The present invention relates to the protection, distribution, acquisition, and utilization of content, such as digital music content, and more particularly to systems and methods for providing distribution of such content over unsecure communication channels, including open systems such as the Internet, and establishing a robust set of rules for the authorized utilization of such content.
Currently there are various schemes in place for providing controlled or secure access to content such as may be recorded on bulk media and/or communicated from bulk media to user devices, such as user bulk media storage devices, content players, and the like. Specifically, computers and unprotected networks are currently used for distribution of copyrighted material, and such use is expected to grow rapidly in the future.
However, a computer is typically not a closed system, as it is generally composed of components, i.e., motherboard, video display adaptor, sound card, disk drive controller card, etcetera, made from many manufacturers. Accordingly, these components, as well as a network of the computers themselves, typically communicate, both internally and externally, over well documented interfaces. These interfaces include both hardware and software, e.g., application programing interface (API). Because there are many unprotected points in such systems, content that is to be protected is often encrypted.
Schemes have been developed, utilizing the above mentioned encryption, to protect content so that the owners of content can make content available to authorized users, while restricting unauthorized use, such as preventing the making of additional copies by an otherwise authorized user. However, these schemes often suffer disadvantages in requiring that the schemes themselves be kept secret in order to maintain security. Accordingly, the schemes may be implemented only by trusted parties in order to maintain the secret. Likewise, these schemes often rely on the total secrecy of cryptographic keys used by the scheme, as publication of such a key may result in loss of security for all or multiple parties using the scheme. Additionally, transfer schemes that are in place today suffer from problems with interception of the content, such as between components of a compliant system, in such a way as to allow its unrestricted or unauthorized use.
The relatively recent advent, and subsequent seemingly ubiquitous acceptance, of personal general purpose computers the Internet, and other wide spread data networks, and digital devices, such as portable digital media players, has spawned the proliferation of new scenarios for the distribution and utilization of digital content, such as music content. Accordingly, one area of particular concern with respect to controlling the transmission, reception, and/or use of content is the distribution of music content. However, it should be appreciated that other specific content infrastructures, such as those available for video content, suffer from all or some of the shortcomings described herein.
Most existing implementations existing today with respect to the distribution of music content are not very secure in that they can be intercepted at levels that are beyond the encryption. For example, most systems are currently based on proprietary protocols that are not necessarily very secure, i.e., they rely on the secrecy of the algorithm to be secure.
Other systems are susceptible to problems such as record and replay, where a conversation is watched and then later reproduced in order to counterfeit another authorization, such as to another machine not originally privy to the conversation. Such techniques are facilitated as the encrypted data in many of the present systems is sent in a single direction, i.e., little or no bilateral communication and no bilateral secure communication. Accordingly, a parasitic system may be deployed on a legitimate communication link to simply record what is being communicated between the systems communicating according to the particular security technique, i.e., record the conversation. For example, if it were desired to download music content to playback machine A and B, it is often possible to establish a legitimate dialogue between playback machine A and a service host system for receipt of a copy, via encrypted methods, of the music content which has been paid for. However, if a computer or other system is coupled to the link, it may record this conversation, although it does not understand the actual information being exchanged. Thereafter, this conversation may be replayed from the computer to playback device B to convince playback device B it has received an authorized copy of the music content.
Moreover, a significant portion of the software which handles the transfer or playback of such content is vulnerable to just snooping the data after a decryption step has been done on a host system. In this regard, one unauthorized access (xe2x80x9chackingxe2x80x9d) technique that is very common is to develop a piece of code that emulates, or otherwise pretends to be, a device used according to a legitimate use of the content, such as a sound card used in a playback of music content. However, rather than, or in addition to, performing the authorized function, such pieces of code may in fact syphon the data off into an unprotected file, or other destination, to allow its unrestricted subsequent access. These techniques take advantage of steps in which the content is not closely controlled.
These techniques have been accepted in the past, in spite of their inherent shortcomings, as the provision of content over unsecured communication links has been relatively insignificant as compared to more mainstream distribution, acquisition, and utilization methods. However, the online music industry has been growing to a point where controlling the unauthorized use of content is becoming a significant issue. Specifically, as the distribution of content through such means expands to include major studios, adoption of a secure protocol for the exchange and utilization of content has become more important.
The adoption of different security techniques is complicated by the fact that such content is often downloaded to or utilized by general purpose computers as described above. However, most of the components within such a computer are shared by a wide variety of applications, many of which require some level of protection for data. Implementing a separate protection scheme for different data types is an expensive proposition. Furthermore, requiring that individual general purpose devices, whether individually operable or operably with a general purpose computer, understand anything about the content it is holding is highly infeasible. Specifically, the processing power required to understand the content would be extremely expensive. Moreover, accurately understanding the content would be unreliable, as unrelated content may resemble protected information, particularly as the amount of content protected grows to include more and more works and/or types of content.
Schemes to block access to the main data of the information are highly impractical in a computer environment. Storage devices cannot typically identify what process is requesting information. For example, the current definition of the content scrambling scheme (CSS) for protecting DVD video requires that DVD-ROM drives disallow access to protected sectors until the DVD-ROM drive has verified that there is a compliant decoder in the system. However, once that identification has taken place, any process can read the protected data. This requirement has added expense and complexity to implementations for almost no extra protection.
