1. Field of the Invention
This invention relates to the field of security, and in particular to the protection of copy-protected content material.
2. Description of Related Art
The protection of data is becoming an increasingly important area of security. In many situations, the authority to copy or otherwise process information is verified by evaluating the encoding of copy-protected material for particular characteristics. For example, copy-protected material may contain watermarks or other encodings that identify the material as being copy-protected, and also contains other encodings that identify whether this particular copy of the material is an authorized copy, and whether it can be copied again. For example, content material may be “watermarked” by an additional encoding process that adds a watermark that is not noticeable when the content material is being rendered in its appropriate form, but is detectable by a watermark detection process. Attempting to remove the watermark causes damage to the content material. When a watermark is detected, the content material is further evaluated to determine whether it is an authorized copy.
To assure that the content material is truly authorized, and that illicit content material has not been substituted for material that is authorized, the content material is often ‘bound’ to the parameter that is used to determine the authorization. For example, the authorization parameter may correspond to a hash value that is derived from the content material. To verify that the authorization corresponds to the proffered content material, a hash value of the proffered content material is determined, and compared to the original hash value contained in the authorization parameter. If the hash values do not match, further rendering of the content material ceases. Because the determination of a set of values that will produce a particular hash value is virtually impossible, in a cryptology sense, the comparison of hash values is commonly accepted as ‘proof’ that the original material and the proffered material are equivalent.
For large data sets, the data is partitioned into segments, and each segment is bound to an identifier that is used to determine the authorization to access the particular segment of the data set. To assure that each segment is bound to the data set, the identifier typically includes a common parameter, such as a data set identification number, that is associated with the particular data set.
Generally, the bandwidth available for encoding information into a watermark is extremely limited. A bandwidth of one bit per second of watermark is not uncommon. As such, the number of bits that available for encoding identifiers of segments and/or data sets is limited. For example, a typical segment of a CD is approximately fifteen seconds in duration. Thus, the identifier that is bound to each segment is limited to approximately fifteen bits. Increasing the length of each CD segment will increase the number of bits available for encoding in the watermark, but in any event, the number of unique identifiers of segments of a CD, or other media, will be finite.
As is known in the art, systems that rely upon a finite number of unique identifiers is vulnerable to a “dictionary” attack, wherein each possible identifier is included in a dictionary. For example, in the prior example of a finite-sized data identifier, more than one data set may be assigned the same data identifier. In this case, an attacker may substitute segments from one data set for segments of another data set having the same data identifier. Because the substituted segment has the same data identifier, the substitution will generally be undetectable by the verification system.