The present invention relates to protection of content stored on a bulk storage media and more particularly to a system and method for providing controlled utilization of the stored content through the use of public keys stored upon the media itself.
Currently there are various schemes in place for providing controlled or secure access to content recorded on bulk media. However, these schemes often suffer disadvantages in requiring that the schemes themselves be kept secret in order to maintain security. Accordingly, the schemes may be implemented only by trusted parties in order to maintain the secret. Likewise, these schemes often rely on the total secrecy of cryptographic keys used by the scheme, as publication of such a key may result in loss of security for all or multiple parties using the scheme.
For example, DVD media, currently only protected for video content, utilizes a two part scheme: a cryptographic key for decrypting information recorded on the media is produced according to a predefined protocol and stored according to that protocol on a limited access portion of the media; and a cryptographic technique, also defined by the protocol, is utilized to securely pass that key to a play-back entity. Accordingly, in order to produce either a media device, i.e., media player, or media itself, there must be understanding of the whole scheme, i.e., how it works. Furthermore, there must be access to the keys, that have been predefined by this scheme, themselves. There must be a globally held secret among all of the people who produce players and all the people that produce media. Here, the security lies in keeping secret how the cryptographic keys are made and how the messages, i.e., the passing of the keys, are encrypted. If the protocol itself were revealed then all content, regardless of the particular entity which produced/recorded it, becomes compromised because, if the protocol were common knowledge, rogues could generate and/or intercept keys capable of decrypting protected content. Any compromise of the system will compromise all systems and media at the same time.
Additionally, as the media content key associated with the protected content is stored on the media itself, the above described scenario relies on all parts of the system honoring the security of the key. Therefore, an illegally designed media reader could pass the content key through to a device or entity which is not authorized to receive that key. Likewise, an illegally designed media reader could duplicate the raw data of the media, including the encrypted content and media content key stored thereon, on a second media and thus create an unauthorized copy conforming to the protocol described above. However, a media reader provided according to this scheme will prevent such unauthorized access/activity and, therefore, provide security because not all the raw data will be available. In particular the sectors where keys are hidden will not available on any consumer product because all of these products are produced under licenses providing that if the scheme is used, the device shall not allow particular operations.
Accordingly, for the system to provide protection to the content, the media decryption key stored on the media is read by a media reader, i.e., DVD disk drive, only in proper circumstances, i.e., an authorized play-back device requests the media content key according to a preestablished protocol, and thereafter, provided in encrypted form for communication to the play-back device. In this scheme, the media content key is passed after a key exchange is done such that when the key is handed from the media reader to the play-back device it is done encrypted. I.e., the play-back device would send its encryption key to the media reader, the media reader would read the media content key from the media, encrypt the media content key with the play-back device""s encryption key, and pass this encrypted version of the media content key to the play-back device where it may be decrypted with the play-back device""s (secretly held) decryption key for use of the media content key in accessing media content as provided by the media reader.
For example, in a host computer (here the play-back device) coupled to a DVD disk drive (the media device) via the computer""s bus structure, information communicated between the computer and drive is exposed easily to rogues, or xe2x80x9chackers,xe2x80x9d and probing. Therefore, the media content key is passed over this bus only when it has been obscured by a key established through a key exchange between the drive and the host computer. However, in a stand alone player, where the media reading mechanism and the video play-back device are in one box, and the connection between them is somewhat secure, then such a key exchange and/or encryption of the media content key may be omitted in favor of decrypting the data directly internally.
The way this scheme is implemented, the media reader itself, as it may access the media content key, must honor the scheme and refuse to access the content key for unauthorized purposes. Likewise, as the play-back device is provided the content key, so too must the play-back device honor the protection scheme. However, in addition to relying on the security of the individual keys, details of the operation of the above described scheme itself, such as where and in what format content keys are written and the algorithm for conducting key exchanges, are kept secret in order to avoid the unauthorized retrieval/interception of keys and, therefore, compromising the security provided. Additionally, with the current scheme if an entity is able to generate legitimate protected media, that entity is also able to make illegal copies of other media as the secrets of the scheme must necessarily been revealed to this entity in order to allow the generation of legitimate protected media.
