Abstract: The subject matter disclosed herein relates to a method and/or system for enabling access to media content using different digital rights management formats.

Abstract: The subject matter disclosed herein relates to a method and/or system for enabling access to media content using different digital rights management formats.

Abstract: In one aspect, there is provided a storage medium, the storage medium having a media content portion; and a plurality of digital rights management (DRM) envelopes, wherein each of the plurality of DRM envelopes corresponds to a different DRM format; wherein each of the plurality of DRM envelopes enables access to the media content portion according to its corresponding the DRM format. In another aspect, a method includes decrypting a second portion of the media content according to the secondary content access key to impart a marking in the decrypted first portion of the media content identifying the DRM format. In an additional aspect, a method includes presenting a product serial number to obtain an encryption key associated with the DRM format.

Abstract: The subject matter disclosed herein relates to a method and/or system for enabling access to media content using different digital rights management formats.

Abstract: Software intrusion is proactively detected using a dynamically evolving audit log wherein log entries are generated in the audit log and key values are evolved based upon a one-way function depending on both the previous log entry and the previous key. The audit log with the generated log entries and the final key value is transmitted to a clearinghouse that detects software intrusion by analyzing these values. In an effort to reduce the size of the log to be transmitted, the log entries are assigned identical values, thereby only needing to transmit one log entry and the last key value to the clearinghouse.

Abstract: A traitor tracing enabling system assigns sequence keys to a media player to enable better tracability with fewer actual variations in the content. The system comprises a technique for increasing a number of sequence keys, allowing a finer granularity in a traitor tracing process with little increase in sequence key storage or in bandwidth required to transmit sequence keys to a media player. The present system comprises a variation table which maps the sequence keys to the individual variations in the file, such that multiple sequence keys can be mapped to a single variation.

Abstract: A system, method, and computer program product to find coalitions of receivers who collude to produce pirated protected content, then evaluates the confidence that particular members of each identified coalition are traitors versus innocent receivers incriminated by chance. Typically, each file in a group of original files is modified to include variations of critical file segments. The group of files is then broadcast with individualized codes that enable particular authorized receivers to properly process the modified files. The modifications in a pirated version of a file can identify which traitorous receivers contributed to its piracy. Candidate coalitions of differing size are first evaluated to determine if they cover observed file variations with greater than a predetermined likelihood that an innocent coalition is falsely incriminated by chance. Individual members of satisfactory coalitions are then evaluated. Traitors may be cryptographically revoked.

Abstract: A hybrid traitor-tracing enabling system comprises an inner code and a multi-level outer code. The inner code comprises encrypted tables comprising codewords for file segment variations. One level of the multi-level outer code comprises assignments of a cluster of sequence keys to manufacturers or models of media players. Another level comprises assignments to the media players of sequence keys within the cluster. The system enables tracing of only a manufacturer or model, or a manufacturer, model, and a media player. When tracing a manufacturer or model, the system enables detection with relatively few recovered files. With additional recovered files, the media player used for piracy can be discovered. Furthermore, the present system enables detection of collusion between manufacturers or models and collusion between individual media players.

Abstract: A system, method, and computer program product to renewably prevent traitors in a broadcast encryption system from re-using compromised keys. A license agency assigns individual receivers a set of Sequence Keys preferably at manufacture, and assigns Sequence Key Blocks (SKBs) to protected content files to be distributed. The files may be distributed on prerecorded media and typically include several file modifications. The particular modifications in a pirated version of a file can help identify which traitors contributed to its theft. SKBs assigned to new files distributed after traitors have been identified cannot be usefully processed using the compromised keys employed in previous content piracy. Innocent receivers that happen to have compromised key(s) in common with traitors can use a replacement uncompromised Sequence Key from the set to usefully decrypt content. Traitors will however step through all their Sequence Keys without reaching one that will work.