In order for the exchange and utilization of music or other content to become as widely accepted as the media and distribution techniques it is replacing, the rules provided for its authorized transfer and use according to the security techniques should be robust. Specifically, it would be desirable to provide rules to allow for use of the content consistent with uses available from more conventional media. Moreover, it would be preferred to provide for use models not possible with more conventional media.
However, the present day security techniques, in addition to presenting the security shortcomings described above, generally have a very limited set of rules associated with the content. These rules are coupled with the data content in order to define what use of the content is authorized according to the particular scheme. For example, music content equivalent to an album may be distributed online, having rules associated therewith allowing the content to be played only. Such a rule is often referred to as xe2x80x9ccopy never.xe2x80x9d Alternatively, the music content may provide for copying from a computer system which initially downloaded the content to a portable playback device (PD). Such a rule is often referred to as xe2x80x9ccopy once.xe2x80x9d There is typically a state associated with the copy once rule when the copy has already been made which identifies a copy of an original what was authorized.
Accordingly, a need exists in the art for systems and methods adapted to allow for the distribution, acquisition, and/or utilization of content according to a variety of paradigms. Furthermore, a need exists in the art for distribution, acquisition, and utilization paradigms both that are consistent with the paradigms of more traditional media and that provide new scenarios, such as are particularly well suited to Internet communication and e-commerce.
Likewise, a need exists in the art for a more robust set of rules establishing authorized utilization of content. Moreover, as the user devices, such as content players, should understand and honor these rules, a need exists in the art for allowing new rules to be established, or existing rules to be altered, enhanced, etcetera. A need therefore exists in the art for user devices, and other equipment, to adapt to such new or altered rules in order to continue to properly control the content.
These and other objects, features and technical advantages are achieved by a system and method utilizing a technique, which itself is public, where only a subset of the individual cryptographic keys used thereby need remain private. Therefore, sensitive information, such as a cryptographic key associated with particular content (a content key), may be provided to such devices without substantial fear that such information will be publically disseminated.
Preferably, traditional well-understood encryption techniques, such as public key (asymmetric) and/or private key (symmetric) cryptography, are utilized according to the present invention as they have been well documented in the encryption community for a long period of time and have been proven to be very effective at providing security. Moreover, the infrastructure for employing such encryption techniques, such as the algorithms and components providing cryptographic operations, i.e., exponentiation and modulus operations, are commonly available and in many cases already deployed in systems.
In order to be available to all desiring the protection of such a system, the rules for generating keys suitable for use according to the present invention are preferably public. As the technique itself, as well as the rules for generating cryptographic keys to be utilized therewith, are public, the present invention allows for its use by all those so desiring. Moreover, as it is the cryptographic keys themselves, or portions thereof, which are maintained securely in order to provide security according to the present invention, rather than relying on the secrecy of the technique for their use, compromise of the secret information will result in only a content provider using that particular key having access to content compromised.
Operation of the preferred embodiment of the present invention is not to allow or disallow any particular transmission, but rather to obscure the content (information or data), using cryptographic methods, such that only a legitimate recipient can make use of that data, i.e., nobody but the content owner, or those authorized by him/her, is able to utilize protected media content. To this end, the present invention utilizes cryptographic algorithms well known in the art to provide cryptographic keys useful according to the present invention. However, the present invention provides unique systems and methods for managing and utilizing these cryptographic keys to thereby provide a cryptographic key management scheme, wherein the keys may be utilized for encryption or identification, which provides an end-to-end encryption technique for distribution of content.
Accordingly, for protected information, neither the data nor the secret keys are present in any unsecure communications channel in decrypted form according to the preferred embodiment of the present invention. In order to ensure no data or the associated cryptographic keys are presented in any unsecure communications channel in decrypted form, the preferred embodiment of the present invention utilizes compliant hardware and/or software at both ends of such a communication channel. Thus in operation according to this preferred embodiment, data is only decrypted by compliant or xe2x80x9clegalxe2x80x9d systems. Preferably, legal systems are defined by the author or owner of the content, or other entity affiliated with the content. Accordingly, systems that art not acceptable to this entity, for whatever reason, will not receive an appropriate cryptographic key, and thus cannot decrypt the information.
The most preferred embodiments of the present invention are implemented at least in part in hardware. Such implementations are preferred as software implementations are more subject to attacks likely to compromise the security. However, a preferred embodiment allows for the use of both hardware and software implementations of the present invention and provides for the selection of the particular implementations that are acceptable for use with any entity""s content individually. For example, the author of the content may decide which receiving entities they trust to keep the integrity of their copyright. Accordingly, for content which is highly valuable, the author may decide that only hardware decoders, or decoders from a particular manufacturer or meeting particular standards, are to be allowed to decode the content.
In an embodiment of the present invention the individual devices, or a class or type of devices, trusted with the content are provided in a list or other database. Preferably, no unique host or device identifier is available or required according to the present invention. Therefore, changing of devices, such as for upgrade or due to failure, may be easily and seamlessly accommodated.
