1. Field of the Invention
Apparatuses and methods consistent with the present invention relate to digital content protection, and more particularly, to protection of digital content in a digital rights management (DRM) system.
2. Description of the Related Art
As the world is moving from the analogue age to the digital age, more contents are being created in digitized forms. While copying of analogue content requires much time and effort, digital content can be copied easily and quickly.
Also, while the quality of analogue content is degraded in proportion to the frequency of its copying, the quality of the digital content is maintained identically regardless of the frequency of its copying. Accordingly, protection of digital content has been requested and many companies have conducted a variety of research projects for protection of digital content.
FIG. 1 illustrates a conventional digital content protection environment.
Referring to FIG. 1, in the conventional digital content protection environment a transmission stream is received through a variety of broadcasting transmission channels and digital content is designed to be protected by using information included in the transmission stream.
In particular, a U.S. organization, Cable Television Laboratories, Inc. (CableLabs), ordered that copy control information (CCI) be attached to digital content in order to control copying of the content. The CCI is 2-bit information to restrict the number of times the digital content may be copied. The types of CCI include copy free (00), copy once (01), copy no more (10) and copy never (11). “Copy free” indicates that copying the content is permitted without restriction. “Copy once” indicates that copying the content only one time is permitted. If content with the CCI set to “copy once” is copied, the CCI for that content is changed to “copy no more.” “Copy never” indicates that copying the content is prohibited.
Also, in order to prohibit unrestricted redistribution of high definition (HD)-level digital content broadcast in the U.S., the U.S. Federal Communications Commission (FCC) ordered that a broadcast flag should be attached to the digital content. The broadcast flag is a 1-bit flag indicating whether or not unrestricted redistribution of digital content is prohibited. The types of broadcast flag include broadcast flag on (1) and broadcast flag off (0). “Broadcast flag on” indicates that unrestricted redistribution of digital content is not permitted, while “broadcast flag off” indicates that unrestricted redistribution of the digital content is permitted. A variety of usage constraint information (UCI), such as the CCI and broadcast flag information described above, can be added to the digital content.
To use various kinds of content received through a variety of transmission channels, a user must acquire a license from a copyright holder whenever the user uses such content. However, acquiring such a license is complicated. If the user imports the content received through the transmission channels using the user's DRM system, converts the imported content into a content file satisfying regulations of the user's DRM system, and is issued a license within the scope of the original UCI, the user is free to use the imported content file via a user's device or domain.
The importing of content refers to a process in which a license for content received from outside is issued according to a rule of the user's DRM system and the content is encrypted. That is, the importing of content involves a process of converting a content file that does not comply with the rule of the user's DRM system into a content file that does comply with the rule of the user's DRM system. The license is required to decrypt the content and use the decrypted content, and includes a content key and usage regulations, etc. The content file is a piece of content, i.e., a unit for constituting a broadcasting program including digital content, and copy control information or a license for the content.
FIG. 2 shows the structure of a conventional imported content file. Referring to FIG. 2, meta information about content is usually recorded in a header of the content.
When a content file received via a transmission channel, i.e., an independent program, comprises a plurality of content parts, each of the plurality of content parts is encrypted using a content key and thus requires a plurality of licenses. The content parts constitute a program but each includes different UCI.
A conventional DRM system that performs an import operation generates the header of the content file, encrypts received payload packets, and packages the encrypted payload packets and the header, thereby generating the content file as illustrated in FIG. 2. When the conventional DRM system imports content comprising the plurality of content parts, it is difficult to record decryption information in the header whenever the UCI of the content received from the outside changes since the size of the header is fixed.
The content file having the structure as illustrated in FIG. 2 suffers from a time delay problem in that that time is delayed when a device receives half of the content via streaming. This problem will now be described with reference to FIGS. 3A and 3B. An advanced encryption standard (AES)-128-CTR method or an AES-128-CBC method is used to encrypt content constituting a (Motion Picture Experts Group-2) MPEG-2 transport packet.
FIG. 3A illustrates encryption using the AES-128-CTR method. Referring to FIG. 3A, the AES-128-CTR method combines encryption parameters, SALT and serial numbers, calculates counter values, encrypts a content key using the counter values according to an AES algorithm, generates a key stream, and performs an exclusive or “XOR” operation on the content with the key stream, thereby completing the encryption. The encryption divides the content into 128 bits, i.e., 16 byte encryption blocks. The counter values are numbers sequentially allocated to the 16-byte encryption blocks, so that a counter value of a next encryption block is larger than that of a previous encryption block by 1.
FIG. 3B illustrates encryption using the AES-128-CBC method. Referring to FIG. 3B, the AES-128-CBC method performs the XOR operation of an initial vector used as the encryption parameter with plain text, and encrypts a resultant value using the content key according to the AES algorithm, which completes the encryption of a block. Not the initial vector, but a block encrypted in a previous stage is used as the encryption parameter to encrypt the next block, and so on.
As described with reference to FIGS. 3A and 3B, when the device pertaining to a domain receives, via streaming, half of the content file encrypted using the AES-128-CTR method or the AES-128-CBC method, the device must perform all the arithmetic operations relating to the transport packets of the other half of the content file in order to acquire an encryption parameter necessary for decrypting the transport packets of the received first half of the content file, which causes a time delay.