1. Field
The present invention relates generally to computer security and, more specifically, to exchanging cryptographic keys in a processing system.
2. Description
One of the hurdles in providing protected digital content on a computing platform (such as the personal computer (PC)) is that the application program that is extracting the protected content and the graphics device that is decoding and/or displaying the content need to agree on a cryptographic key to encrypt the data exchange between them. If the content is not encrypted during transfer between the application and the graphics device, the content may be vulnerable to interception. One of the two entities cannot merely generate the key and send the key to the other entity because there is typically no “non-snoopable” secure path between the application and the graphics device.
One approach to this problem is to embed identical encryption keys in the graphics device and the application, and then use this key. This approach entirely avoids the key exchange. However, this solution is not robust because the application program may be hacked to discover the key. Another approach is to embed a private key of a public/private key pair in the graphics device and send the corresponding public key to the application. The application then uses the public key to encrypt the content and the graphics device uses the private key to decrypt the content. Alternatively, the application can generate a new symmetric session key, encrypt it with the graphic device's public key, and send it to the graphics device (hence the public-private key pair is used to enable exchange of the symmetric key). Since by definition the public key does not need to be protected from other agents, the public key can be sent to the application in the clear.
Both of these approaches require a key to be embedded in the graphics device. This increases the manufacturing cost and adds complexity to the manufacturing flow for graphics devices. A better approach is needed.