An ASIC for implementing digital rights management includes a processor for requesting encrypted digital data from a server and decrypting the data, and a player for transforming the decrypted data to analog signals. Preferably, the ASIC is tamper-resistant. Preferably, all the management code of the ASIC is stored on a ROM in the ASIC. A device for receiving, decrypting and displaying encrypted digital data includes the ASIC, and also a transceiver for communicating with the server, a display mechanism for displaying the analog signals, and a nonvolatile memory for storing the encrypted data. A system for storing and displaying digital data includes both the server and the device. Preferably, the server is configured to send to the device only the encrypted digital data and associated decryption keys.
|
1. A device for digital rights management, comprising:
(a) an integrated circuit including:
(i) a processor for:
(A) requesting encrypted digital data, and
(B) decrypting said encrypted digital data, thereby providing decrypted digital data; and
(ii) a player for transforming said decrypted digital data to analog signals; and
(b) a flash memory for storing said encrypted digital data;
wherein decrypting includes the use of a decryption key stored in the flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
43. A device for digital rights management, comprising:
(a) a nonvolatile memory; and
(b) an integrated circuit, separate from said nonvolatile memory, and including:
(i) a processor for:
(A) requesting encrypted digital data and at least one key from a server,
(B) storing said at least one key in said nonvolatile memory, and
(C) decrypting said encrypted digital data, using said at least one key, thereby providing decrypted digital data, and
(ii) a player for transforming said decrypted digital data into analog signals;
wherein the at least one key is stored in the nonvolatile memory, and wherein the at least one key stored in the nonvolatile memory is encrypted with a unique key stored in the integrated circuit; and
wherein the nonvolatile memory and the integrated circuit are packaged together in a common package.
41. A device for digital rights management, comprising:
(a) a memory; and
(b) an integrated circuit, separate from said memory, and including:
(i) a processor for:
(A) requesting encrypted digital data from a server,
(B) receiving said requested encrypted digital data,
(C) storing said requested encrypted digital data in said memory, and
(D) decrypting said requested encrypted digital data, thereby providing decrypted digital data, and
(ii) a player for transforming said decrypted digital data to analog signals;
wherein decrypting includes the use of a decryption key stored in the memory, and wherein the decryption key stored in the memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the memory and the integrated circuit are packaged together in a common package.
14. A system for digital rights management, comprising:
(a) a server for storing encrypted digital data; and
(b) a user platform including:
(i) an integrated circuit that includes:
(A) a processor for:
(I) requesting said encrypted digital data from said server, and
(II) decrypting said encrypted digital data, thereby providing decrypted digital data, and
(B) a player for transforming said decrypted digital data to analog signals, and
(ii) a flash memory for storing said encrypted digital data;
wherein decrypting includes the use of a decryption key stored in the flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
45. An integrated circuit for digital rights management, comprising:
(a) a processor for:
(i) requesting encrypted digital data from a server,
(ii) receiving said encrypted digital data from said server, and
(iii) decrypting said encrypted digital data only after all said encrypted digital data have been received from said server, wherein decrypting said encrypted digital data results in decrypted digital data; and
(b) a player for transforming said decrypted digital data to analog signals;
wherein decrypting includes the use of a decryption key stored in a memory in communication with said processor, and wherein the decryption key stored in the memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the memory and the integrated circuit are packaged together in a common package.
42. A system for digital rights management, comprising:
(a) a server for storing encrypted digital data; and
(b) a user platform including:
(i) a memory, and
(ii) an integrated circuit, separate from said memory, and including:
(A) a processor for:
(I) requesting said encrypted digital data from the server,
(II) receiving said requested encrypted digital data,
(III) storing said requested encrypted digital data in said memory, and
(IV) decrypting said requested encrypted digital data, thereby providing decrypted digital data, and
(B) a player for transforming said decrypted digital data to analog signals;
wherein decrypting includes the use of a decryption key stored in the memory, and wherein the decryption key stored in the memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the memory and the integrated circuit are packaged together in a common package.
