TW200908740A - Vouching for source authorization - Google Patents

Abstract

The invention relates to a method of providing an authentication tag over a digital object. The method is to be carried out in a first device belonging to a user domain comprising a plurality of devices, the devices in the user domain sharing a common symmetric domain key. The invention moreover relates to a method of processing a digital object in a second device belonging to a user domain comprising a plurality of devices, the devices in the user domain sharing a common domain key. The digital object is received in said second device together with a validation token of a digital objects issuer issuing the digital object and an authentication tag over the digital object. In both methods of the invention, the authentication tag has a first and a second part, the second part comprising information facilitating authentication of the public key (pk) of an asymmetric key pair.

Description

200908740 IX. INSTRUCTIONS: [Technical field to which the invention pertains] The present invention relates to providing an identification mark on a digital object in a first yak belonging to a user domain including a plurality of devices. method. The invention further relates to a method of processing a digital object (D〇) in a second device belonging to a user domain (UD) comprising a plurality of devices. Furthermore, the present invention relates to a system comprising a User Domain (UD) comprising a plurality of devices, a device included in a User Domain (UD) having a plurality of devices, and an authentication tag. [Prior Art] In recent years, the number of available content protection systems has rapidly increased. Some of these systems only protect content from unauthorized copying, while other systems limit the user's ability to access or use content. These systems are often referred to as digital rights management (DRM) systems. Consumers want to enjoy content without argument and with as few restrictions as possible. The consumer wants to use the network to enable different types of different applications and easily access $ within any type. It also allows you to share/deliver content in its home environment without restrictions. The concept of '', Authorized Domain (AD) or User Domain (UD) attempts to find a solution to serve both the content owner (who wants to protect their copyright) and the content consumer (who wants to use the content without restrictions) Benefits. The basic principle is a controlled network environment that uses content relatively self-contained as long as the content does not cross the boundaries of the authorized domain. Usually the 'authorized domain is centered on the home environment (also known as the network). 131643.doc 200908740 Of course, 'other contexts are also possible. Users can, for example, carry portable devices with limited content of audio and/or video when they travel, and use the device in their hotel rooms to save Take or download additional content stored on the personal audio and/or video system in the home. Even if the portable device is located outside the home network, it is still part of the user's authorized domain. In this way 'authorized domain (AD) Or a User Domain (UD) is a system that allows content to be accessed by devices in the domain (but not by any other device). The Authorized Domain or User Domain needs to be addressed, for example. Domain identification or user domain identification, device login, device logout, entitlement login, entitlement logout, content login, content logout, and domain management issues. A more extensive introduction to the use of authorized domains, etc. 'See Philips, the Netherlands The Institute's SAF van den Heuvel, W. Jonker, FLAJ Kamperman, and PJ Lenoir's "Secure Content Management in Authorized Domains'' were kept at the IBC 2002 conference publications at 12-16 September 2002. ° In some architectures used to authorize domains or user domains, entities (eg, devices) in the domain share objects that are used to establish, access, and/or authenticate content or licenses that are available for use in the domain ( Symmetric domain key for digital objects and rights objects. An example is version 2 of the DRM architecture of the Open Action Alliance on March 3, 2006: Approved Version 2.0 OMA-AD-DRM-V2_0-20060303-A, hereinafter referred to as OMA DRM v2. This document is available on the Internet at member.openmobilealliance.org/ftp/public_documents/bac/ DLDRM/Permanent_documents/ and is incorporated herein by reference. In such architectures, the knowledge of the domain key is the way to prove the eligibility of the Authorized Domain or the user domain of the 131643.doc 200908740. The digital object can be a Digital Object Issuer (DOI) of the network entity that issues digital objects to the user domain. The digital object issuer (DOI) can append a verification token (VT) to a digital object before transferring the digital object to a device in the user domain. The verification token is a digital object that is configured to prove that the domain authority has authorized the digital object issuer (DOI) for the user domain. This verification token is given in International Patent Application No. PCT/IB2007/05 1533 "Methods to support the introduction of the Domain Issuer in OMA DRM" by Koster, P. et al. (Attorney Docket No. PHNL 005802). Example. One element of the verification token is usually expired. Digital objects can be copied and/or transferred between devices in the authorized domain or user domain.

The DeviceMAC is a message authentication code (MAC) on a digital object calculated by a device in the user domain by using a symmetric domain key. Before the DeviceMAC is provided, the device that obtains the digital object issuer (DOI) digital object verifies the verification token and provides DeviceMAC only if the verification is successful. The DeviceMAC is used as proof of the other device in the user domain (i.e., the device that also knows the domain key), which proves that the verifier attached to the digital object is valid when the digital object is retrieved by the device in the user domain. Therefore, digital objects with additional verification tokens and DeviceMACs can be assigned among devices in the user domain even after the verification token expires. The device in the user domain can accept the DeviceMAC calculated with the current or previous domain key, so that the DeviceMAC remains valid after updating the domain key. 131643.doc

The device needs to be checked 200908740 If a device from a user domain is removed from the consumer domain, the device will not know the updated domain key. However, the device can still construct DeviceMAC for digital objects using the old domain key and have an add-on with out-of-band assignment

