Abstract: A method, apparatus, and system for proactive forced renewal of content protection implementations in devices. The method includes, on a first substantially periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation; wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and wherein the new content protection implementation comprises a new key to supersede the existing key for facilitating presentation of protected content. On a second substantially periodic basis, the method includes automatically pushing revocation data to the device, the revocation data to identify a plurality of revoked keys, each revoked key of the plurality of revoked keys comprising a key that has been superseded by the new key of the new content protection implementation.

Abstract: A method, apparatus, and system for proactive forced renewal of content protection implementations in devices. The method includes, on a first substantially periodic basis, automatically pushing a new content protection implementation to a device that contains an existing content protection implementation; wherein the existing content protection implementation comprises (a) existing software for presenting protected content and (b) an existing key to facilitate presentation of protected content; and wherein the new content protection implementation comprises a new key to supersede the existing key for facilitating presentation of protected content. On a second substantially periodic basis, the method includes automatically pushing revocation data to the device, the revocation data to identify a plurality of revoked keys, each revoked key of the plurality of revoked keys comprising a key that has been superseded by the new key of the new content protection implementation.

Abstract: A system for proactive forced renewal of content protection implementations in devices includes a key generation facility to generate and allocate keys for the devices, and to generate revocation data corresponding to revoked keys in response to at least one of a security compromise and on a periodic basis independent of a security compromise; and a device manufacturer to receive the keys from the key generation facility, to embed the keys in content protection implementations for the devices, to distribute the devices, and to renew the content protection implementations in devices after the devices are distributed, in response to at least one of a security compromise and on a periodic basis independent of a security compromise.

Abstract: Protected content distribution is accomplished by a first entity generating a set of asymmetric key pairs, creating a plurality of sets of private keys by selecting a combination of private keys from the set of asymmetric key pairs for each created set, and distributing the sets of private keys to playback devices. A second entity produces protected content including encrypted content and a public key media key block, encrypts a symmetric content key with each public key in the set of asymmetric key pairs to form the public key media key block and encrypts a content title with the symmetric content key to form the encrypted content. A playback device stores one set of private keys, receives the protected content, and decrypts and plays the content title stored in the protected content when a selected one of the set of private keys stored by the playback device successfully decrypts the encrypted symmetric content key stored in the public key media key block of the received protected content.

Abstract: In one aspect of the invention is a method for discouraging unauthorized redistribution of protected content. Content is bound to a customer I.D. associated with a customer requesting the content, such that the customer I.D. is needed to access the content.

Abstract: A system for proactive forced renewal of content protection implementations in devices includes a key generation facility to generate and allocate keys for the devices, and to generate revocation data corresponding to revoked keys in response to at least one of a security compromise and on a periodic basis independent of a security compromise; and a device manufacturer to receive the keys from the key generation facility, to embed the keys in content protection implementations for the devices, to distribute the devices, and to renew the content protection implementations in devices after the devices are distributed, in response to at least one of a security compromise and on a periodic basis independent of a security compromise.

Abstract: A system for proactive forced renewal of content protection implementations in devices includes a key generation facility to generate and allocate keys for the devices, and to generate revocation data corresponding to revoked keys in response to at least one of a security compromise and on a periodic basis independent of a security compromise; and a device manufacturer to receive the keys from the key generation facility, to embed the keys in content protection implementations for the devices, to distribute the devices, and to renew the content protection implementations in devices after the devices are distributed, in response to at least one of a security compromise and on a periodic basis independent of a security compromise.

Abstract: Protected content distribution is accomplished by a first entity generating a set of asymmetric key pairs, creating a plurality of sets of private keys by selecting a combination of private keys from the set of asymmetric key pairs for each created set, and distributing the sets of private keys to playback devices. A second entity produces protected content including encrypted content and a public key media key block, encrypts a symmetric content key with each public key in the set of asymmetric key pairs to form the public key media key block and encrypts a content title with the symmetric content key to form the encrypted content. A playback device stores one set of private keys, receives the protected content, and decrypts and plays the content title stored in the protected content when a selected one of the set of private keys stored by the playback device successfully decrypts the encrypted symmetric content key stored in the public key media key block of the received protected content.

Abstract: Detection of watermarks in digital content by a system having a recording device and a playback device may be accomplished in such as a way as to improve the interoperability of the recording and playback devices. In one embodiment, a recording device having a first watermark detection component of a first sensitivity for detecting the watermark in digital content, interoperates with a playback device having a second watermark detection component of a second sensitivity for detecting the watermark in a digital content recording made by the recording device; such that the first sensitivity is more sensitive than the second sensitivity.