44. A system for digital rights management, comprising:
(a) a server for storing encrypted digital data and at least one key; and
(b) a user platform including:
(i) a nonvolatile memory, and
(ii) an integrated circuit, separate from said nonvolatile memory, and including:
(A) a processor for:
(I) requesting said encrypted digital data and said at least one key from said server,
(II) storing said at least one key in said nonvolatile memory, and
(III) decrypting said encrypted digital data, using said at least one key, thereby providing decrypted digital data, and
(B) a player for transforming said decrypted digital data to analog signals;
wherein the at least one key is stored in the nonvolatile memory, and wherein the at least one key stored in the nonvolatile memory is encrypted with a unique key stored in the integrated circuit; and
wherein the memory and the integrated circuit are packaged together in a common package.
46. A system for digital rights management, comprising:
(a) a server for storing encrypted digital data; and
(b) a user platform, for playing said encrypted digital data, the user platform including an integrated circuit that includes:
(i) a processor for:
(A) requesting said encrypted digital data from said server,
(B) receiving said encrypted digital data from said server, and
(C) decrypting said encrypted digital data only after all said encrypted digital data have been received from said server, wherein decrypting said encrypted digital data results in decrypted digital data, and
(ii) a player for transforming said decrypted digital data to analog signals;
wherein decrypting includes the use of a decryption key stored in a memory in the user platform, and wherein the decryption key stored in the memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the memory and the integrated circuit are packaged together in a common package.
0. 49. A method for digital rights management comprising:
in a device with a flash memory and an integrated circuit, wherein the flash memory is separate from the integrated circuit,
(a) utilizing the integrated circuit to:
(A) retrieve encrypted digital data from the flash memory, the encrypted data being encoded,
(B) produce decrypted digital data by decrypting the encrypted digital data, and
(C) produce decoded digital data by decoding the decrypted digital data, and
(b) utilizing the integrated circuit to transform the decoded digital data to analog signals,
wherein utilizing the integrated circuit inhibits interception of the decoded digital data to prevent illegal copying of the decoded digital data, wherein decrypting includes the use of a decryption key stored in the flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
0. 102. A playback device comprising:
a flash memory containing encrypted-encoded data;
electronic circuits adapted to retrieve the encrypted-encoded data from the flash memory and to produce analog signals from the encrypted-encoded data by:
producing clear encoded data by decrypting the encrypted-encoded data;
producing clear data by decoding the clear encoded data; and
producing the analog signals by transforming the clear data to the analog signals; and
an interface for conveying the analog signals to a display mechanism,
wherein the electronic circuits are further adapted to inhibit interception of the clear data and to thus prevent unlicensed copying thereof, and wherein the flash memory is separate from the electronic circuits, wherein decrypting includes the use of a decryption key stored in the flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the electronic circuits; and
wherein the flash memory and the electronic circuits are packaged together in a common package.
23. A digital rights management method comprising the steps of:
(a) storing encrypted digital data at a server;
(b) providing an integrated circuit that includes:
(i) a processor operative to:
(A) request said encrypted digital data from the server and
(B) decrypt said encrypted digital data, thereby providing decrypted digital data, and
(ii) a player operative to transform said decrypted digital data to analog signals;
(c) requesting said encrypted digital data from the server, by said processor;
(d) decrypting said encrypted digital data, by said processor, thereby providing said decrypted digital data;
(e) transforming said decrypted digital data to analog signals, by said player; and
(f) storing said encrypted digital data in a flash memory;
wherein decrypting includes the use of a decryption key stored in flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
0. 82. A method of protecting data, the method comprising:
in a portable electronic device with a flash memory and electronic circuits, wherein the flash memory is separate from the electronic circuits, utilizing the electronic circuits to produce analog signals from digital data that is both encrypted and encoded, the analog signals being produced by:
a) retrieving the digital data from the flash memory;
b) producing clear encoded data by decrypting the digital data;
c) producing clear data by decoding the clear encoded data; and
d) transforming the clear data to analog signals useful for delivery to a display mechanism of the portable electronic device,
wherein utilizing the electronic circuits inhibits interception of the clear data and thus prevents unlicensed copying thereof, wherein decrypting includes the use of a decryption key stored in the flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the electronic circuits; and
wherein the flash memory and the electronic circuits are packaged together in a common package.
