Abstract: A new ((n)th) black box is produced for a digital rights management (DRM) system. The (n)th black box is for being installed in and for performing decryption and encryption functions in the DRM system. The (n)th black box is produced and delivered to the DRM system upon request and includes a new ((n)th) executable and a new ((n)th) key file. The (n)th key file has a new ((n)th) set of black box keys and a number of old sets of black box keys. The request includes an old ((n-1)th) key file having the old sets of black box keys. A code optimizer/randomizer receives a master executable and randomized optimization parameters as inputs and produces the (n)th executable as an output. A key manager receives the (n-1)th key file and the (n)th set of black box keys as inputs, extracts the old sets of black box keys from the (n-1)th key file, and produces the (n)th key file including the (n)th set of black box keys and the old sets of black box keys as an output.

Abstract: To encrypt a digital object, a key ID is selected for the digital object, and a function ƒ( ) having an input and an output is selected. The selected key ID is then employed as the input to the function ƒ( ), and the output of such function ƒ( ) is employed as the key (KD) for the digital object: ƒ(key ID)key (KD). The digital object is then according to such key (KD), and the encrypted digital object is distributed.

Abstract: A device renders content on a medium by obtaining a table from the medium, obtaining a device key (DK) of the device and an index value of such (DK), indexing into an entry of the table based on the obtained index value, selecting an encrypted secret from the indexed-into entry, applying the obtained device key (DK) to the selected encrypted secret to expose the secret, and applying the exposed secret to render the content.

Abstract: To render digital content encrypted according to a content key (KD) on a first device having a public key (PU1) and a corresponding private key (PR1), a digital license corresponding to the content is obtained, where the digital license includes the content key (KD) therein in an encrypted form. The encrypted content key (KD) from the digital license is decrypted to produce the content key (KD), and the public key (PU1) of the first device is obtained therefrom. The content key (KD) is then encrypted according to the public key (PU1) of the first device (PU1 (KD)), and a sub-license corresponding to and based on the obtained license is composed, where the sub-license includes (PU1 (KD)). The composed sub-license is then transferred to the first device.

Abstract: A digital content package includes encrypted digital content to be rendered in accordance with a corresponding digital license and is separate and apart from the license. The encrypted digital content is decrypt-able according to a decryption key (KD) obtained from the license. The package also includes a content/package ID that identifies one of the digital content and the package, and license acquisition information including a location of a license provider for providing the license.

Abstract: Methods and systems are provided for authenticating component(s) in connection with the use of a trusted graphics system. Techniques are provided for authenticating a graphics card in connection with a system that cryptographically secures content routed through a graphics pipeline, such that an application or device can indicate to the trusted graphics platform that the application or device is a trusted user of the trusted graphics platform, and such that the graphics platform can communicate to the trusted application or device that the graphics platform may be trusted by the application or device.

Abstract: A method of controlling information exposure in a multiparty transaction includes an originating transaction participant cryptographically encoding all information for each of the transaction participants such that a unique data content and encryption are used for each of the messages destined to the other transaction participants. The cryptographically encoded messages are transmitted to the transaction participants such that each may decrypt their message and respond to a primary transaction participant with status concerning their portion of the transaction. After reception of affirmative status messages from the transaction participants, the primary transaction participant may transmit messages to the responding transaction participants to execute the multiparty transaction. The originating transaction participant may also be provided an indication that the multiparty transaction is executed.

Abstract: Digital content is released to a rendering application for forwarding by such rendering application to an ultimate destination by way of a path therebetween. The path is defined by at least one module, and the digital content is initially in an encrypted form. An authentication of at least a portion of the path is performed to determine whether each defining module thereof is to be trusted to appropriately handle the digital content passing therethrough. The encrypted digital content is decrypted if in fact each such defining module is to be trusted, and the decrypted digital content is forwarded to the rendering application for further forwarding to the ultimate destination by way of the authenticated path.

Abstract: Digital content is released to a rendering application for forwarding by such rendering application to an ultimate destination by way of a path therebetween. The path is defined by at least one module, and the digital content is initially in an encrypted form. An authentication of at least a portion of the path is performed to determine whether each defining module thereof is to be trusted to appropriately handle the digital content passing therethrough. The encrypted digital content is decrypted if in fact each such defining module is to be trusted, and the decrypted digital content is forwarded to the rendering application for further forwarding to the ultimate destination by way of the authenticated path.

