用与该位置对应的设备密钥加密。

公开(公告)号：US06888944B2

公开(公告)日：2005-05-03

申请号：US09777506

申请日：2001-02-05

申请人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

发明人： Jeffrey Bruce Lotspiech ,  Dalit Naor ,  Sigfredo Ismael Nin ,  Florian Pestoni

IPC分类号： H04H20/00 ,  H04L9/00 ,  H04L9/08 ,  H04N7/16 ,  H04N7/167 ,  H04N21/258 ,  H04N21/266

CPC分类号： H04N7/163 ,  G11B20/00362 ,  H04L9/0861 ,  H04L9/14 ,  H04L2209/34 ,  H04L2209/606 ,  H04N7/1675 ,  H04N21/2585 ,  H04N21/26613

摘要： Sets of encryption keys useful by devices for decrypting encrypted content are defined using an error-correcting code such as a Reed-Solomon code to define vectors of length “n” over an alphabet of (0, . . . , N−1), wherein “n” is the number of columns in a key matrix and “N” is the number of rows in the matrix. Each vector represents a set of keys that can be assigned to a device. With this invention, overlap between sets of keys can be minimized to minimize the possibility that the key set of an innocent device might be inadvertently revoked when the key set of a compromised device is revoked. Also, only the generating matrix of the error-correcting code and the index of one set of keys need be stored in memory, since all previously defined key sets can be regenerated if need be from just the generating matrix and index.

摘要翻译： 使用诸如里德 - 所罗门码的纠错码来定义加密内容解密设备所使用的加密密钥集合，以在（0，...，N-1）的字母表上定义长度为“n”的向量， 其中“n”是键矩阵中的列数，“N”是矩阵中的行数。 每个向量表示可以分配给设备的一组密钥。 利用本发明，可以最小化密钥组之间的重叠，以最小化当被破坏的设备的密钥组被撤销时，无辜设备的密钥组可能被无意中撤销的可能性。 此外，只有纠错码的生成矩阵和一组密钥的索引需要存储在存储器中，因为如果需要仅来自生成矩阵和索引，则可以重新生成所有先前定义的密钥集。

公开(公告)号：US09712321B2

公开(公告)日：2017-07-18

申请号：US12131076

申请日：2008-05-31

申请人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

发明人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

IPC分类号： H04L9/00 ,  H04L9/08 ,  G09C5/00

CPC分类号： H04L9/0836 ,  G09C5/00 ,  H04L2209/606

摘要： A system and method is disclosed for performing unified broadcast encryption and traitor tracing for digital content. In one embodiment a media key tree is divided into S subtrees, the media key tree including media keys and initial values, which may be random values. The digital content is divided into a plurality of segments and at least some of the segments are converted into a plurality of variations. The random values are transformed into media key variations and a separate media key variant is assigned to each of the subdivided subtrees. A unified media key block including the media key tree is stored on the media.

公开(公告)号：US08176568B2

公开(公告)日：2012-05-08

申请号：US11323247

申请日：2005-12-30

申请人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

发明人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

IPC分类号： G06F21/00

CPC分类号： H04N7/165 ,  H04L9/08 ,  H04L2209/606 ,  H04N21/2585

摘要： A system, method, and computer program product to find coalitions of receivers who collude to produce pirated protected content, then evaluates the confidence that particular members of each identified coalition are traitors versus innocent receivers incriminated by chance. Typically, each file in a group of original files is modified to include variations of critical file segments. The group of files is then broadcast with individualized codes that enable particular authorized receivers to properly process the modified files. The modifications in a pirated version of a file can identify which traitorous receivers contributed to its piracy. Candidate coalitions of differing size are first evaluated to determine if they cover observed file variations with greater than a predetermined likelihood that an innocent coalition is falsely incriminated by chance. Individual members of satisfactory coalitions are then evaluated. Traitors may be cryptographically revoked.

