Abstract: The present invention provides for the protection of and ability to upgrade to new formats of digital content by providing consumers of the digital content the capability of purchasing content insurance on digital content they consume. By purchasing insurance on content, at a later time consumers are able to return to the content distribution channels and re-obtain the previously purchased content in the same, or new format as the original purchased.

Abstract: A method for accessing a storage device, the method includes: receiving, by storage device, a block based storage access command and cryptographically secured access control information; wherein the block based storage access command and the cryptographically secured access control information are associated with at least one fixed size block of data and with a client; processing at least a portion of the cryptographically secured access control information by using a secret key accessible to the storage device and to a security entity; and selectively executing the block based storage access command in response to a result of the processing.

Abstract: A method for use of a physical data storage medium, the method including receiving a first read request for data stored in any of a plurality of storage sub-units on a physical data storage medium, and decrypting the requested data if an indicator associated with the requested data storage sub-unit indicates that data in the requested storage sub-unit is encrypted.

Abstract: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

Abstract: A method for tracing traitor receivers in a broadcast encryption system. The method includes using a false key to encode plural subsets representing receivers in the system. The subsets are derived from a tree using a Subset-Cover system, and the traitor receiver is associated with one or more compromised keys that have been obtained by a potentially cloned pirate receiver. Using a clone of the pirate receiver, the identity of the traitor receiver is determined, or the pirate receiver clones are rendered useless for decrypting data using the compromised key by generating an appropriate set of subsets.

Abstract: A method for providing a proactive security in proactive operating environment. The proactive operating environment includes a group of proactive servers communicating over a network. Each proactive server (PSI) includes a storage that includes a non erasable part that stores a public, non proactive related, key VIStart. The storage further includes an erasable part for storing private and public data. The proactive server has a discardable one-time private key SIStart that corresponds to the public key VIStart. The proactive server further has configuration data C. There is further provided a processor for providing a proactive services to applications. The proactive server has a group public proactive key VCERT common to the group of proactive servers and a share SICERT of a corresponding private proactive key SCERT.

Abstract: An encryption key matrix has rows grouped into segments, with a set of one segment per column establishing a slot. Slots are assigned to device manufacturers, with the keys of the slots then being assigned to decryption devices made by the respective manufacturer. In generating the slots, the number “q” of segments in a column is first defined such that a predetermined maximum number of devices can be revoked devices (in that all the keys held by the device are revoked) while ensuring that a good device remains a functional device with a probability of at least (1?Q), wherein Q is a predefined device confidence. Once the number “q” of segments has been defined, the slots themselves are defined in a provably non-discriminatory fashion using an error-correcting code such as a Reed-Solomon code.

Abstract: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

Abstract: Sets of encryption keys useful by devices for decrypting encrypted content are defined using an error-correcting code such as a Reed-Solomon code to define vectors of length “n” over an alphabet of (0, . . . , N?1), wherein “n” is the number of columns in a key matrix and “N” is the number of rows in the matrix. Each vector represents a set of keys that can be assigned to a device. With this invention, overlap between sets of keys can be minimized to minimize the possibility that the key set of an innocent device might be inadvertently revoked when the key set of a compromised device is revoked. Also, only the generating matrix of the error-correcting code and the index of one set of keys need be stored in memory, since all previously defined key sets can be regenerated if need be from just the generating matrix and index.

Abstract: A system for protecting content on recordable media for, e.g., DVD audio disks, flash memory media, or other media includes providing a media key block (MKB) on each media, with each MKB including 25,000 encryptions of a media key by 25,000 or so device keys. Each authorized player in the system has a single device key from among the system device keys with which to decrypt the media key. To avoid a coincidence attack in which a hacker can learn the MKB and associated media key and then guess at a device key without knowing its position in the MKB, the media key is XORed with a number representing each position in the MKB, and only then encrypted with the device key corresponding to that position.

Abstract: A system, method, business method, and computer program product for conducting electronic transactions with a potentially untrusted server while maintaining user anonymity and transaction privacy, yet allowing the server to verify the user is a valid subscriber entitled to participate in the transaction. Anonymous service requests are sent to the server. The server transmits responses that have been encrypted such that only valid subscribers can decrypt them. Broadcast encryption schemes that enable selective revocation of misbehaving subscribers will tip off requestors that the server is trying to identify them. Transaction and content quantity can be monitored for usage-based billing while maintaining anonymity. Each content item may be uniquely encrypted with a content key that is then encrypted by a session key and included in encrypted form with a response, to reduce the computational workload.

Abstract: The present invention provides a method, system and program product for modifying content usage conditions during broadcast content distribution. Specifically, the present invention allows protected (e.g., encrypted, secured, etc.) content to be received along with content usage conditions, an encrypted combination of the content usage conditions and a title key (e.g., a MAC), and a key management block. Using the key management block, a key encrypting key can be determined for decrypting the combination. Once the combination is decrypted, the content usage conditions can be modified (e.g., edited, added to, etc.).

Abstract: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

Abstract: A method for tracing traitor receivers in a broadcast encryption system. The method includes using a false key to encode plural subsets representing receivers in the system. The subsets are derived from a tree using a Subset-Cover system, and the traitor receiver is associated with one or more compromised keys that have been obtained by a potentially cloned pirate receiver. Using a clone of the pirate receiver, the identity of the traitor receiver is determined, or the pirate receiver clones are rendered useless for decrypting data using the compromised key by generating an appropriate set of subsets.

Abstract: An encryption key matrix has rows grouped into segments, with a set of one segment per column establishing a slot. Slots are assigned to device manufacturers, with the keys of the slots then being assigned to decryption devices made by the respective manufacturer. In generating the slots, the number “q” of segments in a column is first defined such that a predetermined maximum number of devices can be revoked devices (in that all the keys held by the device are revoked) while ensuring that a good device remains a functional device with a probability of at least (1−Q), wherein Q is a predefined device confidence. Once the number “q” of segments has been defined, the slots themselves are defined in a provably non-discriminatory fashion using an error-correcting code such as a Reed-Solomon code.

Abstract: Sets of encryption keys useful by devices for decrypting encrypted content are defined using an error-correcting code such as a Reed-Solomon code to define vectors of length “n” over an alphabet of (0, . . . , N−1), wherein “n” is the number of columns in a key matrix and “N” is the number of rows in the matrix. Each vector represents a set of keys that can be assigned to a device. With this invention, overlap between sets of keys can be minimized to minimize the possibility that the key set of an innocent device might be inadvertently revoked when the key set of a compromised device is revoked. Also, only the generating matrix of the error-correcting code and the index of one set of keys need be stored in memory, since all previously defined key sets can be regenerated if need be from just the generating matrix and index.

Abstract: A method for enforcing compliance in both the copy protect domain and service subscription domain for streamed multicast data. Each content is encrypted with a title key that itself is encrypted with a channel unique key which is a hash of a session key and a channel key. A compliant player is given the channel key upon registration for a subscription service (representing subscription protection) and is also given device keys upon activation (representing copy protection) for decrypting the session key. Consequently, the channel unique key can be obtained (and, hence, the content decrypted) only by a player that is compliant with both copy protection rules and subscription rules. The channel key can be refreshed periodically as subscriptions change or expire.

Abstract: The present invention provides for the protection of and ability to upgrade to new formats of digital content by providing consumers of the digital content the capability of purchasing content insurance on digital content they consume. By purchasing insurance on content, at a later time consumers are able to return to the content distribution channels and re-obtain the previously purchased content in the same, or new format as the original purchased.