US20150195275A1 - Secure device authentication protocol - Google Patents

Secure device authentication protocol Download PDF

Info

Publication number
US20150195275A1
US20150195275A1 US14/661,536 US201514661536A US2015195275A1 US 20150195275 A1 US20150195275 A1 US 20150195275A1 US 201514661536 A US201514661536 A US 201514661536A US 2015195275 A1 US2015195275 A1 US 2015195275A1
Authority
US
United States
Prior art keywords
multimedia
source device
display device
sink device
display
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/661,536
Inventor
Shaiwal Priyadarshi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
PRIMA CINEMA Inc
Original Assignee
PRIMA CINEMA Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by PRIMA CINEMA Inc filed Critical PRIMA CINEMA Inc
Priority to US14/661,536 priority Critical patent/US20150195275A1/en
Publication of US20150195275A1 publication Critical patent/US20150195275A1/en
Assigned to PRIMA CINEMA, INC reassignment PRIMA CINEMA, INC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: PRIYADARSHI, SHAIWAL
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/436Interfacing a local distribution network, e.g. communicating with another STB or one or more peripheral devices inside the home
    • H04N21/4363Adapting the video or multiplex stream to a specific local network, e.g. a IEEE 1394 or Bluetooth® network
    • H04N21/43632Adapting the video or multiplex stream to a specific local network, e.g. a IEEE 1394 or Bluetooth® network involving a wired protocol, e.g. IEEE 1394
    • H04N21/43635HDMI

