Lawrence W Tang

US Patent:

6804782, Oct 12, 2004

Filed:

Aug 13, 1999

Appl. No.:

09/373866

Inventors:

Xin Qiu - Del Mar CA
Eric J. Sprunk - Carlsbad CA
Daniel Z. Simon - San Diego CA
Lawrence Tang - Del Mar CA
Lawrence R. Cook - San Diego CA

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

G06F 1130

US Classification:

713194, 713193, 380 30

Abstract:

A cryptography circuit provides secure processing of data by utilizing countermeasures that combat timing and power attacks. Superfluous operations such as multiplication operations, modular reductions by an integer, storage of data to memory are available for use by a processor to disguise the amount of power usage and the amount of time required to perform a cryptographic operation. A cryptographic key is available for use in order to trigger when these emulated operations occur. The occurrences of the emulated operations is controlled by the user to provide the preferred tradeoff between security and use of resources.

US Patent:

6978022, Dec 20, 2005

Filed:

Jul 3, 2001

Appl. No.:

09/898168

Inventors:

John I. Okimoto - San Diego CA, US
Lawrence W. Tang - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04N007/167
H04L009/00

US Classification:

380211, 380201, 713167, 713193, 713201

Abstract:

An encryption renewal system for generating entitlement control messages, the system being secured by physical separation of components. The encryption renewal system has a first computing platform for performing non-secure tasks associated with one or more control messages that transmit one or more keys to a subscriber; and a second computing platform physically separate from the first computing platform containing one or more application specific integrated circuit chip for generating the one or more control messages. In addition, a method by the encryption renewal system is used to register an off-line encryption device in order to begin encrypting clear content. The method includes generating data for registering the off-line encryption device; encrypting the data with one or more cryptographic keys to form encrypted data; forwarding the encrypted data to the off-line encryption device; and retrieving the data from the encrypted data, wherein the off-line encryption device begins to encrypt clear content only after the data is retrieved.

US Patent:

7076661, Jul 11, 2006

Filed:

Mar 9, 2005

Appl. No.:

11/077298

Inventors:

Annie On-yee Chen - Del Mar CA, US
Lawrence W. Tang - San Diego CA, US
Akiko Wakabayashi - Encinitas CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04L 9/00
H04N 7/167

US Classification:

713178, 726 30, 380239

Abstract:

A method for forwarding messages containing cryptographic keys from a conditional access system that controls a population of set-top boxes to an encryption renewal system. The method includes storing a fictitious address of a virtual set-top box; generating a message based on the fictitious address, the message containing a cryptographic key; and forwarding the message to the fictitious address of the virtual set-top box. The encryption renewal system has information regarding the virtual set-top box, and is the recipient of the message. In addition, the encryption renewal system is for controlling access to pre-encrypted content generated by an encryption device. The system includes software instructions for receiving a request to retrofit an entitlement control message that allows a home device to access pre-encrypted content; and software instructions for retrofitting the entitlement control message only after verifying that the pre-encrypted content was generated prior to or contemporaneous with an authorized timestamp.

US Patent:

7257227, Aug 14, 2007

Filed:

Jul 3, 2001

Appl. No.:

09/898136

Inventors:

Annie On-yee Chen - Del Mar CA, US
Lawrence W. Tang - San Diego CA, US
Akiko Wakabayashi - Encinitas CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04L 9/00

US Classification:

380211, 380210, 380239, 380240, 725 31

Abstract:

A method for forwarding messages containing cryptographic keys from a conditional access system that controls a population of set-top boxes to an encryption renewal system. The method includes storing a fictitious address of a virtual set-top box; generating a message based on the fictitious address, the message containing a cryptographic key; and forwarding the message to the fictitious address of the virtual set-top box. The encryption renewal system has information regarding the virtual set-top box, and is the recipient of the message. In addition, the encryption renewal system is for controlling access to pre-encrypted content generated by an encryption device. The system includes software instructions for receiving a request to retrofit an entitlement control message that allows a home device to access pre-encrypted content; and software instructions for retrofitting the entitlement control message only after verifying that the pre-encrypted content was generated prior to or contemporaneous with an authorized timestamp.

