| Patent application number | Description | Published |
|---|
| 20080279376 | SYSTEM, METHOD, AND SERVICE FOR PERFORMING UNIFIED BROADCAST ENCRYPTION AND TRAITOR TRACING FOR DIGITAL CONTENT - A unified broadcast encryption system divides a media key tree into S subtrees, divides digital content into segments, and converts some of the segments into variations; the number of segments and variations is q. The system subdivides each of the subtrees into q/|S| subdivided subtrees, assigns a key media variant to each of the subdivided subtrees, and generates a unified media key block (MKB | 11-13-2008 |
| 20090049308 | Method for Effective Tamper Resistance - A system, method, and computer program product for preventing a malicious user from analyzing and modifying software content. The one-way functions used in prior art systems using dynamically evolving audit logs or self-modifying applications are replaced with a one-way function based on group theory. With this modification, untampered key evolution will occur inside a defined mathematical group such that all valid key values form a subgroup. However, if the program is altered, the key will evolve incorrectly and will no longer be a member of the subgroup. Once the key value is outside of the subgroup, it is not possible to return it to the subgroup. The present invention provides a limited total number of valid keys. The key evolution points are not restricted to locations along the deterministic path, so the key can be used in various novel ways to regulate the program's behavior, including in non-deterministic execution paths. | 02-19-2009 |
| 20090113549 | SYSTEM AND METHOD TO ANALYZE SOFTWARE SYSTEMS AGAINST TAMPERING - A system, article of manufacture and method is provided for determining the vulnerability to attack of a software system by generating a hybrid graph, the hybrid graph including an attack graph portion describing at least one potential attack goal on the software system and describing sub-attacks required to achieve the potential attack goal. The hybrid graph also includes a defense graph describing ways to defend against the potential sub-attacks. The hybrid attack-defense graph may be evaluated and a score may be calculated based on the evaluation. | 04-30-2009 |
| 20090113552 | System and Method To Analyze Software Systems Against Tampering - A system, article of manufacture and method is provided for determining the vulnerability to attack of a software system by generating a hybrid graph, the hybrid graph including an attack graph portion describing at least one potential attack goal on the software system and describing sub-attacks required to achieve the potential attack goal. The hybrid graph also includes a defense graph describing ways to defend against the potential sub-attacks. The hybrid attack-defense graph may be evaluated and a score may be calculated based on the evaluation. | 04-30-2009 |
| 20090214029 | Unified Broadcast Encryption System - A system and method is disclosed for performing unified broadcast encryption and traitor tracing for digital content. In one embodiment a media key tree is divided into S subtrees, the media key tree including media keys and initial values, which may be random values. The digital content is divided into a plurality of segments and at least some of the segments are converted into a plurality of variations. The random values are transformed into media key variations and a separate media key variant is assigned to each of the subdivided subtrees. A unified media key block including the media key tree is stored on the media. | 08-27-2009 |
| 20090214031 | UNIFIED BROADCAST ENCRYPTION SYSTEM - A system and method is disclosed for performing unified broadcast encryption and traitor tracing for digital content. In one embodiment a media key tree is divided into S subtrees, the media key tree including media keys and initial values, which may be random values. The digital content is divided into a plurality of segments and at least some of the segments are converted into a plurality of variations. The random values are transformed into media key variations and a separate media key variant is assigned to each of the subdivided subtrees. A unified media key block including the media key tree is stored on the media. | 08-27-2009 |
| 20090287679 | Evaluation of tamper resistant software system implementations - According to one embodiment of the present invention, a method for evaluating a software system includes defining a rating of the tamper resistance of a software system and breaking down the rating into a plurality of metrics relevant to the tamper resistance of the software system. A score may then be calculated for each metric and the scores may be combined into a composite score for the rating. | 11-19-2009 |
| 20090319227 | ADAPTIVE TRAITOR TRACING - One embodiment of the present invention includes a method for traitor tracing that selects a probability distribution for the assignment of file-segment variations in a digital file. This probability distribution is selected to improve traceability for a particular size of a coalition of attackers. At least one symbol for each file-segment variation is then distributed based on the selected probability distribution. | 12-24-2009 |