Digital object of DeviceMAC. Therefore, devices removed from the user domain can assign unauthorised digital objects in the user domain without the permission of the domain administrator. These illegal digital objects cannot be valid with the legally obtained digital device area because the DeviceMAC is provided by using the old domain secret transmission. The OMA DRM v2 proposal proposes to combat DevieeSign by requiring the acquisition device in the user domain (4) EviceMAC to defend against this threat with a signature with its secret key in mind. This signature links DeviceMAq and hence the digital object to the device that performs the acquisition. Domain Management: This method of the user domain can abolish the removed device that is suspected of illegally distributing digital objects. This method has the following disadvantages: • The infrastructure is required to check for material abolition (4), such as a list. The aborted state of the source device whenever a device receives a digital object out of band. The only way to disable the device removed from the user domain is to abolish the device - and then even legally assign it before the abolition ^ (4) is invalid for other domain members that have received the digital object. SUMMARY OF THE INVENTION It is an object of the present invention to provide a device that guarantees that a digital 131643.doc 200908740 object can be transmitted from one device to another in a user domain while prohibiting removal from the user domain. An alternative way to illegally distribute its digital objects. In addition, the purpose of this month is to provide a method for authenticating digital objects by effectively processing updates to domain keys shared by devices in the user domain. These and other objects are achieved by a method of providing an identification tag on a digital object (d〇). The method is performed in a User Domain (UD) H-piece that contains a plurality of devices, and the devices in the user domain (ud) share a common symmetric domain secret (kd). The method includes, in the first device, establishing a first portion and a second portion of the authentication tag, wherein the first portion is the one of a secret key (sk) by an asymmetric key pair A digital signature on a digital object (D〇) and wherein the second portion includes the identification of a public secret record (pk) by using information about the domain key (Kd) to facilitate the asymmetric secret recording Information. By providing an authentication tag with the two portions, the first portion of the authentication tag is not changed by the update of the domain key, and the second portion must be updated by the update of the domain key. Therefore, the method provides for efficient replacement of one of the authentication tags in the case of an update of the domain key, since the portion to be replaced (ie, the second portion of the authentication tag) is for the user domain All of the digital objects of one device are identical. The knowledge of the domain key in a first device proves the eligibility of the user domain and enables the second device to verify that the public key of the digital signature in the first portion of the authentication tag is validated Authenticity. An advantage of the method of the present invention for providing an authentication tag is that the method provides offline storage, for example, a removable 131643.doc •10-200908740 media (such as - tight umbrella number derivative) compared to the DeviceMAC described above.铷 also) or digital universal disc (1) VD)) The digital object is easy to handle. For the user on the " on the digital object that is stored offline, the DeviceMAC cannot be directly renewed (ie, updated) with the update of the domain key shared by the new device. Therefore, use the DeviceM / - the other device in this digital object. The truth is that the digital device D installed the digital device has been installed and the slave shoe should be renewed by the id device in the user's domain. In addition, the update of the other domain members I in the user domain transfers the second portion of the authentication tag to other domain members, so that the offline storage is first renewed.仵 is still assigned by the knife without having to intrinsically key the first part of the authentication tag with the second part: the signature in the part of the public key verification in the middle of the class. Therefore, the first part and the second part of the identification can be linked together in series. According to the invention, the authentication promotion information in the second part comprises a public key of an asymmetric key pair encrypted by a money key. Therefore, the public device identification of the first device is verified by the device that knows the domain key to verify the signature of the first part t of the authentication tag. The authentication tag established only by means of the domain key of the = user domain can be verified by a device that is a member of the user domain and thus knows the domain (4). Whenever the domain is updated, the second part of the authentication tag can be updated for all digital objects, and thereby only knowing the recent or updated domain key to thereby display the eligibility of the user domain (4) can establish an authentication tag. The identification promotion information in the second part or the second part contains the public key (4) key and the message authentication code on the public key by the domain secret record. Again, the identification of the public key of the first device is checked by the device that knows the domain key, thereby facilitating the first authentication of the tag. The authentication code established only by means of the domain key of the user domain == . The message authentication code of the minute can be verified by the device that is a member of the user domain and thus knows the domain key. Again, whenever a new item is updated, the second part of the item is updated (4), and the device that only displays the domain of the user domain by means of the & or updated domain key can establish an authentication tag. Or 'the authentication promotion information in the second part is a verification key (VTdev) containing the public key of the asymmetric key pair and the identifier of the user domain to which the first device belongs (D_inID), the user domain This identifier contains information about the domain key. Therefore, the first device providing the provided authentication tag proves the qualification of its user domain by presenting a verification token (VTdev), which is the domain management machine y of the management user domain. Qualification certificate issued by the organization. In addition, the verification token provides authentication of the public key of the first device. In the first part of the authentication tag, along with the signature on the digital object 2, this certificate of eligibility for the user domain is linked to the digital object. Should - Note that the user domain identifier (DomainID) can provide information about the current domain key or current domain key generation. In 〇MA, the last three digits of the identifier (DomainID) indicate the domain key generation. Advantageously, the verification token (VTdev) additionally includes one or more of the following: an identifier of the entity type of the first device to which the verification token (VT) belongs, and an expiration date of the verification token (VTDEV) And a digital signature configured to manage the domain administrator (DA) of the user's 131643.doc 200908740 domain. When the verification token contains a digital signature of a domain authority configured to manage the user domain, the public key of the first device can be authenticated by a verifier that was originally served as a system defined by the user domain. Issued by the domain administrator of the trusted party. The date of expiration of the verification token and/or the entity type of the device - makes the verification of the verification of the signature more secure. Advantageously, the update of the 'clock identification tag' is performed by updating only the first part of the identification tag. This update can be done, for example, under the update of the domain key or when the device's verification token expires. =, asymmetric key material for the first device of method t of the present invention = authenticated key pair from the trust authority. However, the asymmetric secret mechanism supply can be any asymmetric pair that is generated by the first device or managed by the domain of the management (four) domain. In addition, the asymmetric key pair can be updated as needed. 'Because the authentication label is the publicly transmitted information, this information can be used by any device that knows the domain complexity: 成员 member of the user domain) . In addition, it should be noted that the term "user" is used to refer to the shared common symmetry. In addition, the term "number" can be an authorized domain. This object, digital content (Zhuguang: digital object such as the right game). Nei Fen (old as 'music, movies, TV programs, pictures, the present invention is further provided - the first part of the hiring domain - crying contains a number of devices!!: Γ method of digital objects, the user domain In the method, the digital object 131643.doc 200908740 together with the digital object issued by the digital object issuer _ verification token (VTD〇a on the digital object - the identification label Receiving in the second device, the authentication tag has a first portion and a second portion, the first component comprising a digital signature on the digital object (D0) and the second portion comprising a promotion-asymmetry The information of the key pair's public key, the method includes the following steps: _ Execute the verification token (VTD0I) is valid one of the first check;

If the first check reveals that the verification token (VTD0I) is invalid, then whether the authentication label provided by a first person in the user domain from which the second piece receives the digital object is valid is valid. a second check, wherein the second check comprises checking the second portion of the authentication tag by using information about the domain key; and _if the first check or the second check reveals a valid verification The token (VTD0I) or a valid authentication label is installed for the digit object. The method provides an installer for installing the digital object in a condition that the verification token or the authentication tag can be verified. By performing a first check on the verification token and performing the second inspection only in the case of an invalid verification token, the digital content can be installed while the verification token is still valid. This second check is performed only if the verification token is invalid (such as when its expiration has expired). This provides an efficient and secure method of processing one of the digital objects received by the same authentication token and an authentication tag, only the device key (KD) is known to the device of the user domain (UD) and therefore only The domain member can establish the authentication tag. Therefore, the second portion of the authentication tag assures the authenticity of the public key of the first device. 131643.doc -14- 200908740 It should be noted that the first check for the validity of the verification token (VTd〇i) may include the expiration date of the verification verification token (VTdoi) and the version of κ〇. This eve ^, = '主思思4第-device" means that the device provides a means of identification along with the digital object and the verification symbol. The first device may have