Accordingly, the protocol for encryption of the data and the generation of keys is only revealed by license, i.e., only trusted manufacturers of content and devices which read, write, or otherwise utilize this content are provided with the secrets of the protocol, and then only under the terms of a license agreement restricting use and dissemination of this secret information. Very few people or entities are able to obtain such a license, and its attendant secrets, in order to provide content and/or devices adapted in the nature of the protocol. As such, general content providers, such as small entities or entities providing content for internal or limited use, cannot protect their work as they have no way of recording such a key to the media in a secure manner that prevents illegitimate copying/utilization of protected content while allowing legitimate generation of secure disk. Therefore, there is no process that one can publicly use to generate such keys and, therefore, there is no process for those other than the licensed entities to record protected content compatible with this scheme.
A further need exists in the art for providing access to content with alternative techniques for security such as secure passing of keys stored on the media, communication with an external authorization center, and verification of the authenticity of the media.
A need therefore exists in the art for a technique providing secure access to the content of mass media which may be utilized by a great number of individuals and entities without risk of compromising security.
These and other objects, features and technical advantages are achieved by a system and method utilizing a technique, which itself is public, where only the individual keys used thereby need remain private. In order to be available to all desiring the protection of such a system, the rules for generating keys suitable for use according to the present invention are preferably public. As the technique itself, as well as the rules for generating cryptographic keys to be utilized therewith, are public, the present invention allows for its use by all those so desiring. Moreover, as it is the cryptographic keys themselves, or portions thereof, which are maintained securely in order to provide security according to the present invention, rather than relying on the secrecy of the technique for their use, compromise of the secret information will result in only a content provider using that particular key having access to content compromised.
The present invention operates to provide protection in addition to the limited access of content through the use of cryptographic keys. Specifically, the present invention is able to securely identify a piece of media as being an original. Likewise, the present invention is able to securely identify a play-back device as being authorized. Accordingly, devices or users of the media may be assured that interaction therewith is authorized as each end can securely identify the other and each end can securely send data to the other end.
Operation of the present invention is not to allow or disallow any particular transmission, but rather to obscure the content (information or data), using cryptographic methods, such that only a legitimate recipient can make use of that data, i.e., nobody but the content owner, or those authorized by him/her, is able to copy protected media content. To this end, the present invention utilizes public key algorithms well known in the art to provide cryptographic keys useful according to the present invention. However, the present invention provides a unique system and method for managing and utilizing these cryptographic keys.
Preferably, as in the above described prior art system, the media reader or disk drive (media device) honors the technique of the present invention. For example, through licensing of media device manufacturers, it may be ensured that these devices honor the technique. Therefore, sensitive information, such as the aforementioned content key, may be stored on the media without substantial fear that such information will be publically disseminated. Preferably, media devices unaware of the scheme will not crack it, i.e., a drive that can read/write raw the standard areas won""t copy the copy protection information provided in a secured area. Accordingly, any attempt at violating the technique of the present invention, such as to read sensitive information stored on the media, is either unable to perform the technique at all, i.e., is unable to instruct a media reader to access restricted areas of the media, or if the device allows improper utilization there is a legal remedy available.
However, unlike the prior art system, where the scheme itself is secret, the present invention does allow the public at large to generate their own protected content without requiring license to the technology or requiring any secret information that they do not themselves generate. This is because the only secrets in the present technique are the keys themselves and, thus, allowing the rules for generating the keys to be public. Accordingly, media devices may be adapted to allow for limited access to secure areas of the media in order to provide for mastering of content protected by the present invention. This allows anyone to be able to generate their own protected media.
According to the present invention, a public/private key pair is used where the private key is known only by the manufacturer or content provider for provision only to select, or authorized, decoders or play-back devices. Therefore, each individual device, sets of associated devices, or manufacturers devices may utilize a different private key known only to these devices. Likewise, in a preferred embodiment, a different content key would be known by each piece of media, which if compromised only presents a security risk for that media.