0. 62. A method for digital rights management comprising:
in a device containing a flash memory and an integrated circuit, wherein the flash memory is separate from the integrated circuit,
(a) retrieving by the integrated circuit encrypted data from the flash memory, which encrypted data is encoded; and
(b) outputting analog signals from the integrated circuit, the analog signals being produced within the integrated circuit from the encrypted data by:
(i) producing encoded clear data by decrypting the encrypted data;
(ii) producing clear data by decoding the encoded clear data, and
(iii) transforming the clear data into the analog signals,
wherein producing the analog signals within the integrated circuit inhibits interception of the clear data to prevent illegal copying of the clear data, wherein decrypting includes the use of a decryption key stored in the flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
0. 116. An integrated circuit adapted for use in a playback device having a flash memory device, the integrated circuit comprising:
a player;
a bus internal to the integrated circuit; and
a processor connected to the player via the bus, wherein the processor is operative to control the integrated circuit to:
(i) retrieve encrypted digital data from a flash memory device and produce decrypted digital data by decrypting the retrieved encrypted digital data,
(ii) produce decoded-decrypted digital data by decoding the decrypted digital data, and
(iii) send the decoded-decrypted digital data to the player where it is transformed to analog signals, wherein sending the decoded-decrypted digital data to the player via the bus inhibits interception of the decoded-decrypted digital data to prevent illegal copying of the decoded-decrypted digital data;
wherein decrypting includes the use of a decryption key stored in the flash memory device, and wherein the decryption key stored in the flash memory device is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
0. 114. A digital rights management method, comprising:
utilizing an integrated circuit which is coupled to a flash memory device and includes a processor and a player, the player connected to the processor via a bus internal to the integrated circuit, the integrated circuit being utilized by, under control of the processor:
(i) retrieving encrypted digital data from the flash memory device and producing decrypted digital data by decrypting the retrieved encrypted digital data,
(ii) producing decoded-decrypted digital data by decoding the decrypted digital data, and
(iii) sending the decoded-decrypted digital data to the player where it is transformed to analog signals, wherein sending the decoded-decrypted digital data to the player via the bus internal to the integrated circuit inhibits interception of the decoded-decrypted digital data to prevent illegal copying of the decoded-decrypted digital data;
wherein decrypting includes the use of a decryption key stored in the flash memory device, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
0. 47. A digital rights management method, comprising:
utilizing an integrated circuit which is coupled to a flash memory device and includes a processor and a player, the player connected to the processor via a bus internal to the integrated circuit, the integrated circuit being utilized by, under control of the processor:
(i) requesting encrypted digital data, the encrypted digital data being received and stored in the flash memory device in encoded format,
(ii) retrieving the encrypted digital data from the flash memory device and producing decrypted digital data by decrypting the retrieved encrypted digital data,
(iii) producing decoded-decrypted digital data by decoding the decrypted digital data, and
(iv) sending the decoded-decrypted digital data to the player where it is transformed to analog signals, wherein sending the decoded-decrypted digital data to the player via the bus internal to the integrated circuit inhibits interception of the decoded-decrypted digital data to prevent illegal copying of the decoded-decrypted digital data;
wherein decrypting includes the use of a decryption key stored in the flash memory, and wherein the decryption key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit; and
wherein the flash memory and the integrated circuit are packaged together in a common package.
2. The device of
6. The device of
7. The device of
8. The device of
9. The device of
(c) a transceiver for transmitting a request for said encrypted digital data from said processor and for receiving said encrypted digital data.
10. The device of
(c) a display mechanism for displaying said analog signals.
12. The device of
(iii) a ROM for storing management code that is executed by said processor to operate said integrated circuit.