An out-of-domain digital object issuer obtains a digital object or it may have received a digital object from another device in the user domain. The term "second device" means a device that has been received from another device in the user domain along with a verifier acknowledgment = a device that has received a digital object. The term "installing a digital object" means saving or storing a digit. The item is for immediate or subsequent use or execution. The digital item may be one of the rights item (R〇) provided by the rights issuer (10), the right item specifying the piece of content (such as a piece of music, a movie, etc.) Corresponding permission and constraint. In this case, the DRM content may not be used without an associated rights object (RO). In an embodiment of the method according to the invention, the step of performing the second check Including: - checking whether the public key (pk) of the asymmetric key pair can be authenticated by means of a domain key (KD); _if the authentication is successful, by means of the public key (four) of the first device Verifying the signature in the first part of the authentication label. Because A, the qualification of the first device and the second device of the user domain is evidenced by the knowledge of the domain key by the device. 'Because only the device that knows the domain key can Establish identification label In an embodiment of the method according to the invention, the detection of the public key of the asymmetric secret contains the decryption of the encrypted public key by using the domain secret. Therefore, the public key of the first | It is recognized that the second device checks the signature of the signature when the second device knows the 131643.doc -15-200908740 domain key. The identification can only be decrypted by the member of the user domain. The first part of the tag is established by the domain key of the user domain and thus knows the device of the domain key.

In an alternative embodiment of the method of the present invention, the "asymmetric" check of the public secret record comprises verifying the message authentication code on the public secret by using a domain secret gun. Again, the first (four) of the first device The identification is verified by the second device when the second device knows the domain key, thereby facilitating the verification of the signature in the first part of the identification target. The authentication established only by means of the domain domain of the user domain The message authentication code of the second part of the tag can be verified by a device that is a member of the user domain and thus knows the domain key. In an alternative embodiment of the method according to the invention, the asymmetric secret record pair is publicly secreted. The key check includes a verification token (vtdev) in the second part of the verification token, the verification token (VTdev) containing the public key of the asymmetric key pair. Therefore, the second device can be verified by inspection The VTDEV is used to check the qualification of the first device of the user domain. The verification token (VTDEV) is a qualification certificate issued by the domain management authority of the management user domain. In addition, the verification token provides the first device. Public key authentication. And in another embodiment, the method may comprise the following steps: _ if both the first check and the second check do not reveal a valid verification token (vtd()1) or a valid authentication tag, then configured to manage use The domain authority (DA) of the domain (UD) consults the digital object issuer (D〇I) or the first device in the user domain (UD) from which the second device receives the digital object (DO) Authorization. Therefore, the eligibility of the user domain can be provided by the domain authority (for example, 131643.doc 200908740::Verification). The domain authority can therefore check the certificate and the devices in the domain can trust in this regard. Domain management agency.

The method according to the invention further comprises the step of replacing the authentication with the aid of a further authentication label provided by the method of the second device. Thus, when the second device receives a digit with one of the authentication tags, the device checks the tag and installs the tag another tag when the check is successful. This further labeling the asymmetric key of the second device - each in the user domain - has an asymmetric key pair secret key 1 which is specific to the second device and Prepare for the secret key of the second device. The present disclosure additionally relates to a system comprising a user domain comprising a plurality of devices, the devices in the user domain sharing a common domain key, and the i system additionally includes a configuration to manage the user domain. A domain authority and each of the devices configured to issue digital objects to devices in the user domain, each of the devices in the 5H system configured to: establish a authentication tag a first part and a second part providing the authentication tag on the digital object, wherein the first part is a digital signature on the digital object by a secret key of an asymmetric key pair and wherein The second part contains information that facilitates the authentication of the public key of the asymmetric key pair. - In one embodiment of the system, one of the devices in the user domain is configured to check one of the identification tags on a digital object and install the digital object if the check is successful. 131643.doc 17 200908740 The invention further relates to a device included in a user domain having a plurality of devices, the devices in the user domain sharing a common domain key 'the device is configured to: Providing the authentication tag on a digital object by establishing a first part and a second part of an authentication tag, wherein the first part is the digital object by a secret key of an asymmetric key pair One of the upper digit signatures and wherein the second portion contains information that facilitates the identification of the asymmetric key line;