| 20090320130 | TRAITOR DETECTION FOR MULTILEVEL ASSIGNMENT - One embodiment of the present invention includes a method for traitor tracing that includes performing an inner code traitor tracing on a recovered pirated digital file, the recovered digital file incorporating an inner code for assigning segments of the digital file and an outer code for assigning inner codes to individual digital files. The method also includes extracting partial information regarding the outer code from the inner code tracing. An outer code tracing procedure may then be performed using the partial information. | 12-24-2009 |
| 20090323936 | SYSTEM, METHOD, AND SERVICE FOR PERFORMING UNIFIED BROADCAST ENCRYPTION AND TRAITOR TRACING FOR DIGITAL CONTENT - A unified broadcast encryption system divides a media key tree into S subtrees, divides digital content into segments, and converts some of the segments into variations; the number of segments and variations is q. The system subdivides each of the subtrees into q/|S| subdivided subtrees, assigns a key media variant to each of the subdivided subtrees, and generates a unified media key block (MKB | 12-31-2009 |
| 20090327717 | SYSTEM, METHOD, AND SERVICE FOR TRACING TRAITORS FROM CONTENT PROTECTION CIRCUMVENTION DEVICES - A traitor tracing system generates a hypothesized model of the circumvention device that models a hypothesized set of device keys compromised by the circumvention device. The system iteratively invokes a subset tracing system to identify a compromised device key until substantially all the compromised device keys in the set of compromised device keys are identified so as to disable the circumvention device. A subset tracing system generates a circumvention device model that models behavior of a circumvention device using prior knowledge and The system iteratively selects and applies to the circumvention device a test based on the hypothesized model and the circumvention device model and receives a response from the circumvention device indicating a success of the test in playing protected content on the circumvention device. The system updates the hypothesized model using the received response, the selected test, a current version of the hypothesized model, and a current version of the circumvention device model to focus the test selecting process in determining the device keys obtained from the traitor. | 12-31-2009 |
| 20100040231 | Security Classes in a Media Key Block - According to one embodiment of the present invention, a method for broadcast encryption with security classes in a media key block is provided. In one embodiment the method includes receiving encrypted media of a first and a second class, where the media includes a common media key block, in a device of a first class and in a device of a second class. A first media key is calculated from the common media key block in the device of a first class. A first media key precursor is calculated from the common media key block in the device of a second class. The first media precursor may be used to decrypt media of a first class. The first media precursor may also be used to calculate a second media key in the device of a second class to decrypt content of a first class. | 02-18-2010 |
| 20100183148 | RECORDING KEYS IN A BROADCAST-ENCRYPTION-BASED SYSTEM - According to one embodiment of the present invention, a method for protecting content in a broadcast-encryption-based system, where the devices in the system receive a recording key table. Each device generates a set of recording keys from the recording key table using a media key variant calculated from the broadcast encryption system's media key block. The digital content is encrypted in a title key picked by the recorder. The selected title key is also encrypted in each one of the recorder's generated recording keys. To play back the content, a player uses one of its generated recording keys to decrypt the title key and the decrypt the content. The recording key table is designed so that any two devices are guaranteed to have at least one key in common during normal operation, although during a forensic situation, this rule can be abandoned. | 07-22-2010 |
| 20110137916 | SYSTEM AND METHOD FOR SYNCHRONIZED CONTENT DIRECTORIES ON CLUSTER DEVICES - According to embodiments of the invention, a system, method and computer program product for a computer program product for synchronizing content directories on cluster devices are provided. Embodiments generate a binary tree for each device in a cluster of devices, the binary tree representing the locations of all copies of content residing in the device. The binary tree for a plurality of other devices in the cluster may be stored in each device the binary tree. The binary trees for the plurality of other devices may be used to determine availability of content and the available content may be displayed to a user. | 06-09-2011 |
| 20110158404 | REBINDING OF CONTENT TITLE KEYS IN CLUSTERS OF DEVICES WITH DISTINCT SECURITY LEVELS - According to one embodiment of the present invention, a system, method, and computer program product is provided for rebinding title keys in clusters of devices with distinct security levels in broadcast encryption systems. The method includes receiving a new management key and unbinding an encrypted title key with a previously used management key, the title key having a security class and residing in a title key block for a device having a security class, the device being in a cluster of devices including devices having a plurality of security classes. If the device security class is lower that the title key security class, the unbound title key is partially rebound with the new management key. the partially rebound title key is then saved in the title key block for the device. | 06-30-2011 |