Definitions

  • the disclosure generally relates to the field of device authentication, more particularly, for example, to systems and methods in which a multimedia source device communicates with a multimedia sink device (such as a display, or signal distributor), wherein the multimedia source device confirms the identity of the sink device and confirms its trustworthiness through a trust authority.
  • a multimedia source device communicates with a multimedia sink device (such as a display, or signal distributor), wherein the multimedia source device confirms the identity of the sink device and confirms its trustworthiness through a trust authority.
  • Digital audio/video source devices typically connect to a compatible digital sink device (herein referred to as a “display device,” such as item 150 shown in FIG. 1 ) such as an A/V receiver, digital television, digital projector or monitor, via a digital audio/video interface that transmits digital data from the source device to the output device.
  • a compatible digital sink device herein referred to as a “display device,” such as item 150 shown in FIG. 1
  • display device such as an A/V receiver, digital television, digital projector or monitor
  • Commonly used digital audio/video interfaces include HDMI (High-Definition Multimedia Interface) and DVI (Digital Visual Interface).
  • FIG. 1 provides an example of an HDMI-based digital audio/video interface.
  • the HDMI interface ( 100 ) can be described as being formed of three communication channels, including a transition minimized differential signaling (TMDS) channel ( 110 ), a display data channel (DDC) ( 120 ), and a consumer electronics control (CEC) channel ( 130 ).
  • TMDS transition minimized differential signaling
  • DDC display data channel
  • CEC consumer electronics control
  • audio/video (A/V) data, information on an apparatus, and control commands may be transmitted and received through the HDMI.
  • the TMDS channel is typically used for transmitting and receiving video signals and audio signals.
  • the DDC is a data communication standard between a source device and a display device, defined by VESA, which is an international standards-setting organization.
  • VESA is an international standards-setting organization.
  • the output apparatus realizes an optimum image by referring to information about the monitor.
  • the source device transmits optimum video signals and audio signals with reference to enhanced extended display identification data (E-EDID) of the display device.
  • E-EDID enhanced extended display identification data
  • in-band data i.e., data that is contained within the audio/video data stream
  • output-of-band data i.e., data that is not contained within the audio/video data stream
  • InfoFrame In addition to sending in-band audio/video data to the digital audio/video display device, most digital sources also send data to the display device regarding the A/V data format of the audio/video source through a data block sometimes referred to as an “InfoFrame.” In the case of HDMI, this InfoFrame is typically compliant with one or more revisions of EIA/CEA-861, an industry standard.
  • the display device in most digital audio/video interfaces typically allows the device's EDID (Extended Display Identification Data) information to be read back by the source device, which is a data structure provided by a digital display to describe its capabilities to a source (e.g., graphics card, set-top box).
  • the EDID enables a source device to know the make and model of the projector to which it is connected, as well as the capabilities of that projector.
  • the EDID of a display device provides for some level of security by allowing a source device to determine the type and capability of such a display device, as currently implemented by most consumer electronics digital display devices, the data block on an EDID itself is not secure, and may be subject to spoofing or may otherwise become compromised.
  • HDCP High-bandwidth Digital Content Protection
  • FIG. 1 illustrates an exemplary HDMI-based digital audio/video interface.
  • FIG. 2 illustrates an exemplary computing device that may be used to implement aspects of certain embodiments of the present invention.
  • FIG. 3 illustrates an exemplary implementation of certain aspects of the present invention, in which a data packet sent by a source device to a display device is in the form of an InfoFrame, as used in the HDMI protocol.
  • FIG. 4 illustrates another exemplary implementation of certain aspects of the present invention.
  • FIGS. 1-10 are flow charts illustrating methods and systems. It will be understood that each block of these flow charts, and combinations of blocks in these flow charts, may be implemented by computer program instructions. These computer program instructions may be loaded onto a computer or other programmable apparatus to produce a machine, such that the instructions which execute on the computer or other programmable apparatus create structures for implementing the functions specified in the flow chart block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction structures which implement the function specified in the flow chart block or blocks.
  • the computer program instructions may also be loaded onto a computer or other programmable apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flow chart block or blocks.
  • blocks of the flow charts support combinations of structures for performing the specified functions and combinations of steps for performing the specified functions. It will also be understood that each block of the flow charts, and combinations of blocks in the flow charts, can be implemented by special purpose hardware-based computer systems which perform the specified functions or steps, or combinations of special purpose hardware and computer instructions.
  • any number of computer programming languages such as C, C++, C# (C-Sharp), Perl, Ada, Python, Pascal, SmallTalk, FORTRAN, assembly language, and the like, may be used to implement aspects of the present invention.
  • various programming approaches such as procedural, object-oriented or artificial intelligence techniques may be employed, depending on the requirements of each particular implementation.
  • Compiler programs and/or virtual machine programs executed by computer systems generally translate higher level programming languages to generate sets of machine instructions that may be executed by one or more processors to perform a programmed function or set of functions.
  • machine-readable medium should be understood to include any structure that participates in providing data which may be read by an element of a computer system. Such a medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media.
  • Non-volatile media include, for example, optical or magnetic disks and other persistent memory.
  • Volatile media include dynamic random access memory (DRAM) and/or static random access memory (SRAM).
  • Transmission media include cables, wires, and fibers, including the wires that comprise a system bus coupled to processor.
  • Common forms of machine-readable media include, for example, a floppy disk, a flexible disk, a hard disk, a magnetic tape, any other magnetic medium, a CD-ROM, a DVD, any other optical medium.
  • FIG. 2 is an exemplary diagram of a computing device 200 that may be used to implement aspects of certain embodiments of the present invention.
  • Computing device 200 may include a bus 201 , one or more processors 205 , a main memory 210 , a read-only memory (ROM) 215 , a storage device 220 , one or more input devices 225 , one or more output devices 230 , and a communication interface 235 .
  • Bus 201 may include one or more conductors that permit communication among the components of computing device 200 .
  • Processor 205 may include any type of conventional processor, microprocessor, or processing logic that interprets and executes instructions.
  • Main memory 210 may include a random-access memory (RAM) or another type of dynamic storage device that stores information and instructions for execution by processor 205 .
  • ROM 215 may include a conventional ROM device or another type of static storage device that stores static information and instructions for use by processor 205 .
  • Storage device 220 may include a magnetic and/or optical recording medium and its corresponding drive.
  • Input device(s) 225 may include one or more conventional mechanisms that permit a user to input information to computing device 200 , such as a keyboard, a mouse, a pen, a stylus, handwriting recognition, voice recognition, biometric mechanisms, and the like.
  • Output device(s) 230 may include one or more conventional mechanisms that output information to the user, including a display, a printer, a speaker, and the like.
  • Communication interface 235 may include any transceiver-like mechanism that enables computing device 200 to communicate with other devices and/or systems. For example, communication interface 235 may include mechanisms for communicating with another device or system via a network, such as network 105 .