US Patent:

7305555, Dec 4, 2007

Filed:

Mar 27, 2002

Appl. No.:

10/109111

Inventors:

John I. Okimoto - San Diego CA, US
Eric J. Sprunk - Carlsbad CA, US
Lawrence W. Tang - San Diego CA, US
Annie On-yee Chen - Del Mar CA, US
Bridget Kimball - Encinitas CA, US
Douglas Petty - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04L 9/00
H04K 1/00
G06F 11/30
G06F 12/14
G06Q 40/00
H04L 9/32
H04N 7/167
H04N 1/44
H04K 1/02

US Classification:

713168, 713177, 713181, 713170, 713189, 713165, 713176, 713169, 705 51, 705 52, 705 53, 705 54, 705 55, 705 56, 705 57, 380232, 380278, 380281

Abstract:

A system is described for uniquely mating components of a communication network such as a smartcard and a set-top box. When mated, the smartcard and set-top box are tied together and have a single identity. Further, the smartcard operates properly only when inserted into an authorized set-top box. Exchanges of information between both components are secured by encryption and authentication to guard against piracy of the exchanged information. The system provides the same authentication key to the set-top box and the smartcard. This key is used for authenticating communication between the set-top box and the smartcard. First, the authentication key is encrypted by a set-top box mating key. The set-top box employs this mating key to decrypt the authentication key. After it is derived, the authentication key is stored in the set-top box's memory. Further, the same authentication key is encrypted by a smartcard mating key.

US Patent:

7764793, Jul 27, 2010

Filed:

Oct 20, 2005

Appl. No.:

11/255113

Inventors:

Xin Qiu - San Diego CA, US
Bridget D. Kimball - Encinitas CA, US
Eric J. Sprunk - Carlsbad CA, US
Lawrence W. Tang - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04L 29/06
H04K 1/00
H04N 7/16
H04N 7/167

US Classification:

380255, 713155, 725 25

Abstract:

According to one embodiment of the invention a system is utilized to leverage the security arrangement between a first and second device to establish a secure link between the first device and a third device. One embodiment of the invention is particularly suitable for loading security data on a set top box, such as that utilized in the cable television industry.

US Patent:

7929483, Apr 19, 2011

Filed:

Dec 30, 2004

Appl. No.:

11/026413

Inventors:

Bridget D. Kimball - Encinitas CA, US
Michael T. Habrat - San Diego CA, US
John I. Okimoto - San Diego CA, US
Douglas M. Petty - San Diego CA, US
Eric J. Sprunk - Carlsbad CA, US
Lawrence W. Tang - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04B 7/212

US Classification:

370324, 370350, 370509, 713155, 713165

Abstract:

The present invention discloses a system and method for providing a secured system time reference to a subscriber device, e. g. , a set top box or a receiver. In one embodiment, the system time reference is provided in a secure system time message that is broadcasted to a plurality of subscriber devices. Each subscriber device has a security device or software application that is capable of determining whether the received system time reference is legitimate. If the system time reference is determined to be legitimate, a local time reference is synchronized with said received system time reference.

US Patent:

8156560, Apr 10, 2012

Filed:

Dec 30, 2004

Appl. No.:

11/027206

Inventors:

John I. Okimoto - San Diego CA, US
Bridget D. Kimball - Encinitas CA, US
Annie O. Chen - Del Mar CA, US
Michael T. Habrat - San Diego CA, US
Douglas M. Petty - San Diego CA, US
Eric Sprunk - Carlsbad CA, US
Lawrence W. Tang - San Diego CA, US

Assignee:

General Instrument Corporation - Horsham PA

International Classification:

H04N 7/16

US Classification:

726 26, 726 5, 726 7, 726 8, 726 10, 726 14, 726 28, 726 30, 713168, 713170, 713185, 709217, 709225, 709227, 709228, 709248, 380277, 380278, 380283, 348 E5007, 348 E7056

Abstract:

The present invention discloses an apparatus and method for defining and enforcing rules of transition between two security domains, e. g. , a transport domain and a persistent security domain. In turn, a border guard, e. g. , a security device, is provided between these two domains that enforce rules for transition between the two security domains. This novel approach of defining a transport domain and a persistent security domain simplifies the classification of the digital content and its movement through the system. Namely, the border guard once established between the two systems can enforce DRM rules associated with how contents are moved between the two domains.