U In an embodiment, the device according to the invention is further configured to inspect one of the identification tags on a digital object and to install the digital object if the inspection is successful. The invention further relates to an authentication tag comprising a first part and a second part, wherein the part is a digital signature on a digital object of the secret key by means of an asymmetric key pair and wherein the The second part contains information that facilitates the authentication of the public key of the asymmetric key pair. Knives [Embodiment] FIG. 1 shows a system 1 comprising a domain management organization (1), a digital object issuer (D0I), and a user domain including a plurality of devices (DEVi, DEV2, DEV3). (UD). Only three devices are shown in the figure; however, the user domain (UD) may contain another number of devices. Each of these devices (DEW DEV2; DEV3) includes a face agent (DRM1; DRM2; DRM3), which is typically implemented to execute on the discussed Software component. In the system shown in Figure 域, the domain manager is a separate device compared to the number of object publishers (DOIs); however, the two devices can be combined into one device. The user domain (UD) devices (DEV1, DEV2, DEV3) may be interconnected via a network (not shown) and may, for example, be a radio, tuner/decoder, CD player, pair of speakers, television , VCR, digital recorders, mobile phones, tape sets, personal computers, personal digital assistants, portable display units, car entertainment systems, etc. These devices are typically interconnected to allow one device (e. g., a television) to control another device (e. g., a VCR). In some embodiments, a device, such as a tuner/decoder or video adapter (STB), operates as a central device to provide central control of other devices. Digital objects can contain content, typically music, songs, movies, rights objects, animations, voice, music video clips, TV shows, pictures, games, buzz, audio books, and the like. The devices can be connected to the network wirelessly using a base station (not shown) (e.g., using Bluetooth or IEEE 802. lib) or using conventional wired connections. To allow devices (DEVI, DEV2, DEV3) to interact, several interoperability standards can be utilized that allow different devices to exchange messages and information and control each other. A well-known standard is the Universal Plug and Play standard (http://www.upnp.org). The system 100 can be configured to manage according to the OMA DRM v2 standard or its succession as an Authorized Domain (AD) operation. Access to content. The Domain Authority (DA) manages the User Domain (UD) network entities, for example, by adding and removing DRM Agents. It provides a symmetric domain 131643.doc -19- 200908740 key (kd) to the DRM agent (DRM1; DRM2; DRM3) in the user domain (UD) device. The domain key (kd) can be updated as necessary. In addition, the Domain Authority (DA) can authorize the digital object issuer DOI to issue digital objects (DOs) to devices in the user domain by providing a User Domain Context (UDC) to the Digital Object Issuer (DOI). The User Domain Context (UDC) consists of the Diversified Domain Directory K_Di and the Verifier (VT). The Diversified Domain Directory (K_Di) is used by digital object issuers to protect digital objects (DO). The diversified domain key (KDi) is calculated as a one-way function of the domain key KD and the public key of the digital object issuer (DIO), such that the device in the user domain (UD) (DEVI; DEV2; 1 'DEV3) The DRM agent (DRM1; DRM2; DRM3) calculates the Diversified Domain Key (KDi). However, the Digital Rights Issuer (DOI) cannot self-differentiate the domain secret record (K〇i) and the domain secret record (Kd) remains secret. The Certificate of Authenticity (VT) proves that the Domain Authority (DA) authorizes the Digital Object Issuer (DOI) for domain use. The verification token (VT) may contain the number of the issuer's public key, the expiration date, and the signature of the domain authority (DA). However, and, advantageously, the verification token additionally contains the verification token (VT)

The U body type (here the Digital Object Issuer (DOI)) and the user domain identifier (DomainID). By including the entity type, the verification token (VT) for other entities other than the digital issuer (such as the regional rights manager and the DRM agent) can be processed. By including the identifier of the user domain, the verification token becomes domain specific. In OMA, the last three digits of the DomainID indicate the current domain key generation. This means that in the case of an update of the domain key (KD), the verification token (VT) becomes invalid and the domain authority (DA) must allocate a new verification token. This is useful for the reasons explained below. 131643.doc -20- 200908740 Sex. In addition, this feature hardly reduces efficiency because the update of the domain key (kd) is usually an infrequent event, and the domain authority (DA) needs to interact with the digital object issuer (DOI) whenever it does occur. To send a new diversified domain key (KDi) in any way. Therefore, VT is constructed here as: VT=·{entity type, expiration, public key, domain ID, DA signature}, where the DA signature is the signature of the domain authority (DA) calculated on all previous items. . It will be apparent that the domain authority (DA) generates different multi-domain keys (KDi) and verification tokens (VT) for each digital object issuer (DOI) that it wishes to authorize for a particular user domain. A Digital Object Issuer (DOI) is a network entity that issues digital objects (DOs) to a User Domain (UD). To this end, the Digital Object Issuer (DOI) needs to have the most recent User Domain Context (UDC) of the Unexpired Verifier (VT) and Diversified Domain Key (KDi). The Digital Object Issuer (DOI) encrypts the secret portion of the digital object (DO) with the Diversified Domain Key (KDi), with its secret key signed to the digital object (DO), and attaches a self-domain authority (DA) Received verification token (VT). The DRM agent (DRM1; DRM2; DRM3) of each of the devices (DEVI, DEV2, DEV3) is a user control device capable of evaluating digital objects (DO). The Digital Object Issuer (DOI) may be a Rights Issuer (RI), and the issued Digital Object (DO) is a Rights Object (RO). A rights object specifies the permissions and constraints associated with a piece of content, such as whether the content can be reproduced, copied, time-limited, and so on. The content issuer (not shown) may make the content (song, movie, etc.) in a protected form (131643.doc -21 · 200908740 "DRM content in the case of OM A) as the user domain (UD) The device used to access the content 'receiving content' requires a rights object (RO) provided by the rights issuer (RI). The provision of RO 2 12 may coincide with the provision of the content, but this is not necessary. The device may acquire the content at a certain time and later purchase the rights object to access the content. Alternatively, a device may acquire a rights object and later obtain only the content of the rights object application. In OMA DRM, the right object ( R〇) An XML file specifying the permissions and constraints associated with a piece of drm content. DRM content may not be used without an associated rights object (RO) and may only be specified in the rights object (RO) Permissions and Constraints are used. Rights objects (R〇) contain the rights representation and key required to reproduce the actual content. R〇 acquisition, device registration, and domain management are specified by a set of agreements called ROAP. The DRM agent (DRM1; DRM2; DRM3) of I, DEV2, DEV3) ensures the permissions and constraints specified in the attached rights object (R〇). The rights object (RO) is cryptographically combined with the help of the domain key. The device in the domain 'allows any DRM agent (DRM1; DRM2; DRM3) that knows the domain key to use the rights object (R〇). Note that the content issuer and the rights issuer can be the same entity. In OMA terminology This entity is also known as a content allocator. When a device in a user domain (UD) has obtained a rights object (digital object (DO)) from a rights issuer (Digital Object Issuer (DOI)), the device (DEV1; The DRM agent (DRM1; DRM2; DRM3) of DEV2; DEV3) verifies the verification token (VT) by checking the expiration date and signature of the domain authority (DA). In addition, the DRM agent (DRM1; DRM2; DRM3) Check 131643.doc -22- 200908740 Whether the right object (RO) has a valid RI signature and is established by the latest diversified domain key (KDi). If all checks pass, then the DRM agent (DRM1; DRM2; DRM3) accepts the right object (RO) and counts Labels So far, the calculation is known as the label of DeviceMAC. DeviceMAC is configured to be used as proof to other DRM agents, which proves that the verification token (VT) is valid at the time of RO acquisition. In this way, even in the verification character After the expiration (VT) has expired, the RO can also be allocated out of the DRM agent. The DRM agent accepts the DeviceMAC calculated by the current or previous domain key so that it remains valid even after the domain key is updated. The Domain Authority (DA) has two ways to stop RI functionality. The first method is to stop providing a new verification token, so the RI can no longer issue a new entitlement (RO) after its current verification token (VT) expires. The second method is to perform a domain cryptographic update without providing the rights issuer (RI) with the corresponding latest multiplex domain key. This domain secret update directly excludes the Special Rights Issuer (RI), but also maintains interaction with all DRM Agents and Residual Rights Issuers (RI). 2 shows a system 200 including a domain management mechanism (DA) and an input device 210. The input device (2 10) is a user control device consisting of two components: a regional rights manager (LRM) and a DRM agent (DRM1). These components are modeled after the RO of the rights issuer. The Regional Rights Manager (LRM) requires a User Domain Context (UDC) from a Domain Authority (DA) that is composed of a Diversified Domain Key (KDi) and a Verifier (VT) ( The entity type is composed of the regional rights manager 131643.doc -23 - 200908740 (LRM). Similar to the rights issuer, the regional rights manager (LRM) uses the user domain context (UDC) diversified domain key (KDi) and the verification token (VT) to calculate the rights object (RO). The DRM agent (DRM1) of the input device (210) has been added to the user domain (UD) and the domain key (KD) has been acquired. The DRM agent (DRM1) of the input device (210) can check the rights object (RO) and the verification token (VT) and attach the label. Rights objects can now be distributed directly outside the band. The difference from the DRM agent that acquires the rights object (RO) from the rights issuer (RI) is that the two entities are included in the same device (input device (210)). In addition, system 200 includes a user domain (UD) that includes a plurality of devices (DEV2, DEV3). The DRM Agent (DRM1) of input device 210 has been added to the User Domain (UD). In addition to the DRM agent (DRM1) of the input device 210, only two devices (DEV2, DEV3) are shown in the user domain (UD); however, the user domain (UD) may contain another number of devices. Each of the devices (DEV2, DEV3) includes a DRM agent (DRM2; DRM3), which is typically implemented as a software component executing on the device in question. In the system shown in Figure 2, the Domain Authority (DA) is a device that is separate from the Regional Rights Manager (LRM). The Domain Authority (DA) is a network entity that manages User Domains (UDs), for example, by adding and removing DRM Agents. The DRM of the domain authority (DA) to the DRM agent in the user domain (UD) (ie, the DRM agent (DRM1) in the input device 210 and the device (DEV2; DEV3) in the user domain (UD) The agent (DRM2; DRM3) provides a symmetric domain key (KD). The domain key (KD) can be updated as needed. In addition, the Domain Authority (DA) may authorize the Regional Rights Manager (LRM) to the User Domain (UD) by providing the User Rights Context (UDC) to the Regional Rights Manager (LRM) by 131643.doc -24- 200908740 The device in the middle and issues a digital object (RO) to the DRM agent of the input device 210. The User Domain Context (UDC) consists of a Diversified Domain Key KDi and a Verifier Symbol (VT). The multi-domain key (KDi) is to be used by the Regional Rights Manager (LRM) to protect digital objects (DOs). The diversified domain key (KDi) is calculated as a one-way function of the domain key KD and the public key of the regional rights manager (LRM), such that the DRM agent (DRM1, DRM2, DRM3) in the user domain (UD) ) The diversified domain key (KDi) can be calculated. However, the Regional Rights Manager (LRM) cannot keep the domain secret record (K〇i) from the foreign record (Kd) so the domain secret record (Kd) remains secret. An exemplary embodiment is described with respect to Figures 1 and 2 with respect to an OMA architecture including a Domain Authority (DA), Digital Object Distributor (DOI) or Regional Rights Manager (LRM), and DRM Agent. In the following, a digital object (DO) is a rights object (RO) and a digital object issuer (DOI) is a rights issuer (RI). It should be noted that the present invention is not limited to the OMA architecture, but can be used in any user domain formed by a group of entities sharing a common symmetric key. Moreover, the invention is not limited to the right object (RO), but can be used for any number of objects. The separation between the domain authority (DA) and the rights issuer (RI) (Fig. 1) or the regional rights manager (LRM) (Fig. 2) shown in Figs. 1 and 2 causes the following problems. A DRM agent that receives an entitlement object (RO) out of band cannot check whether the issuer (i.e., RI or LRM) is authorized at the time of acquisition. The general solution to this problem is to add a new element (also known as a label) to the rights object (RO). This tag is used to prove to other DRM agents (out-of-band RO) that the RO is obtained by a compliant member of the User Domain (UD). This in turn convinced the receiving DRM agent that the R is legally obtained from the authorized RI or LRM. The above DeviceMAC is such a tag. However, DeviceMAC suffers from the following security threats. Consider a DRM agent that has been removed from the user domain and is therefore not aware of the latest domain key (KD). The DRM agent can still use the old domain anti-transport to construct a valid DeviceMAC for an RO and to allocate the C" RO. In this way, the removed DRM agent may be colluded with an unauthorized issuer (RI or LRM) to distribute the RO in the user domain without the permission of the DA. It is not possible to distinguish such illegal r〇 from legally acquired r' because DeviceMAC from the old domain secret record is also valid. Note that the introduction of an input device incorporating both the LRM component and the DRM agent component into a single user control device (see Figure 2 (2 10)) makes this collusion attack more likely.不同 The different solutions for DeviceMAC can be the following solutions. In the case of domain key update, the DRM agent in the domain re-creates all its dimensions.

DeviceMAC, that is, for each size, is calculated by the new domain key. Then only the DeviceMAc of the current domain key is accepted, thereby eliminating the fact that it is given by the previous member with the old domain key.

DevlceMAC forged threats. However, the disadvantage is that whenever the secret record update occurs, it is necessary to recalculate the inconvenience of all R〇's DeviceMAC. In addition, it is possible to store R〇 on removable media, which makes direct updating of DeviceMAC impossible. I31643.doc • 26- 200908740 The present invention proposes an alternative tag as compared to DeviceMAC as described below in connection with the description of Figures 3 to 5. FIG. 3 is a flow chart of a first method 1 according to the present invention. The method begins at step and continues to step 12 where a build in accordance with the present invention is established. The s-label can be built and checked as described in any of the following examples i to 3. The method ends at step 13. Example 1: The tag of Example 1 (Τ^1) consists of one of the signatures on the digital object (1) of the secret key (sk) of the DRM agent of the device (MV1) (see Figure! or Figure 2). The signature is concatenated with the symmetric encryption of the public secret (pk) of the DRM agent by the domain key (Kd):

Tag\ II SIGNsk(DO)\\ENCKD[pk). To check Tagl, the receiving DRM agent in another device (DEV2) in the device in the user domain (UD) (see Figure 丨 or Figure 2) uses the latest domain secret (kd) to decrypt the dish c^(M) And use the resulting public secret (pk) to verify the signature on the digital object (D0). This check is only successful when (10) is established by the current domain secret (kd). The receiving DRM agent (in dev2) can replace Tagl with its own tag, that is, the DRM agent of DEV2 is signed by the personal secret key (sk) to the digital object (D〇) and attached with the encryption of its public key. . In the case of domain key update, the DRM agent only needs to re-encrypt the partial pie ‘(4), which is equivalent for all its standard irons. The signature specific to the DO remains unchanged. The encrypted portion of the standard proves the knowledge of the domain key (KD) and thus the domain qualification. Link this qualification certificate to a specific digital object by signing). 131643.doc -27- 200908740 Example 2: The tag of instance 2 (Tag2) consists of one of the signatures on the digital object (DO) of the secret key (sk) of the DRM agent, the signature and the corresponding public key ( Pk) and MAC concatenation on the public key (pk) by domain key (KD):

Tag2 = SIGNsk(DO)\\ pk \\ MACKD(pk). To check Tag2, one of the devices (DEV2) (see Figure 1 or Figure 2) receives the DRM agent to verify the MAC on the public key (pk) by the current domain key (KD). If the MAC is correct, the receiving DRM agent uses the public key (pk) to verify the signature. Receiving the DRM agent (DEV2 in Figures 1 and 2) replaces Tag2 with its own tag, that is, the DRM agent signs the digital object (DO) with its own secret key and attaches its public key (pk) And the MAC on the public key (pk) by the domain key (KD). When updating the domain secret record (KD), the DRM agent only needs to re-new the message authentication code, which is the same for all its tags. The signature specific to the DO remains unchanged. The MAC displays the domain key (KD) knowledge and thus proves domain eligibility. Link this qualification to a specific digital object (DO) by signing. Example 3: The tag of Example 3 (Tag3) consists of a digital signature on a digital object (DO) of the secret key (sk) of the DRM agent. In this example, the corresponding public key (pk) is authenticated by means of a verification token (VTDEV) issued by a domain authority (DA) (see Figure 1 or Figure 2). This verification token (VTDEV) has five items as described above, where the entity type now indicates that the verification token (VTDEV) belongs to the DRM agent of the device (DEV1) (see Figure 1 or Figure 2). Tag3 is then defined as 131643.doc -28 - 200908740 as follows:

Tag3 = SIGNsk{DO)\\VTDEV ° To check Tag3, the receiving DRM agent of the device (DEV2) (see Figure 1 or Figure 2) verifies the verifier by verifying the expiration date, domain key generation, and DA signature. Remember (VTDEV). If the verification token (VTDEV) is valid, the public key (pk) is used to verify the signature on the digital object (DO). After installing the digital object (DO), the receiving DRM agent of the device (DEV2) replaces Tag3 with its own label. Whenever the verification token expires (because the domain key is updated, or because the expiration date is reached), it needs to be replaced. Conveniently, the signature portion of the tag (Tag3) remains unchanged.

Tag3 is conceptually different from Tagl and Tag2 in the way it proves domain qualification. That is, instead of obtaining the proof of the domain key (KD), the DRM agent now presents its verification token (V T D E V )' This verification token (V T D E V ) is a qualification issued by D A . In addition to the qualification certificate, this verification token (VTDEV) provides authentication of the public key (pk) of the DRM agent. Together with the signature on the digital object (DO), this links the qualification certificate to the digital object (DO). 4 is a flow diagram of a method 20 in accordance with one embodiment of the present invention for processing digital objects (DOs) in a second device (DEV2) belonging to a user domain. Method 20 should be performed in a second device (DEV2) belonging to a user domain (UD) comprising a plurality of devices (DEVI, DEV2, DEV3), the devices in the user domain (UD) sharing a common domain Key (KD). The digital object (DO) together with the digital object issuer (DOI) one of the digital object issuer (DOI) verification token (VTD0I) and the digital object (DO) on one of the identification tags (Tag) in the second device (DEV2) Received, the authentication tag (Tag) has a first part and a second part of 131643.doc -29-200908740, the second part contains the authentication of the public key (pk) for promoting the asymmetric key pair Information. The method 20 begins at step 21 and continues to step 22 where a first check is performed, i.e., a check is verified (VTd01)* is valid. If the verification token (VTd〇i) of the digital object issuer (D〇I) is valid, the method continues to step 24 where a digital object (DO) is installed. The method ends at step 29. If the check in step 22 reveals that the verification token (VTd〇i) is invalid, then the method continues to step 23, where A executes the user field from which the second device (deleted 2) receives the digital object (DO) ( A second check of whether the identification tag (Tag) provided by the first device (DEvi) in UD) is valid. The second check performed in step 23 includes checking the second portion of the clock tag and verifying the signature in the first portion of the authentication tag by using information about the domain pin (Kd). If the check in step 23 reveals a valid identification tag (Tag), then the method continues to step 24 of installing the digital object (DO) and ends at step 29, otherwise, the method continues from step 2 3 to step 2 9 of the end method. G is a flowchart of __method 3() according to the present invention for processing digital objects (DO) in a second device (DEV2) belonging to the user domain. Steps 31 through 33 of the method correspond to steps 21 through 23 of method 2G; steps of method 3: steps 35 and 39 correspond to steps 24 and 29 of method 2G. These corresponding steps will not be described in detail here. If the check in step 3 of method 3 揭 does not validate the tag, then method 3 continues to install v (3) of the digital object (DO) and ends at step 39. Otherwise, the method continues from step 33 to step 34 where the domain authority (DA) is consulted. The domain authority (DA) is configured to receive the user domain of the digital object (D〇) from the digital object issuer (1) )ι) or the second device 131643.doc • 30- 200908740 (DEV2) The authorization of the first device (DE V1) to manage the user domain (ud). If the domain management mechanism in step 34 provides a digital object issuer (D〇I) or a first device (DEV1), which is a source device for providing a digital device (D〇) to the second device (DEV2) 'The method then continues to step 35 and then proceeds to step 39. Otherwise, the method proceeds directly from step 34 to step 39 of the end method. It should be noted that the inspections in steps 22, 23 of method 20 of Figure 4 and the steps 3 2 and 3 in the method of Figure 5 can be as described in connection with Examples 1 through 3 above. All suggested tags (ie Tagl, Tag2 and Tag3) use digital signatures. In general, the signature not only identifies the message but also identifies the originating station. However, it is important that the source device that provides the digital object to another device is a member of the user domain. Even though it may be stated that the use of a digital signature may be an overly heavy tool for practical applications, it has a certificate that makes it possible to avoid and prove the authenticity of the public key and identify the key as belonging to a particular DRM agent. Controversy. The truth is that the public Φ key used is a simple proof of some (unspecified) domain members (ie, devices in the user domain) that provide the required level of authentication: the domain qualification for the DRM agent. These tags differ in the way they prove this qualification: • Tagl includes the encryption of the public key' to indicate the knowledge of the domain secret record (kd). • Tag2 includes the message authentication code (mac) on the public key to show the knowledge of the domain key (KD). 131643.doc 200908740 • Tag3 presents a verification token (VTDEV) to demonstrate authorization by a domain authority (DA). The above description indicates that the DRM agent does not even need to use its official, authenticated key pair, but can use any key pair. This key pair can be generated by the DRM Agent itself or by a Domain Authority (DA) and can be updated as needed. The advantage of the tag Tagl is that the use of the domain key is limited to its intended purpose, i.e., encryption. Another advantage of Tagl is that it shields the public key from the outside, which may be preferable from a privacy perspective.