  • computing device 200 may perform operations based on software instructions that may be read into memory 210 from another computer-readable medium, such as data storage device 220 , or from another device via communication interface 235 .
  • the software instructions contained in memory 210 cause processor 205 to perform processes that will be described later.
  • hardwired circuitry may be used in place of or in combination with software instructions to implement processes consistent with the present invention.
  • various implementations are not limited to any specific combination of hardware circuitry and software.
  • the present invention provides for a method or system for a digital audio/video source device, using common digital audio/video interfaces, such as HDMI or DVI, to verify that a digital audio/video display device is secure without relying solely on the EDID of the display device to confirm the identity and security of such display device.
  • a method and system is described in which a data packet is sent by a digital audio/video source device through a common digital audio/video interface to a display device.
  • the data packet is transmitted as in-band data along with the audio/video data being sent to the display device.
  • the display device receives the data packet and, if the display device is a secure device, it securely signs the data packet and allows the signature to be read back by the source device.
  • the display device incorporates a firmware patch that enables the display device to recognize the data packet and securely sign the data packet.
  • a firmware patch is installed by the display device manufacturer, or is securely transmitted to the display device through any of numerous secure protocols that are known to those of skill in the art.
  • the display device's ability to recognize and sign the data packet is included in its hardware.
  • the source device Upon receipt of the signed data packet, the source device determines the identity of the display device, and verifies, independently of the EDID provided by the display device, whether the display device is secure or otherwise compatible with the source device, via a look-up table, database, installed firmware, or any other suitable mechanism.
  • the signature identifies the manufacture and type of device signing the data packet. In another embodiment, the signature is unique to every instance of a display device.
  • the data packet sent by the source device is in the form of an InfoFrame, as used in the HDMI protocol.
  • FIG. 3 illustrates an exemplary implementation of this arrangement ( 300 ).
  • the InfoFrame ( 310 ) is securely signed by the display device using any of numerous trusted techniques known to those skilled in the art (such as RSA signing), allowing the source device to ensure that the signature securely and uniquely identifies the display device. Once a unique, trusted identity has been established for the display device, the source device can look up the display device's identity using a device trust authority.
  • the secure certificate authority uses commonly known public key infrastructure (PKI) techniques, and the resulting signature provides secure identification of the device. The specific identity of the device is then verified independently of the claimed device manufacturer. In such an embodiment, it is assumed that the display device has a PKI key-set assigned to it, for example through a firmware patch or as integrated by a manufacturer in hardware.
  • PKI public key infrastructure
  • a data structure including a new one as described herein according to aspects of the present invention, is transmitted through the InfoFrame method to the display device, and the display device then creates a hash of the InfoFrame data (using an algorithm such as SHA-1 or any other suitable algorithm).
  • the display device then encrypts the hash using its Private Key to generate a signature block (see, e.g., item 355 in FIG. 3 ).
  • the display device then stores its Public Key and the signature block into a memory device located on the DDC channel.
  • the source device then reads the memory (and signature) back across the DDC channel ( 120 ) after waiting a period of time (to give the display device time to generate the signature).
  • the source device then verifies the signature using the display device's Public Key.
  • the display device's status is then verified by searching through a database of trusted devices using the display device's Public Key (see, e.g., item 345 in FIG. 3 ).
  • the source device determines whether to commence or continue sending the display device its digital audio/video data.
  • a display chain consisting of multiple display devices in series, with the output of one display device (e.g., an AV receiver) feeding the input of another display device (e.g., a projector), can also be verified.
  • the verification follows standard PKI-based daisy-chained authentication through signature chaining
  • the first display device either replaces or adds its signature to the InfoFrame that it then relays to the next display device; each display device either replaces the InfoFrame data with its own signature, or chains its signature to the code in the InfoFrame.
  • the source device can then read back the signature over EDID from each display device in the chain, verifying each link on the way; or the source could verify all the embedded signatures in a chained-signature-block from the final display device in the chain.
  • FIG. 4 illustrates another exemplary implementation ( 400 ) of certain aspects of the present invention.
  • a PKI key set is assigned to and stored in a multimedia source device such as HDMI transmitter ( 402 )
  • a corresponding PKI key set is assigned to and stored in a multimedia sink device such as HDMI display/receiver ( 405 ).
  • an electrical connection ( 425 ) is established between transmitter ( 402 ) and display/receiver ( 405 ) for transmitting an audio/video data stream from transmitter ( 402 ) to display/receiver ( 405 ).
  • an authentication data structure is generated at transmitter ( 402 ) for transmission from transmitter ( 402 ) to display/receiver ( 405 ).
  • the authentication structure may comprise a unique data “blob” for each audio/video data stream transmission session.
  • the blob may comprise any suitable data, such a combination of a predetermined still video pattern and/or configuration data unique to transmitter ( 402 ) such as an identifier (e.g., MAC address) of a networking facility (e.g., Ethernet port) on the transmitter ( 402 ).
  • the authentication data structure e.g., “blob”
  • the authentication data structure may be signed with the PKI private key associated with the transmitter ( 402 ).
  • the blob, the transmitter's PKI public key, and a unique signature block are inserted into an InfoFrame or a video frame, along with markers to indicate an authentication process request.
  • the authentication data structure is transmitted from transmitter ( 402 ) to display/receiver ( 405 ) within an audio/video data stream between transmitter ( 402 ) and display/receiver ( 405 ) (e.g., within the in-band audio/video HDMI data stream across the primary HDMI channel, within an InfoFrame or video frame).
  • display/receiver ( 405 ) detects that the incoming audio/video data stream contains an in-band authentication request and authentication structure, then creates a hash of a portion of said authentication data structure (e.g., verifies the integrity of the received blob, public key, and signature block), and encrypts the hash using a private key associated with display/receiver ( 405 ) to generate its own signature block.
  • a hash of a portion of said authentication data structure e.g., verifies the integrity of the received blob, public key, and signature block
  • transmitter ( 402 ) transmits an authentication request to display/receiver ( 405 ) to obtain the Device ID of display/receiver ( 405 ), along with the PKI public key of display/receiver ( 405 ) and the signature block created by display/receiver ( 405 ) in step ( 434 ).
  • the Device ID of display/receiver ( 405 ), along with the PKI public key of display/receiver ( 405 ) and the signature block created by display/receiver ( 405 ) in step ( 434 ) are sent from display/receiver ( 405 ) to transmitter ( 402 ) (e.g., via HDMI DDC and/or CEC channels).
  • transmitter ( 402 ) checks the information sent from display/receiver ( 405 ) to transmitter ( 402 ) in step ( 436 ), based on the public key associated with display/receiver ( 405 ).
  • the trustworthiness of display/receiver ( 405 ) is verified in one embodiment by searching through a database of trusted devices based on the public key associated with display/receiver ( 405 ).
  • the audio/video data stream transmission session continues its normal operation (e.g., by performing HDCP session control).