Abstract: A protected content distribution system utilizes media-based copy protection to support online distribution of protected content in a secure and legitimate fashion. Using a media-based copy protection scheme based on broadcast encryption, the protected content distribution system realizes online distribution of protected content such as, for example audio files, movies, etc, authorizing consumption of unlicensed content by transfer of a unique encrypted key to the protected media. This transaction is fast, involving the transfer of an encrypted binding key rather than the protected content. Content is enabled through a unique encrypted key on protected media accessed through a device separate from the media driver.

Abstract: A recorder system contains a media key block (MKB) and selectively writes protected content into a recording medium according to the following content protection logic, to combat theft of the protected content: If the medium does not have a MKB, then the recorder writes its stored MKB into the medium and writes protected content into the medium. If the medium has a MKB that is older than the stored MKB in the recorder, then the recorder writes its stored MKB into the medium before re-encrypting and writing protected content into the medium. If the medium has a MKB that is newer than the stored MKB, then the MKB in the medium is used for content protection. The recorder may store the newer MKB in non-volatile memory, effectively updating its previous stored MKB, so the recorder will have the most recently observed MKB for content protection use.

Abstract: A method, system, and computer program product for broadcast encryption key management. The invention eliminates the need for pre-specification of a maximum number of keys that can be employed in a given broadcast encryption system by enabling an initial key to be extended by a link key. New receiver devices are modified to validate the extended keys, while older devices ignore them and process initial keys as usual. Compromised link keys can be revoked, though revocation preferably uses a unique.

Abstract: An external module loads into an entity's memory and is transformed by two functions. These are namely, the STOMP function and the UNSTOMP function. One or both of these functions is based on the actual code that is found in a legitimate version of the external module. The STOMP-UNSTOMP pair produces an external module that works differently if even a single byte of code in the external module has been changed by an attacker. The STOMP transforms the external module and makes it temporarily unusable whilst conversely, the UNSTOMP repairs the damage and makes it workable again. Thus, if the module is not authentic, the pairing between the STOMP and UNSTOMP is broken. Therefore, a patched module from a hacker remains unusable since the STOMP and UNSTOMP transformations do not produce a working external module. Because of the STOMP and UNSTOMP technique, an application is secure because if an external module is free from tampering then the application executes normally.

Abstract: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

Abstract: A title key protection system includes a title key with recordable media content; storage in a repository is not required. The title key is decrypted when needed by a clearinghouse, and then re-encrypted. The title key confers rights from the content owners to the user to play and copy the content for personal use. A user downloads encrypted content from a content repository. The user's media recording device extracts an encrypted title key from the content and obtains a media key block and media ID from the physical media on which the content will be recorded. The encrypted title key, media key block, and media ID are transmitted to a clearinghouse. The clearinghouse decrypts the title key and derives a media unique key from the media key block and media ID. The clearinghouse re-encrypts the title key with the media unique key and returns this re-encrypted title key to the media recording device for recording with the content on the physical media.

Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted.

Abstract: Enhanced multimedia content on physical media interacts with the user through a media player and the Internet. Enhanced multimedia utilizes IDs for pieces of content on the media and a media key block. On the enhanced media is a file with a list of URLs. As the enhanced media plays a section requiring a set of keys for decryption, the media player accesses the URL for that section and obtains the decryption key. The decryption key may be purchased or provided for free. Secure encryption and transmission of these keys is accomplished by broadcast encryption using a media key block. Each media has a unique set of keys that allow the media player to process the media key block; however, each media follows a unique path through the media key block. All legitimate media players obtain the media key; circumvention devices cannot decipher the media key block.

Abstract: A device removal system securely removes an item of content or a device from a content-protected home network. An authorization table maintains a list of devices in the content-protected home network in addition to removed devices. The authorization table also maintains a list of deleted content. Through management of various cryptographic keys and techniques, devices and content will not play on a content-protected home network after they have been removed. A secret network ID reduces the possibility of unauthorized playing of content on the content-protected home network. A web server may join the content-protected home network as a device, providing backup for the secret network ID. Otherwise, the device manufacturer will provide the secret network ID in case of a device failure. Storing a verification value in each device ensures integrity of critical cryptographic values. This verification value is compared to network values to ensure network values have not been corrupted.