Communication method integrated with trusted measurement and apparatus
US-2024357360-A1 · Oct 24, 2024 · US
Authenticated communication between security devices
US9282106B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9282106-B2 |
| Application number | US-38971809-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 20, 2009 |
| Priority date | Feb 20, 2009 |
| Publication date | Mar 8, 2016 |
| Grant date | Mar 8, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Apparatuses, computer readable media, and methods establishing and maintaining trust between security devices for distributing media content are provided. Two security devices bind to establish an initial trust so that security information can be exchanged. Subsequently, trust is refreshed to verify the source of a message is valid. In an embodiment, the security devices may comprise a security processor and a system on a chip (SoC) in a downloadable conditional access system. Trust may be refreshed by a security device inserting authentication information in a message to another security device, where authentication information may assume different forms, including a digital signature (asymmetric key) or a hash message authentication code (HMAC). Trust may also be refreshed by extracting header information from the message, determining state information from at least one parameter contained in the header information, and acting on message content only when the state information is valid.
First claim
Opening claim text (preview).
We claim: 1. A method comprising: refreshing an initial trust between a first computing device and a second computing device to maintain trust between the first computing device and the second computing device by the first computing device performing at least the following: receiving, from a trusted authority, an encrypted device-specific non-repeating authenticator associated with the second computing device, wherein the encrypted device-specific non-repeating authenticator is encrypted for decryption by the second computing device; signing a first message with a first key, the first message comprising the encrypted device-specific non-repeating authenticator, a first header parameter comprising a first order sequence rule for the first message and for subsequent messages between the first computing device and the second computing device, and a second header parameter comprising a message order sequence rule for the first message and for the subsequent messages between the first computing device and the second computing device; sending the first message to the second computing device via a secure communication channel between the first computing device and the second computing device; and validating a second message from the second computing device based on the first order sequence rule, the message order sequence rule, and a second key. 2. The method of claim 1 , wherein the second message comprises a second device-specific non-repeating authenticator for the first computing device from the trusted authority, and wherein the refreshing comprises: authenticating the encrypted device-specific non-repeating authenticator to verify that the second message was sent from an authorized device; and acting on message content of the second message if the second message has been successfully authenticated. 3. The method of claim 1 , wherein validating the second message using the second key comprises: verifying that a hash message authentication code (HMAC) value contained in the second message is valid. 4. The method of claim 1 , wherein the refreshing comprises: extracting header information from the second message; determining state information comprising the second header parameter based on the header information; determining whether the state information is valid based on whether the second message is in sequence with a previously-received message from the second computing device based on the message order sequence rule; and acting on content of the second message if the state information is valid. 5. The method of claim 1 , wherein the refreshing comprises: authenticating the second computing device based on a unique secret validated by the trusted authority. 6. The method of claim 5 , further comprising: establishing the initial trust between the first computing device and the second computing device by the first computing device performing at least the following: sending a third key, encrypted with a fourth key, to the second computing device, wherein the establishing comprises: authenticating the second computing device based on the unique secret validated by the trusted authority. 7. The method of claim 1 , wherein one of the first computing device and the second computing device comprises a security processor of a downloadable conditional access system (DCAS). 8. The method of claim 1 , wherein the refreshing the initial trust comprises digitally signing the first message with a hash message authentication code (HMAC) that comprises a hash of the first key and the first message, and wherein the refreshing of the initial trust is performed at predetermined times. 9. The method of claim 8 , wherein the refreshing the initial trust further comprises exchanging the digitally-signed first message through an interface configured to communicate with the second computing device. 10. The method of claim 1 , further comprising: establishing the initial trust between the first computing device and the second computing device by the first computing device performing at least the following: sending a third key, encrypted with a fourth key, to the second computing device, wherein the fourth key is a temporary key and is not used in the refreshing. 11. The method of claim 1 , comprising: establishing the initial trust between the first computing device and the second computing device by the first computing device performing at least the following: receiving a fourth key from the trusted authority external to the first computing device; sending a third key, encrypted with the fourth key, to the second computing device; and receiving, after the sending the third key to the second computing device, the first key from the trusted authority. 12. The method of claim 1 , wherein the refreshing comprises digitally signing the first message with the first key by adding a hash of the first message and the first key to the first message, and wherein the refreshing of the initial trust is performed periodically. 13. The method of claim 1 , wherein refreshing the initial trust comprises: refreshing the initial trust between the first computing device comprising a hardware security element and the second computing device comprising a trusted processor to maintain trust between the first computing device and the second computing device. 14. The method of claim 1 , wherein the first order sequence rule comprises a counter to use when processing a message. 15. The method of claim 14 , wherein the message order sequence rule comprises an order of header information for subsequent messages. 16. The method of claim 15 , wherein the refreshing further comprises: determining the message order sequence rule based on determining the order of header information for subsequent messages from a predetermined list of possible orders of header information for subsequent messages. 17. A non-transitory computer-readable medium storing computer-executable instructions that when executed cause a first computing device to perform at least the following: refreshing an initial trust between the first computing device and a second computing device to maintain trust between the first computing device and the second computing device by the first computing device performing at least the following: receiving, from a trusted authority, an encrypted device-specific non-repeating authenticator associated with the second computing device, wherein the encrypted device-specific non-repeating authenticator is encrypted for decryption by the second computing device; signing a first message with a first key, the first message comprising the encrypted device-specific non-repeating authenticator, a first header parameter comprising a first order sequence rule for the first message and for messages between the first computing device and the second computing device, and a second header parameter comprising a message order sequence rule for the first message and for the messages between the first computing device and the second computing device; sending the first message signed with the first key to the second computing device via a secure communication channel between the first computing device and the second computing device; and validating a second message from the second computing device based on the first order sequence rule, the message order sequence rule, and a second key. 18. The non-transitory computer-readable medium of claim 17 , wherein the refreshing comprises: authenticating the second message to verify that the second message was not sent from an unauthorized device; and
Assignees
Inventors
Classifications
Rights management {associated to the content (security in data switching network management H04L41/28; security management or policies for network security H04L63/20; access security in wireless networks H04W12/08)} · CPC title
OS processes, e.g. booting an STB, implementing a Java virtual machine in an STB or power management in an STB · CPC title
- H04L63/126Primary
the source of the received data · CPC title
applying security measures for digital rights management · CPC title
Rights Management (protecting software against unauthorised usage in a vending or licensing environment G06F21/10; security in data switching network management H04L41/28; security management or policies for network security H04L63/20; access security in wireless networks H04W12/08) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9282106B2 cover?
- Apparatuses, computer readable media, and methods establishing and maintaining trust between security devices for distributing media content are provided. Two security devices bind to establish an initial trust so that security information can be exchanged. Subsequently, trust is refreshed to verify the source of a message is valid. In an embodiment, the security devices may comprise a security…
- Who is the assignee on this patent?
- Fahrny James W, Davoust Nancy L, Comcast Cable Comm Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/126. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 08 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).