Abstract: A method and apparatus to protect unencrypted content or data in a storage media from prohibited use or reproduction by encrypting unprotected content before it is transmitted to another device or software application. A compliant device or software application is capable of decrypting the content, detecting any watermark within the content, and accessing or processing the content according to the restrictions associated with the detected watermark. Non-compliant devices or software are prevented from accessing or processing the content since they are unable to decrypt it.

Abstract: The present invention includes a method, system and apparatus for storing, distributing, and protecting content from unauthorized access. The media includes a writeable area, a read only area and the content stored on the writeable area. A first media validation data containing an encrypted preselected value is stored on the read only area.

Abstract: A method and apparatus to format and process a Media Key Block so as to reduce latencies when processing the Media Key Block. A new record is generated containing header information for the records comprising the Media Key Block. This new record is read just once and allows a device to skip seeking and reading each record header individually. In addition, the records are adjusted so that individual records or individual fields within a record always fit within a single transfer unit.

Abstract: In one aspect of the invention is a method for preventing unauthorized copies of a medium, such as a DVD, from being played by a compliant device by using the validation area (VA) region of a medium to validate keying material. A compliant device is a device that will validate keying material. In one embodiment of the invention, a compliant device validates keying material by using the value in the VA region of the medium. In alternative embodiments, a compliant device will validate keying material by checking correspondence between keying material written to a non-VA region of a medium and validation data written to a VA region of a medium. In the alternative embodiments, if the keying material does not correspond to the validation data, then a compliant device will prevent the contents of the medium from being played.

Abstract: A system and method relating to the production and rendering of pre-recorded audiovisual titles, such as movies or other programs sold on digital versatile discs (DVDs), or other digital storage mediums. In at least one embodiment, the present invention is intended to thwart unauthorized mass distribution of titles. Embodiments of the invention may be used to identify the replicator of any given pre-recorded title, to prevent rendering of a title for which the replicator which produced the title is not identified or not licensed, or where the contents of the title have been tampered with, and to revoke rendering by a player device of one or more unauthorized titles originating from a given replicator.

Abstract: Protected content distribution is accomplished by a first entity generating a set of asymmetric key pairs, creating a plurality of sets of private keys by selecting a combination of private keys from the set of asymmetric key pairs for each created set, and distributing the sets of private keys to playback devices. A second entity produces protected content including encrypted content and a public key media key block, encrypts a symmetric content key with each public key in the set of asymmetric key pairs to form the public key media key block and encrypts a content title with the symmetric content key to form the encrypted content. A playback device stores one set of private keys, receives the protected content, and decrypts and plays the content title stored in the protected content when a selected one of the set of private keys stored by the playback device successfully decrypts the encrypted symmetric content key stored in the public key media key block of the received protected content.

Abstract: A method for verifying the integrity of a media key block (MKB) by storing validation data in a validation area of a medium, such as a DVD-R or a DVD-RW. In one embodiment, validation data comprises a hash function on a media key block. In another embodiment, validation data comprises the Verification Data field of an MKB's Verify Media Key Record.

Abstract: Protection of content by deterring unauthorized redistribution may be accomplished by at least one of three methods in a consumer modulator device. A first method protects content from unauthorized redistribution by other devices in a content protection system by verifying authenticity of a validated flag, the validated flag being at least a portion of the content, and by removing the validated flag when the validated flag is not authentic. A second method protects content from unauthorized redistribution by other devices by checking whether the content includes a broadcast flag, the broadcast flag being at least a portion of the content, and by removing the broadcast flag from the content when the broadcast flag is detected in the content.

Abstract: A method and apparatus are described for a one-way broadcast distribution of keys for decrypting encrypted broadcast content. According to one embodiment of the present invention, a method and apparatus are described for generating a list of update keys on a content provider system based on a table of secret keys associated with a plurality of content receivers. The list of update keys is generated in a manner to allow valid receivers to recover a valid content key while invalid receivers recover an invalid content key. The list of update keys are used to generate a multiple nested list of decryption patterns that is broadcast to all receivers. The receivers then recover an appropriate set of update keys for each receiver from the multiple nested list of decryption patterns so that the final key recovered in the set of update keys is a content key.

Abstract: In one aspect of the invention is a method for a multi-level, and multi-dimensional scheme of content protection. Content having one or more attributes is encrypted using separate keys for each level of protection, where each level corresponds to an assurance of protection for each attribute. The content may be distributed to a number of environments having different levels of protection by transmitting a base key commensurate with the environment's subscription level. The base key may then be used generate lower level keys for accessing content at a level of protection less than or equal to that subscribed to.

Abstract: In one aspect of the invention is a method for discouraging unauthorized redistribution of protected content. Content is bound to a customer I.D. associated with a customer requesting the content, such that the customer I.D. is needed to access the content.