Abstract

Disclosed is a system and method by which a multimedia source device communicates with a display device, allowing the multimedia devices to securely confirm the identity of the devices and confirm their trustworthiness through a trust authority.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation of U.S. patent application Ser. No. 13/267,265 entitled “Secure Device Authentication Protocol” and filed Oct. 6, 2011; which claims the benefit of Provisional Application Ser. No. 61/390,361, filed on Oct. 6, 2010. The entirety of each of the foregoing patent applications is incorporated by reference herein.
    • BACKGROUND OF THE DISCLOSURE
  • 1. Field of the Disclosure
  • The disclosure generally relates to the field of device authentication, more particularly, for example, to systems and methods in which a multimedia source device communicates with a multimedia sink device (such as a display, or signal distributor), wherein the multimedia source device confirms the identity of the sink device and confirms its trustworthiness through a trust authority.
  • 2. General Background
  • Digital audio/video source devices (e.g., item 140 shown in FIG. 1), such as set top boxes, DVD players, Blu-ray players, media servers and video game consoles, typically connect to a compatible digital sink device (herein referred to as a “display device,” such as item 150 shown in FIG. 1) such as an A/V receiver, digital television, digital projector or monitor, via a digital audio/video interface that transmits digital data from the source device to the output device. Commonly used digital audio/video interfaces include HDMI (High-Definition Multimedia Interface) and DVI (Digital Visual Interface). FIG. 1 provides an example of an HDMI-based digital audio/video interface.
  • As shown in FIG. 1, the HDMI interface (100) can be described as being formed of three communication channels, including a transition minimized differential signaling (TMDS) channel (110), a display data channel (DDC) (120), and a consumer electronics control (CEC) channel (130). In addition, audio/video (A/V) data, information on an apparatus, and control commands may be transmitted and received through the HDMI. The TMDS channel is typically used for transmitting and receiving video signals and audio signals. The DDC is a data communication standard between a source device and a display device, defined by VESA, which is an international standards-setting organization. When booting a system, the output apparatus realizes an optimum image by referring to information about the monitor. In general, the source device transmits optimum video signals and audio signals with reference to enhanced extended display identification data (E-EDID) of the display device. The CEC channel is an additional protocol for performing high-level control functions in the HDMI interface.
  • As is typical with digital audio/video interfaces, “in-band” data, i.e., data that is contained within the audio/video data stream, and “out-of-band” data, i.e., data that is not contained within the audio/video data stream, are used to provide an essentially self-configuring link between the digital audio/video source device and a compatible digital output device. Thus, “out-of-band” data is communicated back to the source device from the display device via the interface, allowing for two-way communication between the source and display device.
  • In addition to sending in-band audio/video data to the digital audio/video display device, most digital sources also send data to the display device regarding the A/V data format of the audio/video source through a data block sometimes referred to as an “InfoFrame.” In the case of HDMI, this InfoFrame is typically compliant with one or more revisions of EIA/CEA-861, an industry standard.
  • The display device in most digital audio/video interfaces typically allows the device's EDID (Extended Display Identification Data) information to be read back by the source device, which is a data structure provided by a digital display to describe its capabilities to a source (e.g., graphics card, set-top box). For instance, the EDID enables a source device to know the make and model of the projector to which it is connected, as well as the capabilities of that projector.
  • Although the EDID of a display device provides for some level of security by allowing a source device to determine the type and capability of such a display device, as currently implemented by most consumer electronics digital display devices, the data block on an EDID itself is not secure, and may be subject to spoofing or may otherwise become compromised. Although HDCP (High-bandwidth Digital Content Protection) protects audio/video data being transmitted via HDMI by obfuscating the data, in the event that the security of the HDCP scheme is compromised, the potential for spoofing of the EDID allows for a potential breach in the security of the system.
  • It is desirable to address the limitations in the art. For example, it may be desirable to provide a method or system for using a digital audio/video source device, using common digital audio/video interfaces, such as HDMI or DVI, to verify that a digital audio/video display device is a genuine, trustworthy device without relying solely on the EDID of the display device to confirm the identity and security of such a display device. Furthermore, it is desirable to provide a method that can be used to retrofit existing deployed products with these authentication capabilities.
    • SUMMARY
  • Systems and methods are disclosed with reference to certain exemplary embodiments, by which a multimedia source device communicates to a display device, allowing the multimedia source device to confirm the identity of the display device (and vice-versa) and confirm its trustworthiness through a trust authority. Other aspects and advantages of various aspects of the present invention can be seen upon review of the figures and of the detailed description that follows.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • By way of example, reference will now be made to the accompanying drawings, which are not to scale.
  • FIG. 1 illustrates an exemplary HDMI-based digital audio/video interface.
  • FIG. 2 illustrates an exemplary computing device that may be used to implement aspects of certain embodiments of the present invention.
  • FIG. 3 illustrates an exemplary implementation of certain aspects of the present invention, in which a data packet sent by a source device to a display device is in the form of an InfoFrame, as used in the HDMI protocol.
  • FIG. 4 illustrates another exemplary implementation of certain aspects of the present invention.
    •  DETAILED DESCRIPTION
  • Those of ordinary skill in the art will realize that the following description of the present invention is illustrative only and not in any way limiting. Other embodiments of the invention will readily suggest themselves to such skilled persons, having the benefit of this disclosure. Reference will now be made in detail to specific implementations of the present invention as illustrated in the accompanying drawings. The same reference numbers will be used throughout the drawings and the following description to refer to the same or like parts.
  • Further, certain figures in this specification are flow charts illustrating methods and systems. It will be understood that each block of these flow charts, and combinations of blocks in these flow charts, may be implemented by computer program instructions. These computer program instructions may be loaded onto a computer or other programmable apparatus to produce a machine, such that the instructions which execute on the computer or other programmable apparatus create structures for implementing the functions specified in the flow chart block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction structures which implement the function specified in the flow chart block or blocks. The computer program instructions may also be loaded onto a computer or other programmable apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flow chart block or blocks.
  • Accordingly, blocks of the flow charts support combinations of structures for performing the specified functions and combinations of steps for performing the specified functions. It will also be understood that each block of the flow charts, and combinations of blocks in the flow charts, can be implemented by special purpose hardware-based computer systems which perform the specified functions or steps, or combinations of special purpose hardware and computer instructions.
  • For example, any number of computer programming languages, such as C, C++, C# (C-Sharp), Perl, Ada, Python, Pascal, SmallTalk, FORTRAN, assembly language, and the like, may be used to implement aspects of the present invention. Further, various programming approaches such as procedural, object-oriented or artificial intelligence techniques may be employed, depending on the requirements of each particular implementation. Compiler programs and/or virtual machine programs executed by computer systems generally translate higher level programming languages to generate sets of machine instructions that may be executed by one or more processors to perform a programmed function or set of functions.
  • The term “machine-readable medium” should be understood to include any structure that participates in providing data which may be read by an element of a computer system. Such a medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media. Non-volatile media include, for example, optical or magnetic disks and other persistent memory. Volatile media include dynamic random access memory (DRAM) and/or static random access memory (SRAM). Transmission media include cables, wires, and fibers, including the wires that comprise a system bus coupled to processor. Common forms of machine-readable media include, for example, a floppy disk, a flexible disk, a hard disk, a magnetic tape, any other magnetic medium, a CD-ROM, a DVD, any other optical medium.
  • FIG. 2 is an exemplary diagram of a computing device 200 that may be used to implement aspects of certain embodiments of the present invention. Computing device 200 may include a bus 201, one or more processors 205, a main memory 210, a read-only memory (ROM) 215, a storage device 220, one or more input devices 225, one or more output devices 230, and a communication interface 235. Bus 201 may include one or more conductors that permit communication among the components of computing device 200.
  • Processor 205 may include any type of conventional processor, microprocessor, or processing logic that interprets and executes instructions. Main memory 210 may include a random-access memory (RAM) or another type of dynamic storage device that stores information and instructions for execution by processor 205. ROM 215 may include a conventional ROM device or another type of static storage device that stores static information and instructions for use by processor 205. Storage device 220 may include a magnetic and/or optical recording medium and its corresponding drive.