15. The system of
17. The system of
(ii) a transceiver for transmitting to said server a request for said encrypted digital data and for receiving said encrypted digital data.
18. The system of
(ii) a display mechanism for displaying said analog signals.
20. The system of
21. The system of
(C) a ROM for storing management code that is executed by said processor to operate said integrated circuit.
24. The method of
25. The method of
31. The method of
(g) requesting said at least one key from the server, by said processor.
32. The method of
(h) storing said at least one key in a nonvolatile memory.
33. The method of
(i) encrypting said at least one key, prior to said storing of said at least one key in said nonvolatile memory.
34. The method of
(h) configuring the server to send substantially only the encrypted digital data and said at least one key to said integrated circuit.
35. The method of
(g) upon detecting an attempt to tamper with said integrated circuit: resetting said integrated circuit.
36. The method of
(g) configuring the server to send substantially only the encrypted digital data to said integrated circuit.
0. 48. The method of claim 47, wherein the flash memory device is separate from the integrated circuit.
0. 50. The method of claim 49, further comprising:
utilizing the integrated circuit to:
request the encrypted digital data including authenticating the device to a source of the encrypted digital data, and
store the encrypted digital data, once received, in the flash memory, the encrypted digital data being received and stored in the flash memory in encoded format.
0. 51. The method of claim 50, additionally comprising:
utilizing the integrated circuit to:
monitor for tampering with at least the integrated circuit, and
in response to detecting tampering with at least the integrated circuit, reset at least the integrated circuit.
0. 52. The method of claim 50, wherein utilizing the integrated circuit includes utilizing a processor in the integrated circuit controlled by management code stored in a non-volatile memory in the integrated circuit.
0. 53. The method of claim 52, wherein utilizing the integrated circuit to decrypt the encrypted digital data includes use of a co-processer on the integrated circuit.
0. 54. The method of any one of claims 49-53, wherein the digital data includes audio data and the analog signals are therefore analog audio signals.
0. 55. The method of claim 54, wherein the analog audio signals are applied to an audio transducer, wherein audible sounds are generated thereby.
0. 56. The method of any one of claims 49-53, wherein the digital data includes video data and the analog signals are therefore analog video signals.
0. 57. The method of claim 56, wherein the analog video signals are applied to a video screen, wherein visible video images are generated thereby.
0. 58. The method of claim 50, wherein an authentication key for authenticating the device to the source of the encrypted digital data is stored in the flash memory.
0. 59. The method of claim 58, wherein the authentication key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit.
0. 60. The method of claim 50, wherein an authentication key for authenticating the device to the source of the encrypted digital data is stored in non-volatile memory in the integrated circuit.
0. 61. The method of claim 49, wherein the integrated circuit includes a processor and a player.
0. 63. The method of claim 62, wherein the integrated circuit is a tamper-resistant ASIC.
0. 64. The method of claim 62, wherein the integrated circuit includes code.
0. 65. The method of claim 62, wherein the integrated circuit includes a processing means and a player coupled to the processing means via a bus internal to the integrated circuit.
0. 66. The method of claim 65, wherein the processing means includes one or more co-processors.
0. 67. The method as in claim 62, wherein the flash memory and the integrated circuit are contained within the device in a common package.
0. 68. The method as in claim 62, further comprising using the outputted analog signals by a display mechanism.
0. 69. The method of claim 62, wherein the analog signals represent audio.
0. 70. The method of claim 62, wherein the analog signals represent video or audio-video.
0. 71. The method of claim 62, further comprising:
requesting the encrypted data; and
storing the encrypted data in the flash memory, once it is received by the device, the encrypted data being received and stored in encoded format.
0. 72. The method of claim 71, wherein the requesting further includes utilizing the integrated circuit to authenticate the device to a source of the encrypted data.
0. 73. The method of claim 72, wherein the device is authenticated to a server.
0. 74. The method of claim 72, wherein authenticating includes using an authentication key stored in the integrated circuit.
0. 75. The method of claim 72, wherein an authentication key for authenticating the device to the source of the encrypted data is stored in the flash memory.
