1. Field of the Invention
The present invention relates generally to broadcast data encryption, and more particularly to the encryption of recordable media to minimize unauthorized recording of content onto blank media.
2. Description of the Related Art
The advantages of digitized video and music are numerous, but one significant drawback is that being digitized, the content is relatively easy to copy perfectly, without authorization of the copyright owner. Copies can be made of digital audio and video content that is broadcast to in-home receivers over a network such as, for example, Home Box Office (HBO), or that is provided to in-home users on media such as digital video disks (DVDs). Indeed, widespread copying by pirates costs content owners billions of dollars per year. Thus, the present invention as well as the above-referenced parent application understand that it is desirable to limit the unauthorized copying of digital audio and video.
As recognized in related U.S. patent application Ser. No. 09/358,162, filed Jul. 20, 1999 (attorney docket no. AM9-99-026) and incorporated herein by reference (xe2x80x9crelated applicationxe2x80x9d), the problem is complicated by the desire of governmental bodies and consumer protection lobbies to permit a buyer of digitized content to make a single copy for archive purposes or other legitimate reasons. Accordingly, the problem addressed in the related application is how to enable a user to copy a broadcast program, but once only, using the general broadcast key encryption scheme of the parent application.
In the above-referenced parent application, a matrix of encrypted shared secrets is transmitted to individual recorders, which have been programmed with individual device keys that are used to decrypt the shared secrets to render a media key. The media key is then used to encrypt/decrypt content, as appropriate. The present invention recognizes, however, that the entire matrix need not be provided in one transmission to all recorders, but rather the matrix can be transmitted in increments over time to legitimate recorders. As understood herein, this feature advantageously can account for the presence of compromised or pirate devices in accordance with the below disclosure, particularly when the compromised or pirate devices were not known at the time the original recorder or the blank media were manufactured.
A system is disclosed for encrypting one or more broadcast programs. The system includes user devices that include respective device keys selected from a set of device keys. A media key block generator writes an old media key block that defines an old media key onto at least one blank recording medium. Also, the media key block generator generates a new media key block that defines a new media key, and the new media key block is associated with a broadcast content and is transmitted to a user device. Essentially, the new media key block revokes at least some device keys of suspected pirate recorders. A decryption module that is accessible to each user device enables legitimate devices to decrypt one or more media key blocks by means of the device keys to render one or more of the respective media keys. With this invention, a user device that is able to decrypt the new media key encrypts the content with the new media key and transforms and records, onto a blank medium, the new media block using the old media key derived from the old media key block.
In a preferred embodiment, the old media key block is established at least in part by an unconditional calculate media key command (CMKC) and the new media key block is established at least in part by the unconditional CMKC and at least one conditional CMKC. Each CMKC includes at least one column (or other subset) of a matrix of media numbers encrypted by device keys, with a conditional CMKC being further encrypted by at least one media key, calculated from a previous CMKC. To revoke the device key of a suspected pirate device, a CMKC includes at least one dummy number encrypted with the device key of a suspected pirate device.
In another aspect, a computer and/or a computer program device has computer usable means that undertake a method including receiving at least an unconditional CMKC on a recording medium, with the unconditional CMKC having an associated old level. Also, the method includes accessing a set of device keys to derive an old media key from the old CMKC, and receiving at least one CMKC associated with a broadcast content. The new CMKC has an associated new level. It is then determined whether the new level is higher than the old level, and if so, the set of the device keys is accessed to derive a new media key from the new CMKC. Additionally, the method includes transforming the new unconditional CMKC to a conditional CMKC and recording the conditional CMKC onto the medium, and encrypting the content using the new media key and copying the content onto the medium.
In still another aspect, a computer-implemented method is disclosed for transmission of one or more broadcast programs. The method includes providing to plural user devices plural computer-usable device keys selected from a set of device keys. Also, the method includes writing at least an unconditional CMKC onto a blank recording medium, with the unconditional CMKC defining an old media key. Moreover, the method includes providing at least a first CMKC and associating the first CMKC with broadcast content, with the first CMKC defining a new media key. The media keys are decrypted, and the content then encrypted using the new media key to render encrypted content. Moreover, the first CMKC is encrypted using the old media key to render an encrypted unconditional CMKC associated with the broadcast content, with the encrypted content and encrypted conditional CMKC being recorded onto the recording medium.