  • Input device(s) 225 may include one or more conventional mechanisms that permit a user to input information to computing device 200, such as a keyboard, a mouse, a pen, a stylus, handwriting recognition, voice recognition, biometric mechanisms, and the like. Output device(s) 230 may include one or more conventional mechanisms that output information to the user, including a display, a printer, a speaker, and the like. Communication interface 235 may include any transceiver-like mechanism that enables computing device 200 to communicate with other devices and/or systems. For example, communication interface 235 may include mechanisms for communicating with another device or system via a network, such as network 105.
  • As will be described in detail below, computing device 200 may perform operations based on software instructions that may be read into memory 210 from another computer-readable medium, such as data storage device 220, or from another device via communication interface 235. The software instructions contained in memory 210 cause processor 205 to perform processes that will be described later. Alternatively, hardwired circuitry may be used in place of or in combination with software instructions to implement processes consistent with the present invention. Thus, various implementations are not limited to any specific combination of hardware circuitry and software.
  • In certain embodiments, the present invention provides for a method or system for a digital audio/video source device, using common digital audio/video interfaces, such as HDMI or DVI, to verify that a digital audio/video display device is secure without relying solely on the EDID of the display device to confirm the identity and security of such display device. As disclosed herein, a method and system is described in which a data packet is sent by a digital audio/video source device through a common digital audio/video interface to a display device. In one embodiment, the data packet is transmitted as in-band data along with the audio/video data being sent to the display device.
  • In that case, the display device receives the data packet and, if the display device is a secure device, it securely signs the data packet and allows the signature to be read back by the source device. In one embodiment, the display device incorporates a firmware patch that enables the display device to recognize the data packet and securely sign the data packet. Such a firmware patch is installed by the display device manufacturer, or is securely transmitted to the display device through any of numerous secure protocols that are known to those of skill in the art. In another embodiment, the display device's ability to recognize and sign the data packet is included in its hardware.
  • Upon receipt of the signed data packet, the source device determines the identity of the display device, and verifies, independently of the EDID provided by the display device, whether the display device is secure or otherwise compatible with the source device, via a look-up table, database, installed firmware, or any other suitable mechanism. In one embodiment, the signature identifies the manufacture and type of device signing the data packet. In another embodiment, the signature is unique to every instance of a display device.
  • In yet another embodiment, the data packet sent by the source device is in the form of an InfoFrame, as used in the HDMI protocol. FIG. 3 illustrates an exemplary implementation of this arrangement (300). The InfoFrame (310) is securely signed by the display device using any of numerous trusted techniques known to those skilled in the art (such as RSA signing), allowing the source device to ensure that the signature securely and uniquely identifies the display device. Once a unique, trusted identity has been established for the display device, the source device can look up the display device's identity using a device trust authority.
  • In one embodiment, the secure certificate authority uses commonly known public key infrastructure (PKI) techniques, and the resulting signature provides secure identification of the device. The specific identity of the device is then verified independently of the claimed device manufacturer. In such an embodiment, it is assumed that the display device has a PKI key-set assigned to it, for example through a firmware patch or as integrated by a manufacturer in hardware.
  • In this embodiment, a data structure, including a new one as described herein according to aspects of the present invention, is transmitted through the InfoFrame method to the display device, and the display device then creates a hash of the InfoFrame data (using an algorithm such as SHA-1 or any other suitable algorithm). The display device then encrypts the hash using its Private Key to generate a signature block (see, e.g., item 355 in FIG. 3). The display device then stores its Public Key and the signature block into a memory device located on the DDC channel.
  • The source device then reads the memory (and signature) back across the DDC channel (120) after waiting a period of time (to give the display device time to generate the signature).
  • The source device then verifies the signature using the display device's Public Key. The display device's status is then verified by searching through a database of trusted devices using the display device's Public Key (see, e.g., item 345 in FIG. 3). The source device then determines whether to commence or continue sending the display device its digital audio/video data.
  • As an extension to this concept, a display chain consisting of multiple display devices in series, with the output of one display device (e.g., an AV receiver) feeding the input of another display device (e.g., a projector), can also be verified. The verification follows standard PKI-based daisy-chained authentication through signature chaining In this scenario, the first display device either replaces or adds its signature to the InfoFrame that it then relays to the next display device; each display device either replaces the InfoFrame data with its own signature, or chains its signature to the code in the InfoFrame. The source device can then read back the signature over EDID from each display device in the chain, verifying each link on the way; or the source could verify all the embedded signatures in a chained-signature-block from the final display device in the chain.
  • FIG. 4 illustrates another exemplary implementation (400) of certain aspects of the present invention. During a manufacturing phase (410), at step (415) a PKI key set is assigned to and stored in a multimedia source device such as HDMI transmitter (402), and at step (417) a corresponding PKI key set is assigned to and stored in a multimedia sink device such as HDMI display/receiver (405). During initialization phase (420), an electrical connection (425) is established between transmitter (402) and display/receiver (405) for transmitting an audio/video data stream from transmitter (402) to display/receiver (405).
  • During authentication phase (430), at step (431) an authentication data structure is generated at transmitter (402) for transmission from transmitter (402) to display/receiver (405). In one embodiment the authentication structure may comprise a unique data “blob” for each audio/video data stream transmission session. The blob may comprise any suitable data, such a combination of a predetermined still video pattern and/or configuration data unique to transmitter (402) such as an identifier (e.g., MAC address) of a networking facility (e.g., Ethernet port) on the transmitter (402). At part of step 431, the authentication data structure (e.g., “blob”) may be signed with the PKI private key associated with the transmitter (402).
  • At step (432), the blob, the transmitter's PKI public key, and a unique signature block are inserted into an InfoFrame or a video frame, along with markers to indicate an authentication process request. At step (433), the authentication data structure is transmitted from transmitter (402) to display/receiver (405) within an audio/video data stream between transmitter (402) and display/receiver (405) (e.g., within the in-band audio/video HDMI data stream across the primary HDMI channel, within an InfoFrame or video frame).
  • At step (434), display/receiver (405) detects that the incoming audio/video data stream contains an in-band authentication request and authentication structure, then creates a hash of a portion of said authentication data structure (e.g., verifies the integrity of the received blob, public key, and signature block), and encrypts the hash using a private key associated with display/receiver (405) to generate its own signature block.
  • At step (435), after waiting a sufficient amount of time for display/receiver (405) to perform step (434), transmitter (402) transmits an authentication request to display/receiver (405) to obtain the Device ID of display/receiver (405), along with the PKI public key of display/receiver (405) and the signature block created by display/receiver (405) in step (434).
  • At step (436), the Device ID of display/receiver (405), along with the PKI public key of display/receiver (405) and the signature block created by display/receiver (405) in step (434) are sent from display/receiver (405) to transmitter (402) (e.g., via HDMI DDC and/or CEC channels).
  • At step (437), transmitter (402) checks the information sent from display/receiver (405) to transmitter (402) in step (436), based on the public key associated with display/receiver (405). The trustworthiness of display/receiver (405) is verified in one embodiment by searching through a database of trusted devices based on the public key associated with display/receiver (405).
  • At session control phase (440), the audio/video data stream transmission session continues its normal operation (e.g., by performing HDCP session control).
  • The entire contents of each of the following documents are hereby incorporated by reference as if fully set forth herein: United States Published Patent Application Nos. 2008/0126591 A1, 2009/0260043 A1, and 2007/0200918 A1; U.S. Pat. Nos. 6,914,637 and 7,565,649; and CEA Standard CEA-861-E (March, 2008) entitled “A DTV Profile for Uncompressed High Speed Digital Interfaces.”
  • While the above description contains many specifics and certain exemplary embodiments have been described and shown in the accompanying drawings, it is to be understood that such embodiments are merely illustrative of and not restrictive on the broad invention, and that this invention not be limited to the specific constructions and arrangements shown and described, since various other modifications may occur to those ordinarily skilled in the art, as mentioned above. The invention includes any combination or subcombination of the elements from the different species and/or embodiments disclosed herein.