0. 76. The method of claim 75, wherein the authentication key stored in the flash memory is encrypted with a unique key stored in non-volatile memory in the integrated circuit.
0. 77. The method of claim 72, wherein an authentication key for authenticating the device to the source of the encrypted data is stored in non-volatile memory in the integrated circuit.
0. 78. The method of claim 62, wherein decrypting includes the use of a decryption key stored in a non-volatile memory on the integrated circuit.
0. 79. The method of claim 62, additionally comprising receiving at least one decryption key from outside of the device along with the encrypted digital data and storing the received decryption key in a non-volatile memory associated with the integrated circuit.
0. 80. The method of claim 79, wherein the at least one decryption key stored in the non-volatile memory associated with the integrated circuit is encrypted with a unique key stored in non-volatile memory in the integrated circuit.
0. 81. The method of claim 62, wherein the integrated circuit includes a processor and a player.
0. 83. The method of claim 82, further utilizing the electronic circuits to:
e) request the digital data; and
f) store the digital data in the flash memory for subsequent use, the digital data being received in an encrypted, encoded format.
0. 84. The method of claim 83, wherein requesting the digital data further includes utilizing the electronic circuits to authenticate the device to a source of the encrypted data.
0. 85. The method of claim 84, wherein the device is authenticated to a server.
0. 86. The method of claim 83, wherein requesting the digital data includes requesting encrypted and encoded digital data from outside of the device and authenticating the device to a source of the encrypted and encoded digital data.
0. 87. The method of claim 86, wherein authenticating the device includes using an authentication key stored in the device.
0. 88. The method of claim 82, wherein decrypting the read encrypted digital data includes the use of a decryption key stored in a non-volatile memory that is part of the electronic circuits within the device.
0. 89. The method of claim 82, additionally comprising receiving at least one decryption key from outside of the device along with the encrypted digital data and storing the received decryption key in a non-volatile memory that is part of the electronic circuits within the device, and wherein reading the stored digital data from the flash memory and decrypting the read digital data includes reading the at least one decryption key from the non-volatile memory and using the read at least one decryption key to decrypt the read digital data.
0. 90. The method of claim 82, additionally comprising:
monitoring the electronic circuits within the device for tampering therewith, and
in response to detecting tampering with the electronic circuits within the device, resetting the electronic circuits.
0. 91. The method of claim 82, wherein utilizing electronic circuits within the device includes utilizing a processor controlled by management code stored in a non-volatile memory that is part of the electronic circuits.
0. 92. The method of claim 91, wherein decrypting the read encrypted digital data includes use of a co-processer that is part of the electronic circuits within the device.
0. 93. The method of any one of claims 82-92, wherein utilizing the electronic circuits within the device include utilizing the electronic circuits on a single integrated circuit.
0. 94. The method of any one of claims 82-92, wherein the digital data are audio data and the analog signals are therefore analog audio signals.
0. 95. The method of claim 94, wherein the analog audio signals are utilized by the user by applying the analog audio signals to an audio transducer, wherein audible sounds are generated thereby.
0. 96. The method of any one of claims 82-92, wherein the digital data are video data and the analog signals are therefore analog video signals.
0. 97. The method of claim 96, wherein the analog video signals are utilized by the user by applying the analog video signals to a video screen, wherein visible video images are generated thereby.
0. 98. The method of claim 84, wherein an authentication key for authenticating the device to the source of the encrypted data is stored in the flash memory.
0. 99. The method of claim 84, wherein an authentication key for authenticating the device to the source of the encrypted data is stored in non-volatile memory in the electronic circuits.
0. 100. The method of claim 82, additionally comprising receiving the decryption key from outside of the device along with the encrypted digital data and storing the decryption key in the flash memory, and wherein reading the stored digital data from the flash memory and decrypting the read digital data includes reading the decryption key from the flash memory and using the decryption key to decrypt the read digital data.
0. 101. The method of claim 82, wherein the electronic circuits include a processor and a player.
0. 103. The playback device of claim 102, further comprising a display mechanism coupled to the interface, wherein the display mechanism comprises a video or audio-video display mechanism.