Abstract: A new ((n)th) black box is produced for a digital rights management (DRM) system. The (n)th black box is for being installed in and for performing decryption and encryption functions in the DRM system. The (n)th black box is produced and delivered to the DRM system upon request and includes a new ((n)th) executable and a new ((n)th) key file. The (n)th key file has a new ((n)th) set of black box keys and a number of old sets of black box keys. The request includes an old ((n?1)th) key file having the old sets of black box keys. A code optimizer/randomizer receives a master executable and randomized optimization parameters as inputs and produces the (n)th executable as an output. A key manager receives the (n?1)th key file and the (n)th set of black box keys as inputs, extracts the old sets of black box keys from the (n?1)th key file, and produces the (n)th key file including the (n)th set of black box keys and the old sets of black box keys as an output.

Abstract: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

Abstract: A secure processor is operable in normal and preferred modes, and includes a security kernel instantiated when the processor enters into preferred mode and a security key accessible by the security kernel during preferred mode. The security kernel employs the accessed security key to authenticate a secure application, and allows the processor to be trusted to keep hidden a secret of the application. To instantiate the application, the processor enters preferred mode where the security key is accessible, and instantiates and runs the security kernel. The security kernel accesses the security key and applies same to decrypt a key for the application, stores the decrypted key in a location where the application will expect same, and instantiates the application. The processor then enters the normal mode, where the security key is not accessible.

Abstract: A trusted data store is provided for use with a trusted element of a trusted operating system on a computing machine. In the trusted data store, a storage medium stores data in a pre-determined arrangement, where the data includes trusted data from the trusted element of the trusted operating system on the computing machine. An access controller writes data to and reads data from the storage medium, and a trust controller is interposed between the computing machine and the access controller. The trust controller allows only the trusted element to perform operations on the trusted data thereof on the storage medium.

Abstract: A device for securely recording protected content to a portable memory, and for reading the protected content therefrom. The device includes a feature that makes it adapted to read or write specially-configured portable memories that are incompatible with standard read/write devices. For example, the device may be designed to work with memories having an unusual shape or size, or may manipulate the data in a non-standard way before storing it on the memory. The read/write devices are trusted components that will only handle the protected content in accordance with rules governing the content. The feature included in the device is preferably a proprietary and/or hardware feature, so that counterfeit devices incorporating the feature cannot be built without overcoming economic and/or legal hurdles.

Abstract: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

Abstract: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

Abstract: Break-Once, Run-everywhere (BORE) resistant software configurations and digital goods and content distribution methods and arrangements are provided for use in computer systems and networks. An initial digital good is selectively divided into at least two portions. The first portion is provided to a destination computer, for example, via a CD ROM, floppy disk, or pre-loaded on a hard disk drive. The second portion is operatively modified within a source computer based on unique data associated with the destination computer. The modified second portion is then provided to the destination computer, for example, over a network, along with a key that can be used to operatively modify the first portion to be compatible with the modified second portion.

Abstract: Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.

Abstract: Secure communication between a keyboard and a component, such as a piece of software running on a computer. A first initial value is known to both the keyboard and the component. The keyboard and the component exchange nonces. The keyboard and the component each compute a second initial value and a third initial value based on the nonces and the first initial value. Both the keyboard and the component perform the same computation, so that the keyboard and the component each have the same second and third initial values. The keyboard encrypts keystrokes destined for the component using CBC-3DES based on the key and the second initial value, and also creates a message authentication code for each keystroke using CBC-3DESMAC based on the key and the third initial value. The component decrypts and verifies the keystrokes using the key and the second and third initial values.

Abstract: Encrypted compressed content is produced by encrypting content based at least in part on a content key, and compressing the content based at least in part on the content key. Thus, the content key is employed to encrypt the content and also to compress the content. Similarly, decrypted decompressed content is produced from the encrypted compressed content by decrypting the content based at least in part on a content key, and decompressing the content based at least in part on the content key. Thus, the content key is employed to decrypt the content and also to decompress the content.