Abstract: Method and apparatus enabled by computer (or equivalent) hardware and software for protection of content such as audio and video to be downloaded or streamed over a computer network such as the Internet. The content is provided to the user via streaming or downloads in encrypted form. The encryption is such that the content key decryption information is transmitted so that it itself is encrypted to be both device and session unique. That is, the key information can be used only to extract the content decryption key for a particular session and for a particular client device such as an audio or video consumer playing device. This prevents any further use or copying of the content other than in that session and for that particular client. The specificity is accomplished by using a device unique identifier and antireplay information which is session specific for encrypting the content key. A typical application is Internet streaming of audio or video to consumers.

Abstract: The invention relates to a method for the secure deposition of data, according to which a depositor encrypts the data with a transfer key and encrypts the transfer key with a key of a third party, then deposits the encrypted data and the encrypted transfer key on a storage support. The invention also relates to a method for recovering data, during which an addressee of the data recovers the content of the storage support, authenticates him/herself to the third party, and transmits the encrypted transfer key thereto. After having authenticated the addressee, the third party returns the decrypted transfer key. The addressee can then recover the data. The invention further relates to devices for implementing the foregoing methods.

Abstract: An asymmetrical cryptographic method applied to a message M includes a private operation of signing or decrypting the message M to obtain a signed or decrypted message s. The private operation is based on at least one modular exponentiation EM in the form EM=MA mod B, A and B being respectively the exponent and the modular exponentiation EM. The private operation includes the following steps: calculating an intermediate module B*, an intermediate message M* and an intermediate exponent A*, based on B, M and/or A; the intermediate module B* being deterministically calculated and the intermediate message M* being randomly calculated; calculating an intermediate modular exponentiation EM*=MA mod B*; and calculating the signed or decrypted message s based on the intermediate modular exponentiation EM*. An electronic component for implementing the cryptographic method is also disclosed.

Abstract: Some embodiments of the invention provide a content-distribution system for distributing content under a variety of different basis. For instance, in some embodiments, the content-distribution system distributes device-restricted content and device-unrestricted content. Device-restricted content is content that can only be played on devices that the system associates with the particular user. Device-unrestricted content is content that can be played on any device without any restrictions. However, for at least one operation or service other than playback, device-unrestricted content has to be authenticated before this operation or service can be performed on the content. In some embodiments, the system facilitates this authentication by specifying a verification parameter for a piece of device-unrestricted content.