US 2010.0040231A1 (19) United States (12) Patent Application Publication (10) Pub. No.: US 2010/0040231 A1 Jin et al. (43) Pub. Date: Feb. 18, 2010

(54) SECURITY CLASSES IN A MEDIA KEY Publication Classification BLOCK (51) Int. Cl. H04L 9/32 (2006.01) (75) Inventors: Hongxia Jin, San Jose, CA (US); H04L 9/08 (2006.01) Jeffrey Bruce Lotspiech, (52) U.S. Cl...... 380/255; 380/278 Henderson, NV (US) (57) ABSTRACT Correspondence Address: According to one embodiment of the present invention, a LAW OFFICE OF DONALD L WENSKAY method for broadcast encryption with security classes in a P.O. Box 7206 media key block is provided. In one embodiment the method Ranco Santa Fe, CA 92067 (US) includes receiving encrypted media of a first and a second class, where the media includes a common media key block, (73) Assignee: INTERNATIONAL BUSINESS in a device of a first class and in a device of a second class. A MACHINES CORPORATION, first media key is calculated from the common media key Armonk, NY (US) block in the device of a first class. A first media key precursor s is calculated from the common media key block in the device of a second class. The first media precursor may be used to (21) Appl. No.: 12/192,962 decrypt media of a first class. The first media precursor may also be used to calculate a second media key in the device of (22) Filed: Aug. 15, 2008 a second class to decrypt content of a first class.

License Content provider

agency 65 | 70 Unified media key Encrypted block module digital COrtent 90 Traitor detection module Title key

Media module

Variant key table

Media player

Unified broadcast encryption System Patent Application Publication Feb. 18, 2010 Sheet 1 of 6 US 2010/0040231 A1

------15 License Content provider

agency |Unified media key | block module Egypt COntent 90 Title key

Media module 50 Variant key table

A. 5

Media player module 35

Unified broadcast encryption System Patent Application Publication Feb. 18, 2010 Sheet 2 of 6 US 2010/0040231 A1

Patent Application Publication Feb. 18, 2010 Sheet 3 of 6 US 2010/0040231 A1

819Áeld 9||

UOUUUU00 UOUUUU00 Patent Applica O US 2010/0040231 A1

Patent Application Publication Feb. 18, 2010 Sheet 5 of 6 US 2010/0040231 A1

164

Receive a COmmon media key block in encrypted 166 COntent Of a first Class and in encrypted COntent Of a SeCOnd Class in devices Of a first Class and Of a SeCOnd Class, respectively.

168 Calculate a media key from the Common media key block in the device of a first class.

170 Decrypt Content of a first class in the device of a first class using the media key block.

172 Calculate a first media key precursor from the COmmOn media key block in the device of a SeCOnd Class.

174 DeCrypt encrypted media of a Second class using the first media key preCurSOr in the device Of a SeCOnd Class.

FIG. 5 Patent Application Publication Feb. 18, 2010 Sheet 6 of 6 US 2010/0040231 A1

204 2O2

PrOCeSSOr 210

Main memory 2O6 208 Display interface Display unit Communication Infrastructure 212 (BUS) Secondary memory Hard disk drive 218 214 Removable Removable Storage drive Storage unit 216 222 Removable Interface Storage unit

224 22O 226

Communicationinterface Communication path

FIG. 6 US 2010/0040231 A1 Feb. 18, 2010

SECURITY CLASSES IN A MEDAKEY class; calculating a first media key precursor from the com BLOCK mon media key block in the device of a second class; decrypt ing the encrypted media of a first class using the first media BACKGROUND key; and decrypting the encrypted media of a second class using the first media key precursor. 0001. The present invention relates to content protection, 0007 According to a further embodiment of the present and more specifically, to media key blocks in broadcast invention, a system comprises: a common media key block; a encryption systems. plurality of devices, each receiving the common media key 0002 Broadcast encryption is an important cryptographic block, the plurality of devices including a device belonging to key management approach, especially useful in content pro a first class and a device belonging to a second class; the tection systems. Two popular broadcast-encryption-based device belonging to a first class including means for generat systems are the Content Protection for Recordable Media ing a first media key from the common media key block, the (CPRM) system from IBM, , , and , first media key corresponding to the first class; and the device and the Advanced Access Content System (AACS) from Dis belonging to a second class including means for calculating a ney, IBM, Intel, , Panasonic, , Toshiba, and first media key precursor using the common media key block, Warner Bros. and means for calculating a second media key from the first 0003. A media key block is the fundamental structure in media key precursor. broadcast-encryption-based system. This structure is also 0008 According to another embodiment of the present Sometimes called a session key block. A media key block is a invention, a computer program product for broadcast encryp data structure which is processed by a device using a set of tion comprises: a computer usable medium having computer device keys. The result of the processing allows the device to usable program code embodied therewith, the computer calculate a media key. The media key, in turn, is used to usable program code comprising: computer usable program decrypt a message. In content protection systems, these “mes code configured to: receive a common media key block in a sages are actually content like Video or music. Often in a device of a first class and in a device of a second class; content protection system, each piece of content is associated calculate a first media key from the common media key block with a different media key block. in the device of a first class; calculate a first media key pre 0004. In some cases, the media key block is associated cursor from the common media key block in the device of a with a set of devices, not a particular item of content. One second class; and calculate a second media key from the first such example is IBM's Advanced Secure Content Cluster media key precursor in the device of a second class. Technology (ASCCT), in which all the content that devices can access is protected by a single media key block. This BRIEF DESCRIPTION OF THE SEVERAL feature is useful, for example, in case where a consumer VIEWS OF THE DRAWINGS might have a library of entertainment content in his home, and wants that library to be freely viewed by all the devices he 0009 FIG. 1 shows a diagram of a broadcast encryption owns. It should be noted that in this single media key block, it system in accordance with an embodiment of the invention; is often the case that not all the content being protected is 0010 FIG. 2 shows a diagram of a content player of a first equally valuable. For example, the user might have some security class in accordance with an embodiment of the movies in standard definition and some movies in high defi invention; nition. From the point of view of the movies creators, the 0011 FIG. 3 shows a diagram of a content player of a high definition version is more valuable, and would have second security class in accordance with an embodiment of more serious economic consequences if the users were to the invention; make unlimited unauthorized copies. Likewise, not all 0012 FIG. 4 shows a diagram of a content player of a third devices are equally privileged. There is no reason, for security class in accordance with an embodiment of the example, why a standard definition television needs a set of invention; keys that allows it to decrypt high-definition video. 0013 FIG. 5 shows a flow chart of a broadcast encryption method in accordance with an embodiment of the invention; SUMMARY and 0014 FIG. 6 is a high level block diagram of an informa 0005 According to one embodiment of the present inven tion processing system useful for implementing one embodi tion, a method comprises: receiving a common media key block in a device of a first class and in a device of a second ment of the present invention. class; calculating a first media key from the common media DETAILED DESCRIPTION key block in the device of a first class; calculating a first media key precursor from the common media key block in the 00.15 Embodiments of the invention provides a broadcast device of a second class; and calculating a second media key encryption system having a single media key block in which from the first media key precursor in the device of a second all devices are not equally protected and all devices are not class. equally privileged. In contrast, in prior single-media-key 0006. According to another embodiment of the present block systems, such as ASCCT, all content was equally pro invention, a method comprises: receiving encrypted media of tected, and all devices are equally privileged, by virtue of the a first class in a device of the first class, the encrypted media fact that all devices process the same media key block and of a first class including a common media key block; receiv learn the same media key. ing encrypted media of a second class in a device of the 0016. It may be noted that in order to provide different second class, the encrypted media of a second class including levels of protection and privilege to different devices, one the common media key block; calculating a first media key approach might be to employ multiple media key blocks, one from the common media key block in the device of a first for each class of content. The problem with this approach is US 2010/0040231 A1 Feb. 18, 2010

that the devices do need a common media key block for other patent application Ser. No. entitled “System, Method, reasons. For example, a common media key block is useful to and Service for Performing Unified Broadcast Encryption securely form the cluster. A cluster might be, for example, a and Traitor Tracing for Digital Content, the contents of set of devices connected to a private network in a consumer's which are incorporated herein by reference. home. It is important to the content owners that all the devices 0023 System 10 comprises a unified media key block in the network be compliant; in other words, all devices follow the same rules in protected content. Therefore, it is module 15, a traitor detection module 20, a media module 25, important that all the devices can calculate a common cryp and a media player module 30. The media player module 30 tographic key, so that each can verify that the others are comprises a device key set 35 that is uniquely associated with compliant. (Non-compliant devices would be revoked in the a media player 40. The media player 40 may comprise any media key block and would be unable to calculate the com one of a number of devices used to play digital media, includ monkey.) ing, but not limited to DVD players, personal computers, 0017. Also, a common media key block is needed to movie rental boxes which are allowed to play a move for a enable the devices to remain in Synchronization when new limited period of time, and others. The media player module media key blocks revoke newly discovered circumvention 30 further comprises a Software programming code or a com devices. A cluster contains not just a common media key puter program product that is typically embedded within, or block, but also other data files, in particular the list of the installed on the media player 40. authorized devices in the cluster. This authorization list must 0024. The media module 25 comprises a unified media key be cryptographically "signed by the common key(s) in the block 45 (interchangeably reference herein as MKBu 45) and cluster. Obviously, if there is more than one key in use in the a variant key table 50. The unified media key block 45 com cluster, synchronizing the signing when the new media key prises a Subset of available device keys and a data part in block is delivered is much more complicated. which each of the subset of device keys individually encrypts 0018 Thus, having multiple media key blocks, although a set of media key variants. For example, the subset of device theoretically possible, would greatly complicate the synchro keys may be organized in a tree structure, Such as in the nization process. The present invention retains a single media Subset-difference broadcast encryption scheme, although all key block, with its straightforward synchronization, while broadcast encryption schemes are within the scope of this still allowing different classes of devices to learn different invention. The media module 25 comprises a software pro keys from the same media key block. gramming code or a computer program product that is saved 0019 Embodiments of the present invention accomplish onto a media 55. this by using a one-way cryptographic function to define a 0025. The unified media key block module 15 generates hierarchy of keys. The highest security class devices initially one or more unified media key blocks for use by a content calculate a media key precursor instead of a media key from provider 60 to place on the media 55 together with an their processing of the media key block. Then, these devices encrypted digital content 65 (interchangeably referenced can execute a previously-defined one-way function on this herein as encrypted content 65). The unified media key block precursor. The result is either the media key, or another pre module 15 comprises a Software programming code or a cursor, if there are more than two security classes in the computer program product that is typically embedded within, system. Likewise, executing the one-way function on that or installed on a server 70 that belongs to a separate facility, second precursor can produce another precursor. This chain for example, a license agency 75. Alternatively, system 10 can of one-way functions can be defined to any depth, allowing a be saved on a Suitable memory or storage medium Such as a single system to have any number of security classes. The last diskette, a CD, a DVD, a hard drive, or like devices. one-way function in the chain yields the media key. The 0026. The traitor detection module 20 identifies the device precursors then become keys that can be used to protect keys that have been compromised by a traitor or have been COntent. pirated. The traitor detection module 20 passes the identified 0020. In the example described above, where some device keys to the unified media key block module 15 to devices in a home are high-definition and some are standard revoke those identified device keys from any future unified definition, the immediate precursor of the media key may be media key blocks, preventing further piracy by that traitor or used to protect the high definition content, and the media key attacker. The traitor detection module 20 comprises a soft itself may be used to protect the standard definition content. ware programming code or computer program product that is 0021 Note that the high definition devices that calculate shown, for illustration purposes only, as embedded within, or the precursor key from the media key block are also able to installed on server 70 of the license agency 75. Alternatively, calculate the media key itself by using the one-way function. the traitor detection module 20 may be installed in a separate Thus, they can decrypt standard definition content, and, per facility other than the one that issues unified media key blocks haps more importantly, have a key they can use to synchronize to content providers. cryptographically with the standard definition devices. This is 0027. The media player 40 can access a server 80 of the how the present invention provides the desired synchroniza content provider 60 through a network 85 to obtain the tion functionality. encrypted digital content 65 and a title key 90. The title key 90 0022 Referring now to FIG. 1 there is shown an exem (interchangeably referenced herein as Kt 90) allows the plary overall environment in which a system 10, for perform media player 40 to decrypt and play the encrypted content 65 ing broadcast encryption for digital content according to the after the encrypted content 65 has been recorded to media 55. present invention may be used. In this embodiment, the The title key 90 is encrypted, and requires the media player 40 present invention may be used in a variety of content protec to correctly process the unified media key block 45 to decrypt tion applications including but not limited to DVDs, down and use the unified media key block 45. The content provider loaded content, software and others. FIG. 1 shows the system 60 may record the encrypted content 65 and the encrypted 10 for performing broadcast encryption as disclosed in U.S. title key 90 directly to the media 55 such as, for example, a CD US 2010/0040231 A1 Feb. 18, 2010 or DVD. A user may then obtain the encrypted content 65 by, key/MKB processor 124 then uses its device key 126 and the for example, purchasing the CD. common MKB 116 to calculate a first media key precursor 0028. The media player 40 comprises any compliant mod 128 using standard MKB processing 130. The first media key ule that can verify the physical presence of a media 55 such as, precursor 128 may then be used by a decryption unit 132 to for example, a disk. A compliant module is one that follows decrypt the class B content 108 and output decrypted class B the usage rules of the media module 25 that are cryptographi content 134. cally bound to media 55. For example, a compliant recorder 0034 Media player 102 also has the ability to process does not record content encoded “do not copy”. class A content 106. It does this by processing the encrypted 0029 FIG. 1 illustrates an exemplary application of sys class A content 106 to produce the first media key precursor tem 10 referenced as “electronic sell-through’’ in which a 128 and then uses a one-way function 136 to calculate a media consumer obtains the encrypted content 65 by downloading key 138. Decryption unit 132 may then use the media key 138 the encrypted content 65 from the content provider 60 onto a to output decrypted class A content 140. media 55 such as recordable disk in the home of the con 0035) Referring now to FIG.4, media player 104 receives Sumer. While described in terms of an “electronic sell encrypted class C content 110 and its device key/MKB pro through' application, it should be clear that system 10 is cessor 142 extracts the common MKB 116. The device key/ applicable as well to, for example, any application in which MKB processor 142 then uses its device key 144 and the authentication is important and the authenticators are common MKB 116 to calculate a second media key precursor restricted to a subset of the participants. Furthermore, while 146 using a standard MKB process 148. The second media illustrated as providing secure encryption of content for deliv key precursor 146 may then be used by a decryption unit 150 ery to media, it should be clear that system 10 is applicable as to decrypt the class C content 108 and output decrypted class well to, for example, any type of content delivery. Also, while C content 152. the system 10 shown in FIG. 1 is a unified broadcast encryp 0036 Media player 104 may also process class B content tion system, embodiments of the invention may be used with by calculating a first media key precursor 154 from the second other types of broadcast encryption systems. media key precursor 146 using a one-way function 156. This 0030 FIGS. 2, 3 and 4 shows block diagrams of a plurality first media key precursor 154 may then be used by the decryp of media players, such as media player 40 shown in FIG.1. In tion unit 150 to output decrypted class B content 155. Like particular, media players 100,102 and 104 are configured to wise, media player 104 may also process class A content 106 play different classes of media. Content of three classes are by calculating a media key 158 from the first media key shown in FIGS. 2, 3 and 4. In particular, the content includes precursor 154 using a one-way function 160. This media key encrypted content of class A106, encrypted content of class B 158 may then be used by the decryption unit 150 to output 108, and encrypted content of class C 110. In accordance with decrypted class A content 162. an embodiment of the invention, each of the classes of content 0037 FIG. 5 shows a flow chart of a process 164 for contains a common media key block (MKB) 116. broadcast encryption in accordance with an embodiment of 0031. In this embodiment, class A content 106 requires the the invention. In process 164, a system having two security least amount of security, class B content 108 requires a higher classes is described. It will be appreciated that this process level of security, and Class C requires the highest level of 164 may be modified to handle any number of security classes security. Media player 100 is configured to play only class A by adding additional media key precursors. In step 166 a content 106. Media player 102 is configured to play class A common media key block is received by a device of a first content 106 and class B content 108. Media player 110 is class and by a device of a second class, which may comprise configured to play class A content 106, class B content 108 players 100 and 102 shown in FIGS. 2 and 3. The common and class C content 110. For example, Class A content may be media key block will be received as part of digital content, standard definition content, Class B may be high definition which may include digital content of a first class and digital content, and Class C may be content requiring even higher content of a second class. The digital content of a first class level of security than high-definition content. has lower level security requirements than the digital content 0032. The three classes of content are received by the of a second class. For example, the first class content may be media players 100, 102 and 104 through a network 112, standard television broadcast video, and the second class which may comprise one or more of a variety of known ways content may be high definition television broadcast video. In of distributing digital content. Referring now to FIG. 2, media step 168, the device of a first class calculates a media key player 100 receives encrypted class A content 106 and pro using the common media key block. This media key may then cesses is using a device key/MKB processor 114. In particu be used by the device of a first class to decrypt encrypted lar, device key/MKB processor 114 extracts the common content of a first class, in step 170. MKB 116 from the class A content 106 and uses its device key 0038. The device of a second class calculates a first media 118 to calculate a media key 120. This calculation is accom key precursor using the common media key block, in step plished using standard MKB processing 122. The details of 172. This media key precursor may then be used by the the processing depend on the particular MKB scheme in use second class device to decrypt encrypted content of a second in the system; for example, the system might be using the class, in step 174. As described above, the second class device well-known “subset-difference' MKB scheme such as is used may also calculate a media key from the media key precursor in AACS. All MKB schemes are within the scope of this to decrypt content of a first class. invention. The calculated media key 120 then is used by a 0039. It may be noted that the licensing agency 75, as decryption unit 123 to produce decrypted Class A digital shown in FIG. 1, may generate media key blocks where some content 125. devices calculate media key precursors, and other devices 0033 Referring now to FIG.3, media player 102 receives calculate the media key. This is a relatively simple thing to do class B encrypted digital content 108 and its device key/MKB because all broadcast encryption Schemes work by assigning processor 124 extracts the common MKB 116. The device devices to various overlapping Subsets. Each Subset has an US 2010/0040231 A1 Feb. 18, 2010

associated key. The media key block is simply a list of Subsets (EPROM or Flash memory), an optical fiber, a portable com of non-revoked devices along with the encryptions of the pact disc read-only memory (CDROM), an optical storage media key with each subset key. It is a simple matter for device, a transmission media such as those Supporting the different subsets to have encryptions of different keys instead Internet oran intranet, or a magnetic storage device. Note that of every one having an encryption of the media key. In addi the computer-usable or computer-readable medium could tion, the licensing agency needs to group devices in the same even be paper or another suitable medium upon which the security class into convenient Subsets when they assign program is printed, as the program can be electronically cap device keys. It will be appreciated by those skilled in the art tured, via, for instance, optical scanning of the paper or other that the present invention works equally well for all known medium, then compiled, interpreted, or otherwise processed broadcast encryption schemes. in a suitable manner, if necessary, and then stored in a com 0040 Embodiments of the invention may utilize a variety puter memory. In the context of this document, a computer of known one-way functions. In one embodiment, the follow usable or computer-readable medium may be any medium ing well-known one-way function, based on the Advanced that can contain, store, communicate, propagate, or transport Encryption Standard (AES) cipher, is used: the program for use by or in connection with the instruction execution system, apparatus, or device. The computer-usable medium may include a propagated data signal with the com where r is the result, k is a key, d is data, AES-D is AES puter-usable program code embodied therewith, either in decryption in electronic code book mode, and XOR is exclu baseband or as part of a carrier wave. The computer usable sive-or. This function is one-way in the following sense: from program code may be transmitted using any appropriate r, it is intractable to calculate eitherkord. In this embodiment, medium, including but not limited to wireless, wire line, k would be a media key precursor and d would be a constant optical fiber cable, RF, etc. known to all devices. Note that d does not have to be a secret. 0045 Computer program code for carrying out operations It can be a published constant without hurting the security of of the present invention may be written in any combination of this invention. one or more programming languages, including an object 0041. It will be appreciated by those skilled in the art that oriented programming language such as Java, Smalltalk, C++ the various keys in the media key one-way chain protect the or the like and conventional procedural programming lan various classes of content. However, in practice, it is rare in guages, such as the “C” programming language or similar content protection systems for keys from the media key block programming languages. The program code may execute to directly encrypt the content. Instead, there is often at least entirely on the user's computer, partly on the user's computer, one a level of indirection: the content is encrypted with a title as a stand-alone software package, partly on the user's com key, and then the title key is encrypted with the key from the puter and partly on a remote computer or entirely on the media key block. This encrypted title key is typically stored in remote computer or server. In the latter scenario, the remote a header associated with the content. Hence some embodi computer may be connected to the user's computer through ments of the invention may employ this technique of using any type of network, including a local area network (LAN) or one or more levels of indirection of keys to protect the con a wide area network (WAN), or the connection may be made tent. to an external computer (for example, through the Internet 0042. As can be seen from the above disclosure, embodi using an Internet Service Provider). ments of the invention provide a broadcast encryption system 0046. The present invention is described with reference to that employs a common media key block, while providing flowchart illustrations and/or block diagrams of methods, different levels of protection for different media and different apparatus (systems) and computer program products accord devices. ing to embodiments of the invention. It will be understood 0043. As will be appreciated by one skilled in the art, the that each block of the flowchart illustrations and/or block present invention may be embodied as a system, method or diagrams, and combinations of blocks in the flowchart illus computer program product. Accordingly, the present inven trations and/or block diagrams, can be implemented by com tion may take the form of an entirely hardware embodiment, puter program instructions. These computer program instruc an entirely software embodiment (including firmware, resi tions may be provided to a processor of a general purpose dent Software, micro-code, etc.) or an embodiment combin computer, special purpose computer, or other programmable ing Software and hardware aspects that may all generally be data processing apparatus to produce a machine, such that the referred to herein as a “circuit,” “module’ or “system.” Fur instructions, which execute via the processor of the computer thermore, the present invention may take the form of a com or other programmable data processing apparatus, create puter program product embodied in any tangible medium of means for implementing the functions/acts specified in the expression having computer usable program code embodied flowchart and/or block diagram block or blocks. in the medium. 0047. These computer program instructions may also be 0044 Any combination of one or more computerusable or stored in a computer-readable medium that can direct a com computer readable medium(s) may be utilized. The com puter or other programmable data processing apparatus to puter-usable or computer-readable medium may be, for function in a particular manner, such that the instructions example but not limited to, an electronic, magnetic, optical, stored in the computer-readable medium produce an article of electromagnetic, infrared, or semiconductor system, appara manufacture including instruction means which implement tus, device, or propagation medium. More specific examples the function/act specified in the flowchart and/or block dia (a non-exhaustive list) of the computer-readable medium gram block or blocks. would include the following: an electrical connection having 0048. The computer program instructions may also be one or more wires, a portable computer diskette, a hard disk, loaded onto a computer or other programmable data process a random access memory (RAM), a read-only memory ing apparatus to cause a series of operational steps to be (ROM), an erasable programmable read-only memory performed on the computer or other programmable apparatus US 2010/0040231 A1 Feb. 18, 2010

to produce a computer implemented process Such that the 222 which allow software and data to be transferred from the instructions which execute on the computer or other program removable storage unit 220 to the computer system. mable apparatus provide processes for implementing the 0053. The computer system may also include a communi functions/acts specified in the flowchart and/or block diagram cations interface 224. Communications interface 224 allows block or blocks. software and data to be transferred between the computer 0049. The flowchart and block diagrams in the Figures system and external devices. Examples of communications illustrate the architecture, functionality, and operation of pos interface 224 may include a modem, a network interface sible implementations of systems, methods and computer (such as an Ethernet card), a communications port, or a PCM CIA slot and card, etc. Software and data transferred via program products according to various embodiments of the communications interface 224 are in the form of signals present invention. In this regard, each block in the flowchart which may be, for example, electronic, electromagnetic, opti or block diagrams may represent a module, segment, or por cal, or other signals capable of being received by communi tion of code, which comprises one or more executable cations interface 224. These signals are provided to commu instructions for implementing the specified logical function nications interface 224 via a communications path (i.e., (s). It should also be noted that, in some alternative imple channel) 226. This communications path 226 carries signals mentations, the functions noted in the block may occur out of and may be implemented using wire or cable, fiber optics, a the order noted in the figures. For example, two blocks shown phone line, a cellular phone link, an RF link, and/or other in Succession may, in fact, be executed Substantially concur communications channels. rently, or the blocks may sometimes be executed in the reverse 0054. In this document, the terms “computer program order, depending upon the functionality involved. It will also medium.” “computer usable medium, and “computer read be noted that each block of the block diagrams and/or flow able medium' are used to generally refer to media Such as chart illustration, and combinations of blocks in the block main memory 210 and secondary memory 212, removable diagrams and/or flowchart illustration, can be implemented storage drive 216, and a hard disk installed in hard disk drive by special purpose hardware-based systems that perform the 214. specified functions or acts, or combinations of special pur 0055 Computer programs (also called computer control pose hardware and computer instructions. logic) are stored in main memory 210 and/or secondary 0050 FIG. 6 is a high level block diagram showing an memory 212. Computer programs may also be received via information processing system useful for implementing one communications interface 224. Such computer programs, embodiment of the present invention. The computer system when executed, enable the computer system to perform the includes one or more processors, such as processor 202. The features of the present invention as discussed herein. In par processor 202 is connected to a communication infrastructure ticular, the computer programs, when executed, enable the 204 (e.g., a communications bus, cross-over bar, or network). processor 202 to perform the features of the computer system. Various software embodiments are described in terms of this Accordingly, such computer programs represent controllers exemplary computer system. After reading this description, it of the computer system. will become apparent to a person of ordinary skill in the 0056. From the above description, it can be seen that the relevant art(s) how to implement the invention using other present invention provides a system, computer program prod computer systems and/or computer architectures. uct, and method for implementing the embodiments of the 0051. The computer system can include a display interface invention. References in the claims to an element in the sin 206 that forwards graphics, text, and other data from the gular is not intended to mean “one and only unless explicitly communication infrastructure 204 (or from a frame buffer not so stated, but rather "one or more.” All structural and func shown) for display on a display unit 208. The computer sys tional equivalents to the elements of the above-described tem also includes a main memory 210, preferably random exemplary embodiment that are currently known or later access memory (RAM), and may also include a secondary come to be known to those of ordinary skill in the art are memory 212. The secondary memory 212 may include, for intended to be encompassed by the present claims. No claim example, a hard disk drive 214 and/or a removable storage element herein is to be construed under the provisions of 35 drive 216, representing, for example, a floppy disk drive, a U.S.C. section 112, sixth paragraph, unless the element is magnetic tape drive, or an optical disk drive. The removable expressly recited using the phrase “means for or “step for.” storage drive 116 reads from and/or writes to a removable 0057 The terminology used herein is for the purpose of storage unit 218 in a manner well known to those having describing particular embodiments only and is not intended to ordinary skill in the art. Removable storage unit 218 repre be limiting of the invention. As used herein, the singular sents, for example, a floppy disk, a compact disc, a magnetic forms “a”, “an and “the are intended to include the plural tape, or an optical disk, etc. which is read by and written to by forms as well, unless the context clearly indicates otherwise. removable storage drive 216. As will be appreciated, the It will be further understood that the terms “comprises' and/ removable storage unit 218 includes a computer readable or “comprising, when used in this specification, specify the medium having Stored thereincomputer Software and/or data. presence of stated features, integers, steps, operations, ele 0052. In alternative embodiments, the secondary memory ments, and/or components, but do not preclude the presence 212 may include other similar means for allowing computer or addition of one or more other features, integers, steps, programs or other instructions to be loaded into the computer operations, elements, components, and/or groups thereof. system. Such means may include, for example, a removable 0058. The corresponding structures, materials, acts, and storage unit 220 and an interface 222. Examples of such equivalents of all means or step plus function elements in the means may include a program cartridge and cartridge inter claims below are intended to include any structure, material, face (Such as that found in video game devices), a removable or act for performing the function in combination with other memory chip (such as an EPROM, or PROM) and associated claimed elements as specifically claimed. The description of Socket, and other removable storage units 220 and interfaces the present invention has been presented for purposes of US 2010/0040231 A1 Feb. 18, 2010