Claims (1)

We claim:
1. A method for verifying the trustworthiness of connected multimedia devices, comprising:
storing a public key infrastructure (PKI) key set in said multimedia sink device;
storing a matching PKI key set in a multimedia source device;
establishing an electrical connection between said multimedia source device and said multimedia sink device for transmitting an audio/video data stream from said multimedia source device to said multimedia sink device;
generating an authentication data structure for transmission from said multimedia source device to said multimedia sink device;
at said multimedia source device, creating a hash of a portion of said authentication data structure, and encrypting said hash using a private key associated with said multimedia source device to generate a signature block;
transmitting said authentication data structure from said multimedia source device to said multimedia sink device within an audio/video data stream between said multimedia source device and said multimedia sink device;
at said multimedia sink device, detecting said authentication data structure, creating a hash of a portion of said authentication data structure, and encrypting said hash using a private key associated with said multimedia sink device to generate a signature block;
transmitting an authentication request from said multimedia source device to said multimedia sink device;
transmitting said signature block and a public key associated with said multimedia sink device from said multimedia sink device to said multimedia source device;
at said multimedia source device, verifying said signature block based on said public key associated with said multimedia sink device; and
verifying the trustworthiness of said multimedia sink device by searching through a database of trusted devices based on said public key associated with said multimedia sink device.
US14/661,536 2010-10-06 2015-03-18 Secure device authentication protocol Abandoned US20150195275A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US14/661,536 US20150195275A1 (en) 2010-10-06 2015-03-18 Secure device authentication protocol

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US39036110P 2010-10-06 2010-10-06
US13/267,265 US8990574B1 (en) 2010-10-06 2011-10-06 Secure device authentication protocol
US14/661,536 US20150195275A1 (en) 2010-10-06 2015-03-18 Secure device authentication protocol

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US13/267,265 Continuation US8990574B1 (en) 2010-10-06 2011-10-06 Secure device authentication protocol

Publications (1)

Publication Number Publication Date
US20150195275A1 true US20150195275A1 (en) 2015-07-09

