Video content, including still photography, motion photography, and multimedia content, is frequently the result of extensive intellectual investment. For example, feature motion pictures often cost millions of dollars to produce. Software developers, such as manufacturers of video games, often spend vast sums of money researching and developing images with a particular appearance. Such expenditures can easily represent a substantial portion of the producer's investment in the video content. Accordingly, unlicensed reproduction of video content is a threat to the pocketbook of the producers of the video content.
While many countries have enacted legislation to curb the unlicensed reproduction of video content, “bootleggers” abound. Bootleg copies of major motion pictures and other video content can be found advertised in magazines and on the Internet, for example. Since video content has traditionally been distributed in analog format (i.e., video tape and cable television), the quality of such bootleg copies has been notoriously poor, due to the technical difficulties bootleggers find in copying analog video content. However, as the distribution of video content has migrated from analog to digital technologies, and as digital technology has improved, the quality of such copies has likewise improved. Bootleggers are able to download real time video content directly as the video content is distributed on digital cable networks, digital satellite systems, or as streaming video over the Internet. The result of such bootlegging is a much higher quality product, for which more money can be illegally obtained, and which finds a much broader market. The growth of digital distribution techniques has, therefore, made the illegal bootlegging of video content more lucrative.
Due to the threat posed by bootleggers, legitimate distributors of video content have resorted to encryption. Encryption allows video content to be distributed in a manner that only authorized recipients can decrypt. Bootleggers may be able to download the encrypted video content, but such encrypted video is useless without the proper decryption key that is used to decrypt the video content. Encryption is made possible by the exchange of an encryption key (“key”) that is shared between the distributor and the intended recipient, which is difficult or impossible for the bootlegger to determine or to guess. Possession of the key enables a recipient of the video content to decrypt and view (and record) the encrypted video content.
Of course, many bootleggers are able to mount a “brute force” attack. A brute force attack involves attempting to decrypt the encrypted video content using every conceivable encryption key until the correct encryption key is identified. While theoretically any key can be determined by a brute force attack, a brute force attack can take a large amount of time. Theoretical estimates of the amount of time required to perform a brute force attack can be made using various types of hardware and software.
One of the best defenses against a brute force attack is to change the key. It is particularly helpful to use each key so briefly that the key cannot be cracked before the next key is used. For this reason, different portions of the video content may be encrypted by a video content provider using different encryption keys. For example, the video content may be partitioned into segments such that each segment represents two seconds of video content, and each segment may be encrypted using a different key. Due to the extremely large number of keys that are therefore involved and the time required to crack each key, a brute force track is prohibitively difficult. One such technology is described in the Open Cable POD Copy Protection System (IS-POD-CP-INT03-000714) Interim Specification dated Jul. 14, 2000 incorporated herein by reference. Generally, a Diffie Hellman public key exchange takes place between a POD and a host unit (e.g., CPU). The resulting long term public keys (e.g., 1024-bit keys) are used to derive authentication keys by applying the SHA-1 (secure hash algorithm) function, to a message consisting of a shared secret key, a host ID, a POD ID and the long term public keys. The SHA-1 operates according to the methodology described in the U.S. Department of Commerce, National Institute of Standards and Technology, Federal Information Processing Standards Publication 180-1 (NIST FIPS PUB 180-1). The host and POD also exchange random values and respective ID's to compute an interim shared message digest. The interim shared message digest is computed by applying SHA-1 to a message consisting of the authentication key, the secret portion of the Diffie Hellnan key and the two random values. The interim shared message digest is used as input to a DFAST (Dynamic Feedback Arrangement Scrambling Technique) engine that operates according to the methodology described in U.S. Pat. No. 4,860,353. The DFAST engine uses the interim shared message digest to produce-a 56-bit copy protection (CP) key. A new CP key may be generated every two seconds or other suitable period as determined by the POD. Both the POD and the host internally determine the CP key. The CP key is not sent between the POD and host. Also, such techniques typically use the hash operation and DFAST algorithm when producing the shared secret key, such as the CP key. This results in extra processing time.
It would be desirable to off load some or all of the decryption from the CPU to another processor where multiple processors are used in a host unit. For example, a graphics processor or other suitable processor may be locally coupled to the host CPU through an unsecure bus such as-a PCI bus or non-peripheral device bus. Typically, if a new encryption (CP) key is used by the distributor, the new key is also derived by the central processing unit. Because the central processing unit is typically coupled to the graphics chip across an unsecured bus, which is easily accessible to other devices in the recipient system, a bootlegger may simply intercept the keys as they are provided to the graphics processor and use the keys to decrypt the video content.
Therefore, a need has arisen for a method and apparatus that provides for a bus encrypted CP key within a recipient unit.