Abstract: A system and method includes timing parameters within a node-verification protocol, such as OCPS, to facilitate a determination of the proximity of a target node to a source node. The node-verification protocol includes a query-response sequence, wherein the source node communicates a query to the target node, and the target node communicates a corresponding response to the source node. The source node establishes a lower bound on the distance between the source node and the target node based on a measure of the time required to effect this query-response sequence. The time required to effect this sequence includes the time required to communicate the query and response, as well as the time required to process the query and generate the response. The target node includes a measure of the time required to process the query and generate the response to the source node. The source node subtracts this time from the total query-response time to determine the time consumed for the communication.

Abstract: A system and method determines the proximity of the target node to the source node from the time required to communicate messages within the node-verification protocol. The node-verification protocol includes a query-response sequence, wherein the source node communicates a query to the target node, and the target node communicates a corresponding response to the source node. The target node is configured to communicate two responses to the query: a first response that is transmitted immediately upon receipt of the query, and a second response based on the contents of the query. The communication time is determined based on the time duration between the transmission of the query and receipt of the first response at the source node and the second response is compared for correspondence to the query, to verify the authenticity of the target node.

Abstract: Authentication information (125) obtained by a device (100) at one level of a transformation sequence is securely communicated to another device (200) at another level of the transformation sequence. To assure that the communicated authentication information (125) is not merely a copy of previously communicated authentication information, each communication (145) includes an item (255) that the receiving device (200) can verify as having been recently generated.

Abstract: A system and method determines the proximity of the target node to the source node from the time required to communicate messages within the node-verification protocol. The node-verification protocol includes a query-response sequence, wherein the source node communicates a query to the target node, and the target node communicates a corresponding response to the source node. The target node is configured to communicate two responses to the query: a first response that is transmitted immediately upon receipt of the query, and a second response based on the contents of the query. The communication time is determined based on the time duration between the transmission of the query and receipt of the first response at the source node and the second response is compared for correspondence to the query, to verify the authenticity of the target node.

Abstract: A system and method determines the proximity of the target node to the source node from the time required to communicate messages within the node-verification protocol. The node-verification protocol includes a query-response sequence, wherein the source node communicates a query to the target node, and the target node communicates a corresponding response to the source node. The target node is configured to communicate two responses to the query: a first response that is transmitted immediately upon receipt of the query, and a second response based on the contents of the query. The communication time is determined based on the time duration between the transmission of the query and receipt of the first response at the source node and the second response is compared for correspondence to the query, to verify the authenticity of the target node.

Abstract: Data items are selected for inclusion in a data set so as to discourage a transmission of the entire set. Each data item includes section(s) which constitute(s) the complete data set. Each section contains a watermark that includes an identifier of the section, and an identifier of the data set. The identifier of the section may be the address of the section, and the identifier of the data set may be the serial number and an indicator of the total size of the data set. The presence of the data set is confirmed by checking the watermarks of randomly selected sections to verify that the original section that formed the data set is present. If a section is discovered to be missing or altered, subsequent processing of data items of the data set is prevented. The identifiers may be stored as a combination of robust and fragile watermarks.

Abstract: A system and method to protect content material enforce copy protection by establishing a secure link (130-230) between two components (100, 200) that process the protected content material in different forms. This secure link (130-230) is used to communicate security information derived at a first component material from a source (101) to a second component (200) that derives corresponding security information from the material in a transformed form. If the security information from both components is not consistent, the second component (200) prevents subsequent rendering of the content material.

Abstract: Authentication information (125) obtained by a device (100) at one level of a transformation sequence is securely communicated to another device (200) at another level of the transformation sequence. To assure that the communicated authentication information (125) is not merely a copy of previously communicated authentication information, each communication (145) includes an item (255) that the receiving device (200) can verify as having been recently generated.

Abstract: A number of data items are selected for inclusion in a data set so as to discourage a transmission of the entire set over a limited bandwidth communications path, such as the Internet. Each data item comprises one or more sections, and the totality of sections constitute the complete data set. Each section of the data set contains a watermark that includes an identifier of the section, and an identifier of the data set. In a preferred embodiment, the identifier of the section is the address of the section, and the identifier of the data set is a serial number and an indicator of the total size of the data set. The presence of the data set is confirmed by checking the watermarks of randomly selected sections to verify that the original section that formed the data set is present. If a section is discovered to be missing or altered, subsequent processing of data items of the data set is prevented. In a preferred embodiment, the identifiers are stored as a combination of robust and fragile watermarks.

Abstract: A memory element is provided in the recording medium that is readable but not writeable by external devices, and whose content changes each time select material is recorded onto the medium. The content of this memory element forms a unique encryption key for encrypting the content encryption key. This encrypted content encryption key is further encrypted using a public key that corresponds to a private key of the intended rendering device. Although the unique encryption key is determinable by reading and processing the content of the externally read-only memory element, the decryption of the content encryption key requires both the unique encryption key and the private key of the intended rendering device.

Abstract: A watermark is encoded redundantly so as to provide effective copy protection. To assure a reliable detection of the watermark in the presence of a potentially faulty watermark detection process, some or all of the watermark is redundantly encoded. The number of redundant encodings of the watermark is selected so that upon modification of the watermarked material, sufficient redundancy exists so that the material can be identified as watermarked material, and the number of detected copies of the watermark is used to detect the modification. Statistical processes are employed to determine the presence or absence of the watermarks in the presence of a potentially faulty watermark detection process.