Family

ID=52683480

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/267,265 Expired - Fee Related US8990574B1 (en) 2010-10-06 2011-10-06 Secure device authentication protocol
US14/661,536 Abandoned US20150195275A1 (en) 2010-10-06 2015-03-18 Secure device authentication protocol

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US13/267,265 Expired - Fee Related US8990574B1 (en) 2010-10-06 2011-10-06 Secure device authentication protocol

Country Status (1)

Country Link
US (2) US8990574B1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9992530B2 (en) * 2015-01-29 2018-06-05 Universal Electronics Inc. System and method for prioritizing and filtering CEC commands
US10339278B2 (en) 2015-11-04 2019-07-02 Screening Room Media, Inc. Monitoring nearby mobile computing devices to prevent digital content misuse
US10452819B2 (en) 2017-03-20 2019-10-22 Screening Room Media, Inc. Digital credential system
WO2022022652A1 (en) * 2020-07-29 2022-02-03 华为技术有限公司 Media content sharing method and apparatus

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014141595A1 (en) * 2013-03-15 2014-09-18 パナソニック株式会社 Content distribution method, content distribution system, source device, and sink device
KR101729960B1 (en) * 2013-10-21 2017-04-25 한국전자통신연구원 Method and Apparatus for authenticating and managing an application using trusted platform module
JP6718312B2 (en) * 2015-09-03 2020-07-08 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカPanasonic Intellectual Property Corporation of America Authentication method, notification method, source device and sink device
JP2021530071A (en) 2018-06-29 2021-11-04 クラウデンティティー インコーポレーテッド Data stream identity

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5299263A (en) * 1993-03-04 1994-03-29 Bell Communications Research, Inc. Two-way public key authentication and key agreement for low-cost terminals
US6968453B2 (en) * 2001-01-17 2005-11-22 International Business Machines Corporation Secure integrated device with secure, dynamically-selectable capabilities

Family Cites Families (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7120251B1 (en) * 1999-08-20 2006-10-10 Matsushita Electric Industrial Co., Ltd. Data player, digital contents player, playback system, data embedding apparatus, and embedded data detection apparatus
US7096481B1 (en) 2000-01-04 2006-08-22 Emc Corporation Preparation of metadata for splicing of encoded MPEG video and audio
US7426750B2 (en) 2000-02-18 2008-09-16 Verimatrix, Inc. Network-based content distribution system
US6738427B2 (en) 2000-09-15 2004-05-18 International Business Machines Corporation System and method of processing MPEG streams for timecode packet insertion
US7088398B1 (en) 2001-12-24 2006-08-08 Silicon Image, Inc. Method and apparatus for regenerating a clock for auxiliary data transmitted over a serial link with video data
KR100737065B1 (en) 2003-04-02 2007-07-06 마츠시타 덴끼 산교 가부시키가이샤 Data reproduction device, video display device and software update system and software update method which use them
US7774824B2 (en) 2004-06-09 2010-08-10 Intel Corporation Multifactor device authentication
US20060182283A1 (en) 2005-02-14 2006-08-17 Tricipher, Inc. Architecture for asymmetric crypto-key storage
WO2007037379A1 (en) 2005-09-30 2007-04-05 Matsushita Electric Industrial Co., Ltd. Wireless transmission system
EP1802155A1 (en) 2005-12-21 2007-06-27 Cronto Limited System and method for dynamic multifactor authentication
KR100736494B1 (en) 2006-02-14 2007-07-06 엘지전자 주식회사 A method for setting mute flags to improve compatibilities and the high definition multimedea interface system using the same method
US20070203850A1 (en) 2006-02-15 2007-08-30 Sapphire Mobile Systems, Inc. Multifactor authentication system
US8037506B2 (en) 2006-03-03 2011-10-11 Verimatrix, Inc. Movie studio-based network distribution system and method
US20070220594A1 (en) 2006-03-04 2007-09-20 Tulsyan Surendra K Software based Dynamic Key Generator for Multifactor Authentication
US7739744B2 (en) 2006-03-31 2010-06-15 Novell, Inc. Methods and systems for multifactor authentication
US7734045B2 (en) 2006-05-05 2010-06-08 Tricipher, Inc. Multifactor split asymmetric crypto-key with persistent key security
US7571471B2 (en) 2006-05-05 2009-08-04 Tricipher, Inc. Secure login using a multifactor split asymmetric crypto-key with persistent key security
US8812629B2 (en) * 2008-04-18 2014-08-19 Universal Electronics Inc. System and method for configuring the remote control functionality of a portable device
TW200835303A (en) 2006-09-07 2008-08-16 Avocent Huntsville Corp Point-to-multipoint high definition multimedia transmitter and receiver
KR20080046858A (en) 2006-11-23 2008-05-28 엘지전자 주식회사 A media sink device, a media source device and a controlling method for media sink devices
US20090012901A1 (en) 2007-02-14 2009-01-08 Mpower Mobile, Inc. Multifactor authentication system for "cash back" at the point of sale
US20100132019A1 (en) 2007-04-04 2010-05-27 Sxip Identity Corp. Redundant multifactor authentication in an identity management system
US8646056B2 (en) 2007-05-17 2014-02-04 U.S. Cellular Corporation User-friendly multifactor mobile authentication
US8189878B2 (en) 2007-11-07 2012-05-29 Verizon Patent And Licensing Inc. Multifactor multimedia biometric authentication
US8170097B2 (en) 2007-12-04 2012-05-01 Sony Corporation Extension to the AVC standard to support the encoding and storage of high resolution digital still pictures in series with video
US8001381B2 (en) * 2008-02-26 2011-08-16 Motorola Solutions, Inc. Method and system for mutual authentication of nodes in a wireless communication network
US20090220075A1 (en) 2008-02-28 2009-09-03 Akros Techlabs, Llc Multifactor authentication system and methodology
US8095519B2 (en) 2008-12-16 2012-01-10 International Business Machines Corporation Multifactor authentication with changing unique values
US20100269147A1 (en) 2009-04-15 2010-10-21 Echostar Technologies Llc Video stream index generation at a video content transmitter
US8392709B1 (en) * 2009-04-28 2013-03-05 Adobe Systems Incorporated System and method for a single request—single response protocol with mutual replay attack protection