摘要翻译： 一种系统，方法和计算机程序产品，用于查找串联产生盗版保护内容的接收者联盟，然后评估每个已识别联盟的特定成员是叛徒的机会与被机会犯罪的无辜接收者的信心。 通常，一组原始文件中的每个文件都被修改为包括关键文件段的变体。 然后使用个性化代码广播文件组，使得特定授权的接收者能够正确处理修改的文件。 盗版版本的文件的修改可以识别哪些叛国接收器对其盗版作出贡献。 首先评估不同大小的候选联盟，以确定它们是否覆盖观察到的文件差异，超过预期的可能性，无辜的联盟被机会错误地引诱。 然后评估满意联盟的个人成员。 叛徒可能被加密地撤销。

公开(公告)号：US20120036578A1

公开(公告)日：2012-02-09

申请号：US13267774

申请日：2011-10-06

申请人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

发明人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

IPC分类号： G06F21/00

CPC分类号： H04N7/165 ,  H04L9/08 ,  H04L2209/606 ,  H04N21/2585

摘要： Embodiments of the invention relate to finding coalitions of receivers who collude to produce pirated protected content, then evaluates the confidence that particular members of each identified coalition are traitors versus innocent receivers incriminated by chance. Typically, each file in a group of original files is modified to include variations of critical file segments. The group of files is then broadcast with individualized codes that enable particular authorized receivers to properly process the modified files. The modifications in a pirated version of a file can identify which traitorous receivers contributed to its piracy. Candidate coalitions of differing size are first evaluated to determine if they cover observed file variations with greater than a predetermined likelihood that an innocent coalition is falsely incriminated by chance. Individual members of satisfactory coalitions are then evaluated. Traitors may be cryptographically revoked.

摘要翻译： 本发明的实施例涉及发现联合制作盗版的受保护内容的接收者的联盟，然后评估每个被识别的联盟的特定成员是叛徒的信心与被机会犯罪的无辜接收者的信心。 通常，一组原始文件中的每个文件都被修改为包括关键文件段的变体。 然后使用个性化代码广播文件组，使得特定授权的接收者能够正确处理修改的文件。 盗版版本的文件的修改可以识别哪些叛国接收器对其盗版作出贡献。 首先评估不同大小的候选联盟，以确定它们是否覆盖观察到的文件差异，超过预期的可能性，无辜的联盟被机会错误地引诱。 然后评估满意联盟的个人成员。 叛徒可能被加密地撤销。

公开(公告)号：US07876895B2

公开(公告)日：2011-01-25

申请号：US11746491

申请日：2007-05-09

申请人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

发明人： Hongxia Jin ,  Jeffrey Bruce Lotspiech

IPC分类号： H04K1/04

CPC分类号： H04L9/32 ,  G06F21/10 ,  G09C5/00 ,  G11B20/00086 ,  G11B20/00137 ,  G11B20/0021 ,  G11B20/00362 ,  G11B20/00427 ,  G11B20/00507 ,  H04H60/18 ,  H04H60/23 ,  H04L9/0822 ,  H04L2209/606 ,  H04N21/23476 ,  H04N21/26613 ,  H04N21/42646 ,  H04N21/44055 ,  H04N21/8456

摘要： A unified broadcast encryption system divides a media key tree into S subtrees, divides digital content into segments, and converts some of the segments into variations; the number of segments and variations is q. The system subdivides each of the subtrees into q/|S| subdivided subtrees, assigns a key media variant to each of the subdivided subtrees, and generates a unified media key block (MKBu). The system decrypts digital content by obtaining required key media variants from the MKBu, using the key media variant to find an entry in a variant key table, decrypt a title key, and locate a variant number from the variant key table. The system uses the variant number to identify which of the variations may be decrypted by the title key and uses the title key to decrypt segments and variations.

摘要翻译： 统一广播加密系统将媒体密钥树划分为S子树，将数字内容划分为多个段，并将其中的一些段转换为变体; 段数和变化数为q。 系统将每个子树细分为q / | S | 细分子树，将关键媒体变体分配给每个细分子树，并生成统一的媒体关键块（MKBu）。 该系统通过从MKBu获得所需的密钥介质变体来解密数字内容，使用密钥介质变体来在变式密钥表中找到条目，解密标题密钥以及从变体密钥表中定位变体号。 系统使用变体号来标识哪个变体可以由标题密钥解密，并使用标题密钥来解密段和变体。