illustration and description, but is not intended to be exhaus where r is said first media key precursor, k is a key, d is data, tive or limited to the invention in the form disclosed. Many AES-D is Advanced Encryption Standard (AES) decryption, modifications and variations will be apparent to those of and XOR is exclusive-or. ordinary skill in the art without departing from the scope and 9. A method according to claim 1 wherein said common spirit of the invention. The embodiment was chosen and media key block comprises a list of Subsets of non-revoked described in order to best explain the principles of the inven devices. tion and the practical application, and to enable others of 10. A method according to claim 9 further comprising ordinary skill in the art to understand the invention for various revoking a device by modifying said common media key embodiments with various modifications as are suited to the block. particular use contemplated. 11. A method comprising: What is claimed is: receiving encrypted media of a first class in a device of said 1. A method comprising: first class, said encrypted media of a first class including receiving a common media key block in a device of a first a common media key block; class and in a device of a second class; receiving encrypted media of a second class in a device of calculating a first media key from said common media key said second class, said encrypted media of a second class block in said device of a first class; including said common media key block; calculating a first media key precursor from said common calculating a first media key from said common media key media key block in said device of a second class; and block in said device of a first class; calculating a second media key from said first media key calculating a first media key precursor from said common precursor in said device of a second class. media key block in said device of a second class; 2. A method according to claim 1 further comprising: decrypting said encrypted media of a first class using said receiving encrypted media of a first class in said device of first media key; and said first class; and decrypting said encrypted media of a second class using decrypting said received encrypted media of a first class said first media key precursor. using said first media key. 12. A method according to claim 11 further comprising: 3. A method according to claim 2 further comprising: calculating a second media key from said first media key receiving encrypted media of a second class in said device precursor in said device of a second class; and of said second class; and decrypting said encrypted media of a first class using said decrypting said received encrypted media of a second class second media key. using said first media key precursor. 13. A system comprising: 4. A method according to claim 3 further comprising: a common media key block; receiving encrypted media of a first class in said device of a plurality of devices, each receiving said common media a second class; and key block, said plurality of devices including a device decrypting said received encrypted media of a first class belonging to a first class and a device belonging to a using said second media key in said device of a second second class; class. said device belonging to a first class including means for 5. A method according to claim 3 further comprising: generating a first media key from said common media receiving said common media key block in a device of a key block, said first media key corresponding to said first third class; class; and calculating a second media key precursor from said com said device belonging to a second class including means for mon media key block in said device of a third class; calculating a first media key precursor using said com calculating a first media key precursor from said second mon media key block, and means for calculating a sec media key precursor in said device of a second class; and ond media key from said first media key precursor. calculating a third media key from said first media key 14. A system according to claim 13 wherein said device precursor in said device of a third class. belonging to said first class further comprises decryption unit 6. A method according to claim 5 further comprising: for receiving encrypted media belonging to said first class and receiving encrypted media of a third class in said device of decrypting said media belonging to said first class using said a third class and decrypting said received encrypted first media key. media of a third class using said second media key 15. A system according to claim 13 wherein said device precursor, belonging to said second class further comprises decryption receiving encrypted media of a second class in said device unit for receiving encrypted media belonging to said second of a third class and decrypting said media of a second class and decrypting said media belonging to said second class using said first media key precursor, and class using said first media key precursor. receiving encrypted media belonging to said first class in 16. A system according to claim 13 wherein said plurality said device of a third class and decrypting said media of devices includes at least one device belonging to a third belonging to said first class using said third media key. class comprising: 7. A method according to claim 1 wherein said calculating means for calculating a second media key precursor from said second media key from said first media key precursor said common media key block; comprises executing a one-way function. means for calculating said first media key precursor from 8. A method according to claim 7 wherein said one-way said second media key precursor, and function is in the form of means for generating a third media key from said first media key precursor. US 2010/0040231 A1 Feb. 18, 2010

17. A system according to claim 16 wherein said device a computer usable medium having computer usable pro belonging to said third class further comprises decryption gram code embodied therewith, said computer usable program code comprising: unit for: computer usable program code configured to: receiving encrypted media belonging to said third class and receive a common media key block in a device of a first decrypting said media belonging to said third class using class and in a device of a second class; said second media key precursor, calculate a first media key from said common media key receiving encrypted media belonging to said second class block in said device of a first class; calculate a first media key precursor from said common and decrypting said media belonging to said second media key block in said device of a second class; and class using said first media key precursor, and calculate a second media key from said first media key receiving encrypted media belonging to said first class and precursor in said device of a second class. decrypting said media belonging to said first class using 20. A computer program product according to claim 19 said third media key. wherein said computer usable program code is further con figured to: 18. A system according to claim 13 wherein said device receive encrypted media of a second class in said device of belonging to said second class includes means for executing said second class; and a one-way function on said first media key precursor to gen decrypt said received encrypted media of a second class erate said second media key. using said first media key precursor. 19. A computer program product for broadcast encryption, said computer program product comprising: c c c c c