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5299263A (en) * 1993-03-04 1994-03-29 Bell Communications Research, Inc. Two-way public key authentication and key agreement for low-cost terminals
US6968453B2 (en) * 2001-01-17 2005-11-22 International Business Machines Corporation Secure integrated device with secure, dynamically-selectable capabilities

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Digital Content Protection LLC (High-bandwidth Digital Content Protection System, Revision 1.4, 8 July, 2009, 90 pages) *
Hirano et al., (Application for a Simple Device Authentication Framework: Device Authentication Middleware using Novel Smart Card Software, SAINTW'07, 2007, 4 pages) *

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9992530B2 (en) * 2015-01-29 2018-06-05 Universal Electronics Inc. System and method for prioritizing and filtering CEC commands
US11812097B2 (en) 2015-01-29 2023-11-07 Universal Electronics Inc. System and method for prioritizing and filtering CEC commands
US11595719B2 (en) 2015-01-29 2023-02-28 Universal Electronics Inc. System and method for prioritizing and filtering CEC commands
US10917686B2 (en) * 2015-01-29 2021-02-09 Universal Electronics Inc. System and method for prioritizing and filtering CEC commands
US10460083B2 (en) 2015-11-04 2019-10-29 Screening Room Media, Inc. Digital credential system
US10423762B2 (en) 2015-11-04 2019-09-24 Screening Room Media, Inc. Detecting digital content misuse based on know violator usage clusters
US10430560B2 (en) 2015-11-04 2019-10-01 Screening Room Media, Inc. Monitoring digital content usage history to prevent digital content misuse
US10417393B2 (en) 2015-11-04 2019-09-17 Screening Room Media, Inc. Detecting digital content misuse based on digital content usage clusters
US10409964B2 (en) 2015-11-04 2019-09-10 Screening Room Media, Inc. Pairing devices to prevent digital content misuse
US11227031B2 (en) 2015-11-04 2022-01-18 Screening Room Media, Inc. Pairing devices to prevent digital content misuse
US10395011B2 (en) 2015-11-04 2019-08-27 Screening Room Media, Inc. Monitoring location of a client-side digital content delivery device to prevent digital content misuse
US10339278B2 (en) 2015-11-04 2019-07-02 Screening Room Media, Inc. Monitoring nearby mobile computing devices to prevent digital content misuse
US11853403B2 (en) 2015-11-04 2023-12-26 Sr Labs, Inc. Pairing devices to prevent digital content misuse
US11941089B2 (en) 2015-11-04 2024-03-26 Sr Labs, Inc. Pairing devices to prevent digital content misuse
US10452819B2 (en) 2017-03-20 2019-10-22 Screening Room Media, Inc. Digital credential system
WO2022022652A1 (en) * 2020-07-29 2022-02-03 华为技术有限公司 Media content sharing method and apparatus
CN114071169A (en) * 2020-07-29 2022-02-18 华为技术有限公司 Media content sharing method and device

Also Published As

Publication number Publication date
US8990574B1 (en) 2015-03-24

Similar Documents

Publication Publication Date Title
US8990574B1 (en) Secure device authentication protocol
CN101304420B (en) Content-protected digital link over a single signal line
TWI358932B (en) Packet based high definition high-bandwidth digita
KR100722855B1 (en) Media Receiving Apparatus, Media System Comprising The Same And Control Method Thereof
US20180330128A1 (en) Method and Apparatus for Controlling Video Output, and Control Circuit
US8813202B2 (en) Mechanism to determine source device service tier based on the version of the HDCP key
USRE46959E1 (en) Enabling/disabling display data channel access to enable/disable high-bandwidth digital content protection
US8245307B1 (en) Providing secure access to a secret
US10511449B2 (en) Authentication method, notification method, source device, and sink device
US20200045540A1 (en) Method and system for securing communication links using enhanced authentication
US8903086B2 (en) Enabling/disabling display data channel access to enable/disable high-bandwidth digital content protection
EP3361737A1 (en) Protecting media content
US10142108B2 (en) Copy protection scheme for digital audio and video content authenticated HDCP receivers
US11818499B2 (en) Reception device, method for controlling reception device, and transmission/reception system
US10397205B2 (en) Recording data and using the recorded data
CN107431832B (en) Maintaining synchronization of encryption processes across devices by sending frame numbers
JP2013255215A (en) Distributor and content data transmission reception system
US20100121966A1 (en) Repeater and repeating method thereof
WO2021184181A1 (en) Secure output method and electronic device
US20240111849A1 (en) Media docking device and media transfer method
KR20130087356A (en) Data transmitting apparatus, data receiving apparatus, data transeiving system, data transmitting method, data receiving method, data transeiving method
KR20190074042A (en) Design of hdcp for displayport
CN104468091A (en) Key updating method and key updating system

Legal Events

Date Code Title Description
AS Assignment

Owner name: PRIMA CINEMA, INC, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:PRIYADARSHI, SHAIWAL;REEL/FRAME:037730/0844

Effective date: 20111220

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION