Secure authenticated distance measurement

Abstract

The invention relates to a method for a first communication device to perform authenticated distance measurement between the first communication device and a second communication device, wherein the first and the second communication device share a common secret and the common secret is used for performing the distance measurement between the first and the second communication device. The invention also relates to a method of determining whether data stored on a first communication device are to be accessed by a second communication device. Moreover, the invention relates to a communication device for performing authenticated distance measurement to a second communication device. The invention also relates to an apparatus for playing back multimedia content comprising a communication device.

Claims

1. A first device for controlling delivery of protected content to a second device, the first device comprising a processor circuit, the processor circuit arranged to execute instructions, the instructions arranged to: receive a second device certificate from the second device prior to sending a first signal; provide the first signal to the second device when the second device certificate indicates that the second device is compliant with at least one compliance rule; receive a second signal from the second device after providing the first signal; and provide the protected content to the second device when the second signal is derived from a secret and a time between the providing of the first signal and the receiving of the second signal is less than a predetermined time, wherein the secret is known by the first device.

2. The first device of claim 1, wherein the secret is securely provided to the second device by the first device.

3. The first device of claim 2, wherein determining that the second signal is derived from the secret comprises: modifying the first signal, wherein the modifying requires the secret; and determining that the modified first signal is identical to the second signal.

4. The first device of claim 3 wherein the secret comprises a first random number.

5. The first device of claim 4 wherein the secret is encrypted with a public key.

6. The first device of claim 5 wherein the first signal comprises a second random number.

7. The first device of claim 2, wherein the second signal comprises the first signal modified by the secret.

8. The first device of claim 2, wherein determining that the second signal is derived from the secret comprises: modifying the second signal, wherein the modifying requires the secret; and determining that the modified second signal is identical to the first signal.

9. The first device of claim 1, wherein determining that the second signal is derived from the secret comprises: modifying the first signal, wherein the modifying requires the secret; and determining that the modified first signal is identical to the second signal.

10. The first device of claim 1, wherein the predetermined time is based on a communication system associated with the first device.

11. The first device of claim 1, further comprising instructions arranged to provide the secret to the second device.

12. The first device of claim 1, wherein the second signal comprises the first signal modified by the secret.

13. The first device of claim 1 wherein the secret comprises a random number.

14. The first device of claim 1 wherein the secret is encrypted with a public key.

15. The first device of claim 1 wherein the first signal comprises a random number.

16. The first device of claim 1, wherein the second signal comprises an XOR operation of the first signal with the secret.

17. The first device of claim 1, further comprising instructions arranged to receive the secret from the second device.

18. The first device of claim 1, wherein determining that the second signal is derived from the secret comprises: modifying the second signal, wherein the modifying requires the secret; and determining that the modified second signal is identical to the first signal.

19. A method of controlling delivery of protected content from a first device to a second device, the first device comprising a processor circuit the processor circuit arranged to execute instructions implementing the method, the method comprising: receiving a second device certificate from the second device prior to sending a first signal; providing the first signal to the second device when the second device certificate indicates that the second device is compliant with at least one compliance rule; receiving a second signal from the second device after providing the first signal; sending the protected content from the first device to the second device when the second signal is derived from the secret and a time between the providing of the first signal and the receiving of the second signal is less than a predetermined time, wherein the secret is known by the first device.

20. The method of claim 19, wherein the secret is securely provided to the second device by the first device.

21. The method of claim 20, wherein determining that the second signal is derived from the secret comprises: modifying the first signal according to the secret; and determining that the modified first signal is identical to the second signal.

22. The method of claim 21, wherein the secret comprises a first random number.

23. The method of claim 22, wherein the secret is encrypted with a public key.

24. The method of claim 23, wherein the first signal comprises a second random number.

25. The method of claim 20, wherein the second signal comprises the first signal modified by the secret.

26. The method of claim 20, wherein determining that the second signal is derived from the secret comprises: modifying the second signal according to the secret; and determining that the modified second signal is identical to the first signal.

27. The method of claim 19, wherein determining that the second signal is derived from the secret comprises: modifying the first signal according to the secret; and determining that the modified first signal is identical to the second signal.

28. The method of claim 19, wherein the predetermined time is based on a communication system associated with the first device.

29. The method of claim 19, further comprising providing the secret to the second device.

30. The method of claim 19, wherein the second signal comprises the first signal modified by the secret.

31. The method of claim 19, wherein the secret comprises a random number.

32. The method of claim 19, wherein the secret is encrypted with a public key.

33. The method of claim 19, wherein the first signal comprises a random number.

34. The method of claim 19, wherein the second signal comprises an XOR operation of the first signal with the secret.

35. The method of claim 19, further comprising instructions arranged to receive the secret from the second device.

36. The method of claim 19, wherein determining that the second signal is derived from the secret comprises: modifying the second signal according to the secret; and determining that the modified second signal is identical to the first signal.

Description

(1) In the following preferred embodiments of the invention will be described referring to the figures, wherein:

(2) FIG. 1 illustrates authenticated distance measurement being used for content protection,

(3) FIG. 2 is a flow diagram illustrating the method of performing authenticated distance measurement,

(4) FIG. 3 illustrates in further detail the step of performing the authenticated distance measurement shown in FIG. 2,

(5) FIG. 4 illustrates a communication device for performing authenticated distance measurement.

(6) FIG. 1 illustrates an embodiment where authenticated distance measurement is being used for content protection. In the center of the circle 101 a computer 103 is placed.

(7) The computer comprises content, such as multimedia content being video or audio, stored on e.g. a hard disk, DVD or a CD. The owner of the computer owns the content and therefore the computer is authorized to access and present the multimedia content for the user. When the user wants to make a legal copy of the content to another device via e.g. a SAC, the distance between the other device and the computer 103 is measured and only devices within a predefined distance illustrated by the devices 105, 107, 109, 111, 113 inside the circle 101 are allowed to receive the content. Whereas the devices 115, 117, 119 having a distance to the computer 101 being larger than the predefined distance are not allowed to receive the content.

(8) In the example a device is a computer, but it could e.g. also be a DVD drive, a CD drive or a Video, as long as the device comprises a communication device for performing the distance measurement.

(9) In a specific example the distance might not have to be measured between the computer, on which the data are stored, and the other device, it could also be a third device e.g. a device being personal to the owner of the content which is within the predefined distance.

(10) In FIG. 2 a flow diagram illustrates the general idea of performing authenticated distance measurement between two devices, 201 and 203 each comprising communication devices for performing the authenticated distance measurement. In the example the first device 201 comprises content which the second device 203 has requested. The authenticated distance measurement then is as follows. In step 205 the first device 201 authenticates the second device 203; this could comprise the steps of checking whether the second device 203 is a compliant device and might also comprise the step of checking whether the second device 203 really is the device identified to the first device 201. Then in step 207, the first device 201 exchanges a secret with the second device 203, which e.g. could be performed by transmitting a random generated bit word to second device 203. The secret should be shared securely, e.g. according to some key management protocol as described in e.g. ISO 11770.

(11) Then in step 209, a signal for distance measurement is transmitted to the second device 203; the second device modifies the received signal according to the secret and retransmits the modified signal back to the first device. The first device 201 measures the round trip time between the signal leaving and the signal returning and checks if the returned signal was modified according to the exchanged secret. The modification of the returned signal according to some secret will most likely be dependent on the transmission system and the signal used for distance measurement, i.e. it will be specific for each communication system (such as 1394, Ethernet, Bluetooth, IEEE 802.11, etc.).

(12) The signal used for the distance measurement may be a normal data bit signal, but also special signals other than for data communication may be used. In an embodiment spread spectrum signals are used to be able to get high resolution and to be able to cope with bad transmission conditions (e.g. wireless environments with a lot of reflections).

(13) In a specific example a direct sequence spread spectrum signal is used for distance measurement; this signal could be modified by XORing the chips (e.g. spreading code consisting of 127 chips) of the direct sequence code by the bits of the secret (e.g. secret consists also of 127 bits). Also, other mathematical operations as XOR could be used.

(14) The authentication 205 and exchange of secret 207 could be performed using the protocols described in some known ISO standards ISO 9798 and ISO 11770. For example the first device 201 could authenticate the second device 203 according to the following communication scenario: First device?>Second device: R.sub.B?Text 1 where R.sub.B is a random number Second device?>First device: CertA?TokenAB Where CertA is a certificate of A TokenAB=R.sub.A?R.sub.B?B?Text3?sS.sub.A(R.sub.A?R.sub.B?B?Text2) R.sub.A is a random number Indentifier B is an option sS.sub.A is a signature set by A using private key S.sub.A

(15) If TokenAB is replaced with the token as specified in ISO 11770-3 we at the same time can do secret key exchange. We can use this by substituting Text2 by: Text2:=eP.sub.B(A?K??Text2)?Text3 Where ePB is encrypted with Public key B A is identifier of A K is a secret to be exchanged

(16) In this case the second device 203 determines the key (i.e. has key control), this is also called a key transport protocol, but also a key agreement protocol could be used. This may be undesirable in which case it can be reversed, such that the first device determines the key. A secret key has now been exchanged according to step 207 in FIG. 2. Again, the secret key could be exchanged by e.g. a key transport protocol or a key agreement protocol.

(17) After the distance has been measured in a secure authenticated way as described above content, data can be sent between the first and the second device in step 211 in FIG. 2.

(18) FIG. 3 illustrates in further detail the step of performing the authenticated distance measurement. As described above the first device 301 and the second device 303 have exchanged a secret; the secret is stored in the memory 305 of the first device and the memory 307 of the second device. In order to perform the distance measurement, a signal is transmitted to the second device via a transmitter 309. The second device receives the signal via a receiver 311 and 313 modifies the signal by using the locally stored secret. The signal is modified according to rules known by the first device 301 and transmitted back to the first device 301 via a transmitter 315. The first device 301 receives the modified signal via a receiver 317 and in 319 the received modified signal is compared to a signal, which has been modified locally. The local modification is performed in 321 by using the signal transmitted to the second device in transmitter 309 and then modifying the signal using the locally stored secret similar to the modification rules used by the second device. If the received modified signal and the locally modified signal are identical, then the received signal is authenticated and can be used for determining the distance between the first and the second device. If the two signals are not identical, then the received signal cannot be authenticated and can therefore not be used for measuring the distance as illustrated by 325. In 323 the distance is calculated between the first and the second device; this could e.g. be performed by measuring the time, when the signal is transmitted by the transmitter 309 from the first device to the second device and measuring when the receiver 317 receives the signal from the second device. The time difference between transmittal time and receive time can then be used for determining the physical distance between the first device and the second device.

(19) In FIG. 4 a communication device for performing authenticated distance measurement is illustrated. The device 401 comprises a receiver 403 and a transmitter 411. The device further comprises means for performing the steps described above, which could be by executing software using a microprocessor 413 connected to memory 415 via a communication bus 417. The communication device could then be placed inside devices such as a DVD, a computer, a CD, a CD recorder, a television and other devices for accessing protected content.