Regarding Tag3, the public key used is certified by the certificate issued by D A (VTdev). This verification token (VT DEV ) only guarantees that the owner of the secret is a domain member and can therefore be treated as a "lightweight certificate" issued by a domain authority (DA), acting as a domain authority (DA) A trusted party to the system defined by the User Domain (UD). It should be noted that the three examples of labels are well compatible. In the case where each type of tag is allowed, a DRM agent can authenticate the signature portion *S7GA^(i?0) by five, or VT, either of which is best suited to the DRM agent. As explained above, the known non-updatable DeviceMAC (which is also accepted by the old domain key) is unsafe because it allows the removed DRM agent to keep distributing digital objects (DOs) to devices in the domain. The known updateable DeviceMAC (accepted only by the new domain key) is independent of the DRM agent, so the receiving DRM agent can conveniently maintain the DeviceMAC along with the digital object (DO) it receives. However, in the case of domain secret update 131643.doc -32- 200908740, the DRM agent must recalculate DeviceMAC for all its digital objects (d〇). Even if the message authentication code is a valid symmetric technique, this recalculation can be a lot of work when the DRM agent has many digital objects (D(7). In addition, there are digital objects for offline storage (for example, stored on removable media) ( DO)'s problem 'Because of this problem, it is not possible to connect to the new DeviceMAC. Therefore, other DRM agents are obsolete.

DeviceMAC cannot install this R0. The fact is that the DeviceMAC of these other D-processing programs must first be renewed by the DRM agent that has RO installed. Contrary to the known DevieeMAC: In contrast to the proposed identification of the (4), the 'received DRM generation, the final need # is signed by the secret secret wheel (four) to the digital object (DO) to establish a new device-specific identification. Standard. Even though the establishment of a digital signature is a relatively expensive operation, the method of the present invention is advantageous because such authentication tags are very effective in renewing the key update condition because of the portion to be replaced (ie, encryption, Mac or ντ) is the same for all tags of the u DRM agent. This also means that the variable portion (i.e., the second portion of the authentication tag) can be sent to other domain members after the domain key (KD) is updated. Therefore, it is still possible to distribute the digital objects without having to first re-route them. Alternatively, the receiving DRM agent may request this information from the domain authority (DA) rather than from the source agent (DRM of DEV 1). As explained above, the key pair of the signature of the Tagl&Tag2 towel does not have to be an authenticated key pair of the DRM agent, but may be a random key pair. The Domain Authority (DA) can authenticate the key pair by means of a verification token to charge 131643.doc -33- 200908740 as a trust center because the DRM agent inherently trusts the domain authority (DA) and the DRM agent Focus on each other's domain qualifications rather than the exact identity of each other. Therefore, the use of the certified key pair and the corresponding inconvenience regarding the certificate and the abolition list can be avoided. The above description also applies to rights objects and issuers of digital objects (for example, Rights Issuer (RI) and Regional Rights Manager (LRM)). Gp, the DRM agent does not need to know the exact identity of the publisher; it only wants to be guaranteed to be authorized by the domain authority (DA) for domain use. The verification token (VT) proves this authorization. When the domain authority (DA) checks the issuer's certificate status before it provides a verification token (VT) to an issuer, the DRM agent does not have to do this again. Therefore, the inconvenience of certificate checking can be discharged from the DRM agent to the domain management organization (DA), thereby reducing the responsibility and workload of the DRM agent. Ultimately, the DRM agent no longer needs RI or LRM context to obtain a rights object (RO) or a digital object (DO). This means that an authorized issuer can use any mechanism (e.g., out-of-band allocation) rather than requiring a formal agreement (such as ROAP) to issue a rights object (RO) or digital object (DO) to a member DRM agent. It should be noted that throughout this specification, the expression of an asymmetric key pair means a pair of cryptographic keys, i.e., a public key (pk) and a secret key (sk). The secret key can also be expressed as ''private key''. The secret key is kept secret and the public key can be widely distributed. These keys are mathematically related, but private keys cannot be obtained from public keys. A digital object signed by means of a secret key can be verified only by the corresponding public key. Conversely, symmetric cryptography uses both cryptography and decryption for the establishment and/or verification of message authentication codes (MACs). 131841.doc • 34- 200908740 A symmetric key (in the & Further, and in addition to the scope of the invention, it is to be understood that those skilled in the art will be able to devise many alternative embodiments without departing from the scope of the appended claims. In the scope of the patent application, the symbol placed between the parentheses should not be construed as limiting the claim. The word "contains" does not exclude the existence of elements other than those listed in the request item before the element (four) "a" does not exclude the existence of a plurality of such elements. The invention may include several phases by means of The hardware of the components is implemented 'and can be implemented by means of a computer suitable for stylization. In the device item enumerating several components, several of these components can be implemented by the same item of hardware. Only different from each other. The fact that an i method is stated in an attachment does not mean that a combination of such methods cannot be advantageously used. [Simplified Schematic] Figures 1 and 2 are diagrams of a system in accordance with the present invention; A flowchart of a method 10 according to the invention for providing an authentication label on an object (D0); and Figures 4 and 5 for processing a digital object (DO) in a second device (DE V2) belonging to the user domain (UD) Flowchart of the method 2〇, 3〇 according to the present invention. [Main component symbol description] 10 First method 20 Method 30 Method 131643.doc 200908740 100 System 200 System 210 Input device DA domain management unit DEVI DEV2 device DEV3 device DO digital object DOI digital object issuer DRM1 DRM agent DRM2 DRM agent DRM3 DRM agent KD symmetric domain key KDi diversified domain key LRM regional rights manager VT verification token UD user domain UDC use Domain context 131643.doc -36-