However, the media, or the media device operating therewith when the media is strictly a passive device, needs to know the play-back devices public key. As long as the media is guaranteed that the public key does in fact belong to a particular owner, i.e., is authentic and is associated with an approved or authorized device, the system is secure. Accordingly, the owner or manufacturer of the play-back device is, in fact, best off not by keeping that public key a closely held secret but by broadcasting it to world. This public dissemination of the public key decreases the chance of a rogue fraudulently distributing a public key as belonging to an approved or authorized entity. For example, company X publishes a public key widely identifying itself as the source, it is much more difficult for company Z to latter fool the public into believing that a subsequent public key is company X""s public key. Therefore, in the preferred embodiment, the public keys of approved play-back devices are actually published on the media.
By publication of the play-back device""s public keys, the present invention not only operates to securely transmit information, but also provides for securely identifying either or both ends, i.e., the media and/or the play-back device, as being legitimate. Accordingly, any information storage scheme providing an area that is fully readable and an area providing controllable or restricted access may be utilized according to the present invention.
Unlike the aforementioned prior art scheme, there is no widely held secret, i.e., the play-back providers and the media generation providers all having to know how the whole scheme works, including the values for the keys. As the only parts of the present invention that are secret are the private keys themselves, no secrets need to be shared among parties. Accordingly, each manufacturer, whether a manufacturer of media or devices operable therewith, can keep their own secrets. Moreover, these secrets may be kept such that the true secrets are known only by very few people, in such a way that actually nobody knows the true secret where, for example, the secret is embedded and shipped via random generation which is then destroyed before it is ever noted, or in a hidden away where, for example, certain persons are provided partial information with respect to the keys and some plurality thereof are needed to reconstruct the key. Moreover, as these private keys may be embedded within circuitry useful in encrypting/decrypting information according to the present invention, the private keys may not even be revealed to any party.
In an alternative embodiment, rather than storing the content key in an area of limited access on the media, for retrieval by the media device and subsequent transmission to the play-back device, the key is securely stored by the media which actively operates to securely transmit this key to the play-back device without ever disclosing the key to the media device. Accordingly, the active component utilized for hiding this key not in the media device or disk drive. Instead, it is a portion of the media, such as an electronic circuit including a processor and memory operating under control of an internal algorithm. Therefore, the content key, which is stored on the media within the aforementioned memory, may be hidden and, preferably utilizing the public key of the play-back device passed through the media device to the play-back device without its ever being revealed to the media device. Through the above mentioned secure identification of the play-back device, the active media of this alternative embodiment may be assured that the media key is not revealed to unauthorized entities. Alternatively, the fact that the content key is encrypted using a public key associated with an authorized play-back device provides confidence that it may only be used by that play-back device barring a security breach of the private key.
Another alternative embodiment of the present invention utilizes an external source to acquire a content key, such as for xe2x80x9cpay-per-view.xe2x80x9d Accordingly, rather than a content key stored on the media, an identifier string, such as may be used to authenticate the media, may be stored for provision to an external source, utilizing public key encryption according to the present invention, in order to acquire a content key useful with the desired content.
Additionally, or alternatively, contact with the external source may provide up-dated information with respect to authorized decoders or play-back devices suitable for use with the media. For example, a list of authorized public keys may be up-dated by such communication in order to allow a media device to securely provide a content key to a decoder not originally included as an authorized decoder.
A technical advantage of the present invention is that a technique known to the public, and therefore available for use by the public, may be utilized to prevent useful copying of protected content.
A further technical advantage of the present invention is that playability is allowed in both dedicated players and computers, as well as providing for the play-back in later authorized devices.
A still further technical advantage of the present invention is provided in its ability to protect both video information and computer information. Moreover, such protection may include interaction with an external authorization center, such as pay-per-view techniques, via such commonly available communication networks as phone or Internet.
The foregoing has outlined rather broadly the features and technical advantages of the present invention in order that the detailed description of the invention that follows may be better understood. Additional features and advantages of the invention will be described hereinafter which form the subject of the claims of the invention. It should be appreciated by those skilled in the art that the conception and specific embodiment disclosed may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present invention. It should also be realized by those skilled in the art that such equivalent constructions do not depart from the spirit and scope of the invention as set forth in the appended claims.