Abstract: In a limited-copy protection scheme, a check-out/check-in system is configured to a) verify that the receiving device is a certified conforming device, and b) verify that the device that checks-in content material is the same device that checked-out the content material. The verification of the receiving device is effected via a conventional certification process. The verification that the same device is used for check-in and check-out is effected via a secure challenge-response protocol. As contrast to a conventional contemporaneous challenge-response protocol, the system provides a challenge that is specific to the receiving device when the content material is checked-out, and verifies the appropriate response when the content material is checked-in. Because the challenge-response is specific to the receiving device, only the device that receives the challenge when the content material is checked-out can provide the appropriate response when the content material is checked-in.

Abstract: A method and apparatus are disclosed for generating random numbers using the meta-stable behavior of flip-flops. A flip-flop is clocked with an input that deliberately violates the setup or hold times (or both) of the flip-flop to ensure meta-stable behavior. When a meta-stable event is detected, an output bit is provided as a random bit. An even random number distribution is obtained by “marking” half of the zeroes input to the flip-flop as “ones” and the other half of the zeroes as “zeroes.” In addition, half of the ones are marked as “ones” and the other half of the ones are marked as “zeroes.” The marking signal is uncorrelated to any noise to a high probability using a linear feedback shift register.

Abstract: A truly random sequence of bits is transmitted from a transmitter, such that a receiver can receive and store a portion of the transmission for the duration of time that the receiver is within range of the transmitter. Thereafter, the stored sequence in the receiver is compared to a stored copy of the continuous transmission to determine the time that the stored sequence was transmitted. If the sequence of bits is truly random, the security of the system is assured.

Abstract: The communications means that are commonly provided for the remote control of electronic components are utilized to effect an exchange of parameters to facilitate a cryptographic key exchange. The bidirectional remote control transceivers, typically infrared transceivers, that are commonly used to communicate commands from the remote control device and to communicate feedback to the remote control device are configured to communicate parameters between a pair of consumer devices that are controllable by the remote control device. In a preferred embodiment of this invention the remote control device contains the control means to effect the transfer of these parameters between the consumer devices.

Abstract: A number of data items are selected for inclusion in a data set so as to discourage a transmission of the entire set over a limited bandwidth communications path, such as the Internet. The data set includes an entirety parameter that is used to determine whether the entirety of the data set is present. In a preferred embodiment, the entirety parameter is a hash value that is based on watermarks of each data item. When presented for rendering, the watermarks of the data items in the presented material are read and a hash value based on the presented watermarks is computed. A mis-match between the computed hash value and the entirety hash value contained in the data set indicates that less than the entirety of the data set is being presented, and the rendering is prohibited.

Abstract: Methods and apparatus for attacking a screening algorithm. The methods include the steps of marking content to be downloaded, inserting at least one section of legitimate content into the marked content, and subjecting the content to a screening algorithm. The screening algorithm may include the steps of determining a number of segments that are included within the content, selecting at least two segments within the content, screening the two segments to determine whether the two segments verify correctly through the screening algorithm, and downloading the content when it is determined that the two segments verify correctly through the screening algorithm. Once the content has been successfully downloaded, the integrity of the downloaded content may be restored by removing the legitimate content that was previously inserted into the downloaded content.

Abstract: A copy protection system for protecting content wherein a ticket and a watermark are created, utilizing a first time reference (TD) and a one-way function, to indicate the copy protection status of the content. A source device produces the ticket and watermark using a first time reference and a hashing function. The source device provides a data stream containing the content, the ticket, the watermark, and the first time reference (TD) to the receiver device. The receiver device determines if the first time reference (TD) is contained within a time window determined by a second time reference. When, the first time reference (TD) is contained within the time window, the receiver compares the ticket to the watermark using the first time reference (TD) and the one-way function, and based on the comparison, produces a signal indicating the copy protection status of the content.

Abstract: The private and public keys of users, as encrypted with a symmetric algorithm by using individual user identifying keys are stored at a network server, indexed or addressable by user ID, and are sent to the user equipment only when needed. The user identifying keys are determined by hashing the users' respective passphrases or biometric information. After use, the private key and user identifying key are not retained at the user equipment. The encrypted private key is transmitted via the network to the user equipment along with a document to be approved by the user (in the case where the private key is used for digital signature) and, at the user equipment, the received encrypted private key is decrypted using a key determined at the user equipment by hashing either the user's passphrase, which is entered by the user, or the user's biometric information which is obtained by measurement or scanning the user.

Abstract: A sufficient number of data items are selected for inclusion in a data set so as to discourage a transmission of the entire set over a limited bandwidth communications path, such as the Internet. Each data item comprises one or more sections, which taken together constitute the complete data set. Each section of the data set is linked to another section of the data set, and each section's link is bound to the section via the use of one or more watermarks. Upon presentation of material for rendering, the presence of the entirety of the data set is verified by ascertaining the presence of linked-to sections. For further security, the links between sections is formed by a random selection of each linked-to section. To verify that each linked-to section corresponds to the original section that was linked-to, each link contains an identifier of the linked-to section that can be used to determine that a retrieval of a linked-to section corresponds to the originally assigned linked-to section.