Claims (1)

200908740 X. Patent application scope: L - kind of - belongs to - a method for identifying a label in a device containing a plurality of devices in a device of a digital object (Dm 妲 ) ) 使用者 使用者 使用者 使用者 使用者 使用者 使用者 使用者 使用者 使用者 使用者 使用者 使用者The square Μ4 (4) shared-common symmetric domain pinwheel/establishes a first part and a second part of the identification tag, wherein the C number object ^^ Φ asymmetric key pair-secret secret (S k The digital signature on the 且) and wherein the second portion contains |i is used to facilitate the authentication of the public key (Pk) of the nickname by using the (4) domain cryptographic D). 2. A method of requesting an item wherein the authentication promotion in the second portion includes the public key of the asymmetric key pair encrypted by means of the domain key (KD). 3. The method of claim 1, wherein the authentication promotion information in the second part includes the public key (pk) of the asymmetric key pair and the domain secret (KD) A message authentication code on the public key (pk). 4. The method of claim 1, wherein the authentication promotion in the second part is the public key (pk) including the asymmetric key pair and the use of the first One of the domain identifiers (DomainID) has a verifier (VT〇Ev), and the identifier of the user domain contains information about the domain key (D information. '5' such as % method 4 'where the verification token (VTDEV) additionally includes one or more of the lowerman: one of the entity types of the first state to which the verification token (VTDEV) belongs, the verification token (vtdev) Expiration 131643.doc 200908740 及' and the digital signature of the domain management authority (DA) configured to manage the user domain. 6. The method of claim 1, wherein the update of the authentication tag is updated only by The second portion of the authentication tag is executed. 7. A method of processing a digital object (DO) in a second device belonging to a user domain (ud) comprising a plurality of devices, the user domain The devices in (UD) share a common domain key (KD), and the digital object (D0) is connected to the same A verification identifier (VTD0I) of one of the digital object issuer (DOI) of the alpha-digital object (D〇) and one of the identification tags of the digital object (D0) are received in the second device, the authentication The tag has a first portion and a first file, the first portion of the alpha contains a digital signature on the digital object (D〇) and the second portion contains a public key (pk) that facilitates an asymmetric key pair The information recognized by the clock, the method includes the following steps: • performing a verification of whether the verification token (VTD0I) is valid; - if the first inspection reveals that the verification token (VTD0I) is invalid, then executing 1.) a first check by the first device from which the first device in the user field (UD) of the digital object (DO) receives the validity of the authentication tag, wherein the second check includes 6 The second portion of the authentication tag is checked by using information about the domain secret (Kd); and the first or the second check reveals a valid verification token (VTD0I) or a valid authentication tag, Then install the digital object (D0). 8. The method of claim 7, wherein the step of performing a second check comprises: checking whether the public key (pk) of the asymmetric key pair is available to the domain key (kd) by means of 131643.doc 200908740 To authenticate; - if the authentication is successful, verify the signature in the first portion of the authentication tag by means of the public key (Pk) of the first device. The check of the method of claim 8 wherein the public key (10) of the asymmetric key pair comprises decrypting the encrypted public key (pk) by using the domain key (Kd) . 10. The method of claim 8, wherein the checking of the public key (pk) by the asymmetric key comprises verifying one of the message identifications on the public key by using the domain key (Kd) code. 11. The method of claim 8, wherein the checking of the public key (pk) of the asymmetric key pair comprises verifying one of the second portions of the authentication tag (vtdev), the verification The token (VTdev) contains the public key (pk) of the asymmetric key pair. 12. The method of claim 8, further comprising the step of: - if both the first check and the second check do not reveal a valid verifier. Having (VTD0I) or a valid tag, the domain authority (DA) configured to manage the user domain (UD) consults the digital object issuer (DOI) or the second device receives the tag The authorization of the first device in the user domain (UD) of the digital object (D〇). 13. The method of claim 8 which further comprises replacing the authentication tag with another authentication tag provided by means of the method of claim 1 performed by the second device. 14. A system comprising a user domain (UD) comprising a plurality of devices, wherein the devices in the user domain (UD) share a common domain key (Kd), the 131643.doc 200908740 system additionally comprising a a domain authority (da) configured to manage the user domain (ud) and a digital object issuer (1)(1) configured to issue digital objects (D〇) to devices in the user domain (υ〇), the system Each of the thieves is configured to: provide the identification tag on a digital object (DO) by establishing a first portion and a second portion of an identification tag, wherein The first portion is a digital signature on the digital object (DO) of a secret key (sk) of an asymmetric key pair and wherein the second portion contains a public key that facilitates the asymmetric key pair ( Pk) identification information. 15. The system of claim 14, wherein each of the devices in the user domain (UD) is configured to check one of the identification tags on a digital object (D〇) and if If the check is successful, the digital object (D〇) is installed. 16. A device included in a user domain (UD) having a plurality of devices, the devices in the user domain (UD) sharing a common domain key (KD), the device being configured By: creating a first singularity and a second part of the hunter, the identification label is provided on a digital object (DO), wherein the first part is a secret by an asymmetric key pair A digital signature on the digital object (DO) of the key (sk) and wherein the second portion contains information that facilitates authentication of the public key (pk) of the asymmetric key pair. 17. The device of claim 16, further configured to check one of the identification tags on a digital object (DO) and to install the digital object (DO) if the inspection is successful. 1 8. An authentication tag comprising a first part and a second part, wherein the first part of the 131643.doc -4· 200908740 is a digit of a secret key (sk) by an asymmetric key pair A digital signature on the object (DO) and wherein the second portion contains information that facilitates authentication of the public key (pk) of the asymmetric key pair. C 131643.doc