0. 104. The playback device of claim 102, further comprising a display mechanism coupled to the interface, wherein the display mechanism comprises an audio display mechanism.
0. 105. The playback device of claim 102, wherein the electronic circuits include a processing mechanism for producing the analog signals.
0. 106. The playback device of claim 105, wherein the processing mechanism includes a processor.
0. 107. The playback device of claim 106, wherein the processing mechanism includes one or more co-processors.
0. 108. The playback device of claim 105, wherein the processing mechanism is adapted for authenticating the playback device to a source of the encrypted-encoded data.
0. 109. The playback device of claim 108, wherein an authentication key for authenticating the playback device to the source of the encrypted-encoded data is stored in the flash memory.
0. 110. The playback device of claim 108, wherein an authentication key for authenticating the playback device to the source of the encrypted-encoded data is stored in non-volatile memory in the electronic circuits.
0. 111. The playback device of claim 102, wherein the electronic circuits include an integrated circuit with a processor and a player.
0. 112. The playback device of claim 111 further comprising a bus internal to the electronic circuits that connects the processor and the player.
0. 113. The playback device of claim 102, wherein the electronic circuits include a processor and a player.
0. 115. The method of claim 114, wherein the flash memory device is separate from the integrated circuit.
0. 117. The integrated circuit of claim 116, wherein the flash memory device is separate from the integrated circuit.
|
|||||||||||||||||
This is 34 36. Typically, ASIC 30 includes several cryptographic coprocessors 34 36, also called “cores”, each for implementing a respective cryptographic algorithm. For example, one embodiment of ASIC 30 includes four cores 34 36: an AES core, a DES core, a SHA-1 core and a RSA/ECC core.
Also for illustrational simplicity, ASIC 30 is shown as including two sensors 42. Typically, ASIC 30 includes a variety of sensors, in its outer layers. These sensors are selected from among voltage sensors, probe sensors, wire sensors, piezoelectric sensors, motion sensors, ultrasonic sensors, microwave sensors, infrared sensors, accelerations sensors, radiation flux sensors, radiation dosage sensors and temperature sensors, as described by S. H. Weingart in “Physical security devices for computer subsystems: a survey of attacks and defenses”, Lecture Notes in Computer Science vol. 1965 pp. 302-317 (2001), which publication is incorporated by reference for all purposes as if fully set forth herein. Detection by one of sensors 42 of an attempt to tamper with ASIC 30 triggers a reset of ASIC 30 to prevent a hacker from reading the cryptographic keys off of bus 58.
In this particular preferred embodiment of the present invention, the management code of ASIC 30 is fixed in ROM 52. Upgrading the management code of ASIC 30 is effected by physically replacing the entire ASIC 30 by a new ASIC 30 with an upgraded ROM 52. It therefore being unnecessary to download management code from server 50 to ASIC 30, server 50 is configured to send to remote platform 28 essentially only encrypted digital data and keys for decrypting the encrypted digital data.
The operation of remote platform 28 is as follows. Using one or more of the authentication keys stored in EEPROM 56, processor 32 authenticates remote platform 28 to server 50 at base station 46, via controller 16 and transceiver 12, as part of a request for the transmission of encrypted digital audio or video data. The authentication is done using an asymmetrical algorithm such as RSA or ECC. Server 50 sends the requested encrypted digital data from base station 46 to remote platform 28. Processor 32 receives the requested encrypted digital data via transceiver 12 and controller 16, and uses flash controller 40 to store the received encrypted digital data in flash memory 38. Server 50 also sends one or more decryption keys from base station 46 to remote platform 28. Processor 32 receives the decryption key(s) via transceiver 12 and controller 16, and then stores the decryption keys in EEPROM 56. (Alternatively, coprocessor 36 encrypts the decryption key(s) and uses flash controller 40 to store the encrypted decryption key(s) in flash memory 38.) When a user wishes to play the data, the user enters the appropriate command at a user command interface (not shown) of remote platform 28, instructing processor 32, via controller 16, to retrieve and decrypt the encrypted digital data. Processor 32 then uses flash controller 40 to retrieve the encrypted digital data from flash memory 22 and then uses coprocessor 36 and the appropriate decryption keys from EEPROM 56 to decrypt the encrypted digital data. The decryption is done using a symmetrical algorithm such as DES or Rijndael. Processor 32 then decodes the resulting decrypted digital data and sends the decoded data to player 34, which transforms the decoded data to analog signals and sends the analog signals to display mechanism 24. An alternative embodiment of ASIC 30 lacks EEPROM 56. Instead, a unique key, for example a DES key, that remains the same for the lifetime of ASIC 30, is stored in ROM 52. This key is used by processor 32 and coprocessor 36 to encrypt the other keys, which then are stored in encrypted form in flash memory 38 and are retrieved from flash memory 38 and decrypted by processor 32 and coprocessor 36 as needed.
That ASIC 30 is described herein as a replacement for SIM 18 should not be interpreted as requiring that ASIC 30 have a SIM form factor. ASIC 30 may have any suitable form factor, for example a TQFP form factor, a DIP form factor, a SOP form factor or a BGA form factor. Similarly, the interface between ASIC 30 and bus 26 need not be the ISO7816 interface that is standard for SIMs, but may be any suitable interface, for example a local bus interface, a MMCA interface, a SDA interface, a USB interface or a parallel interface.
That the digital input to ASIC 30 is encrypted, whereas the output from ASIC 30 is analog rather than digital, inhibits unlicensed copying of the data. Although the analog signals emerging from ASIC 30 are in clear format, their quality is sufficiently low, relative to the input digital data, to provide a disincentive to unlicensed copying.
Furthermore, unlike the alternate prior art embodiments discussed above, there are no significant incremental costs associated with the substitution of ASIC 30 for SIM 18 and player 20. Remote platform 28 has only one integrated circuit with cryptographic capabilities, unlike the second alternate prior art embodiment which requires two integrated circuits with cryptographic capabilities. Furthermore, although the fabrication of ASIC 30 requires the integration of logic circuits and memory circuits in the same integrated circuit, so does the fabrication of SIM 18.
While the invention has been described with respect to a limited number of embodiments, it will be appreciated that many variations, modifications and other applications of the invention may be made.
| Patent | Priority | Assignee | Title |
| Patent | Priority | Assignee | Title |
| 4914697, | Feb 01 1988 | Motorola, Inc. | Cryptographic method and apparatus with electronically redefinable algorithm |
| 5267312, | Aug 06 1990 | NEC Corporation Of America | Audio signal cryptographic system |
| 5473692, | Sep 07 1994 | Parker-Hannifin Corporation | Roving software license for a hardware agent |
| 5825879, | Sep 30 1996 | Intel Corporation | System and method for copy-protecting distributed video content |
| 5956034, | Aug 13 1996 | Rovi Technologies Corporation | Method and apparatus for viewing electronic reading materials |
| 5960084, | Dec 13 1996 | HEWLETT-PACKARD DEVELOPMENT COMPANY, L P | Secure method for enabling/disabling power to a computer system following two-piece user verification |
| 6047342, | Mar 31 1998 | Apple Computer, Inc. | PC processing card for decoding operations |
| 6185737, | Jun 30 1998 | Oracle America, Inc | Method and apparatus for providing multi media network interface |
| 6212097, | Mar 25 1999 | Sony Corporation | Nonvolatile memory |
| 6212555, | Nov 16 1998 | Audio transfer, storage and playback system | |
| 6282611, | Jul 11 1990 | Hitachi, Ltd. | Digital information system, digital audio signal processor and signal converter |
| 6408390, | Oct 27 1994 | PIRACY PROTECTION LLC | Apparatus for data copyright management system |
| 6598164, | Apr 13 1998 | Western Digital Technologies, INC | Device and method for reducing piracy of digitized information |
| 6606707, | Apr 24 2000 | Panasonic Corporation | Semiconductor memory card |
| 6636773, | May 28 1999 | Matsushita Electric Industrial Co., Ltd. | Semiconductor memory card, apparatus for recording data onto the semiconductor memory card, and apparatus for reproducing data of the semiconductor memory card |
| 6687683, | Oct 16 1998 | Sovereign Peak Ventures, LLC | Production protection system dealing with contents that are digital production |
| 6732275, | Mar 23 1999 | SAMSUNG ELECTRONICS CO , LTD A CORPORATION ORGANIZED UNDER THE LAWS OF THE REPUBLIC OF KOREA | Securing encrypted files in a PC and PC peripheral environment |
| 6779115, | Feb 18 2000 | Kioba Processing, LLC | Portable device using a smart card to receive and decrypt digital data |
| 6789146, | Feb 12 1998 | Round Rock Research, LLC | Socket for receiving a single-chip video controller and circuit board containing the same |
| 6832293, | May 28 1999 | Panasonic Corporation | Audio playback apparatus and method for resuming interrupted playback recording |
| 6862582, | Oct 16 1998 | Sovereign Peak Ventures, LLC | Production protection system dealing with contents that are digital production |
| 7076432, | Apr 30 1999 | MAGNOLIA LICENSING LLC | Method and apparatus for processing digitally encoded audio data |
| 7099848, | Feb 16 1999 | Intel Corporation | Audio delivery and rendering method and apparatus |
| 7225340, | Feb 20 2001 | MAXELL, LTD | Digital copying method and storage device for digital content |
| 7363511, | Jun 29 2001 | Nokia Technologies Oy | Method for processing audiovisual information in an electronic device, a system, and an electronic device |
| 7979700, | Aug 23 2002 | SanDisk Technologies LLC | Apparatus, system and method for securing digital documents in a digital appliance |
| 9177116, | Feb 03 2004 | SanDisk Technologies LLC | Protection of digital data content |
| 20010017920, | |||
| 20010021965, | |||
| 20010021976, | |||
| 20010043798, | |||
| 20020010860, | |||
| 20020027991, | |||
| 20020057795, | |||
| 20020064283, | |||
| 20020070272, | |||
| 20020099955, | |||
| 20020147821, | |||
| 20020150248, | |||
| 20020163911, | |||
| 20020169960, | |||
| 20020176575, | |||
| 20020186842, | |||
| 20030005323, | |||
| 20030079222, | |||
| 20040030907, | |||
| 20040039932, | |||
| 20050005149, | |||
| 20050021478, | |||
| 20050050345, | |||
| 20060101288, | |||
| 20060196345, | |||
| CN1156284, | |||
| CN1315727, | |||
| CN1349646, | |||
| EP887723, | |||
| WO67258, | |||
| WO67261, | |||
| WO193000, | |||
| WO2004015740, |
| Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
| Apr 22 2009 | Sandisk IL Ltd. | (assignment on the face of the patent) | / | |||
| Nov 12 2019 | Sandisk IL Ltd | Western Digital Israel Ltd | CHANGE OF NAME SEE DOCUMENT FOR DETAILS | 053574 | /0513 |
| Date | Maintenance Fee Events |
| Date | Maintenance Schedule |
| Feb 19 2022 | 4 years fee payment window open |
| Aug 19 2022 | 6 months grace period start (w surcharge) |
| Feb 19 2023 | patent expiry (for year 4) |
| Feb 19 2025 | 2 years to revive unintentionally abandoned end. (for year 4) |
| Feb 19 2026 | 8 years fee payment window open |
| Aug 19 2026 | 6 months grace period start (w surcharge) |
| Feb 19 2027 | patent expiry (for year 8) |
| Feb 19 2029 | 2 years to revive unintentionally abandoned end. (for year 8) |
| Feb 19 2030 | 12 years fee payment window open |
| Aug 19 2030 | 6 months grace period start (w surcharge) |
| Feb 19 2031 | patent expiry (for year 12) |
| Feb 19 2033 | 2 years to revive unintentionally abandoned end. (for year 12) |