Preferably, each different device or each different implementation of the systems and methods of the present invention have a secret key/public key pair, such as may be generated and held secret by the manufacturer of that device. For example, a public/secret key pair is used where the secret key is known only by the manufacturer and provided only to particular ones of the manufacturer""s devices. Therefore, each individual device, sets of associated devices, or manufacturers devices may utilize a different secret key known only to these devices. However, the corresponding public key is preferably widely published to content providers, certificate authorities, and/or the like. Accordingly, even where a particular device falsely identifies itself as a device of the above mentioned list, a content key can be encrypted using the public key of the legitimate device to prevent unauthorized utilization of the content.
In a preferred embodiment, a different content key would be associated with each work or collection of works. Accordingly, if a particular content key is compromised only the work or works associated therewith are compromised.
Digital signatures and/or certificates, such as may be provided by a certification authority or other trusted party, providing a level of confidence that a particular device is what it claims to be are preferably used according to the present invention. For example, all devices meeting a particular standard of operation, such as all hardware devices utilizing a particular encryption algorithm, may be provided a certificate by a trusted certification authority. This certificate may be the particular hardware device""s public key, and possibly other information, encrypted using a particular secret key of the certification authority. The corresponding certification authority public key may be distributed to content providers with the understanding that it corresponds to certificates issued to devices meeting the aforementioned standard of operation. Thereafter, whenever a device presents its certificate, the content provider may be assured that when the certificate is decrypted using the certificate authority""s public key, and a content key is encrypted with the resulting device public key, that only a device meeting the desired level of operational standards will be able to utilize the content.
According to the preferred embodiment of the present invention, root certification authorities are not required. Instead a variety of different certification authorities are encouraged to exist. In a most preferred embodiment, any entity that wishes to establish themselves as a certification authority is permitted to do so, with the only requirement for proper operation according to the present invention being that other entities participating in the content exchange and/or utilization recognize that this certification authority has certified a particular implementation meets a standard of operation. For example, certification authorities may be established for particular types of content, i.e., video, music, etcetera. Additionally or alternatively, various entities may establish themselves as those able to adequately test compliance of devices and, therefore, issue widely accepted certificates. Accordingly, any content provider etcetera that trusts a particular one of these entities may place their certificates on an acceptable list, or otherwise allow operation of devices certified by them.
Moreover, unlike prior art systems, where the scheme itself is secret, the preferred embodiment of the present invention allows the public at large to generate their own protected content without requiring license to the technology or requiring any secret information that they do not themselves generate. This is because the only secrets in the present technique are ones of the keys themselves and, in addition, allowing the rules for generating the keys to be public. Accordingly, any content provider may establish protected content and associated key sets usable according to the present invention.
Preferred embodiments of the present invention allow for the operation of compliant devices with content protected prior to the existence of particular ones of the compliant devices. For example, using the above preferred embodiment certificates, later developed playback devices may be provided with a certificate enabling their operation with content encrypted, and quite possibly distributed, before the systems and methods of the present invention could have known of these particular playback devices.
According to a preferred embodiment of the present invention, various encryption algorithms may be selected for particular works or types of content protected. Specifically, an encryption algorithm used to encrypt the data itself can be selected to provide a very high level of security or to be very fast and easy to implement depending on the type or value of data being encrypted. For example, content comprising audio only might utilize a less secure encryption algorithm in order to save gates in hardware implementations or to save time in software implementations for decryption, and thus facilitate its use on relatively inexpensive devices. With such content, these lower levels of security may be acceptable because it would likely cost more to crack the encryption algorithm than it would to simply rightfully purchase the content. However, where the value of the data being protected is high enough so that it is worth cracking the encryption algorithm if it were a weaker encryption algorithm, such if the content being exchanged were bank records, the preferred embodiment allows the use of a much stronger encryption algorithm. For example, content comprising new release movies or video, or other more valuable content, might utilize a more secure encryption algorithm in order to provide increased security, because of its relative infrequent playback access and/or the availability of relatively sophisticated devices playback devices.
Preferably, particular applications utilizing the systems and methods of the present invention implement a common set of encryption algorithms. According to a preferred embodiment, such applications as music content protection use a common set of encryption algorithms while other applications such as video content protection use a common set of encryption algorithms to thereby promote compatibility between devices adapted to utilize such types of content. For example, entities distributing music via the Internet standardize their protection of content according to the present invention to utilize a same symmetric encryption algorithm in order that each such music distributor can easily provide content that is operable on everyone""s playback devices.
A robust set of rules establishing what may be done with the protected content, i.e, establishing authorized and/or unauthorized uses of the data, is preferably established according to the present invention. Accordingly, a robust set of distribution, acquisition, and/or use paradigms may be accommodated according to the present invention. For example, the rules of the preferred embodiment provide for the purchase of content, such as music, and its utilization, i.e., listening, online as it streams to the user""s computer.
Additionally or alternatively, the rules may allow the user to only utilize the content that single time, or may provide for its recording for later playback once or a fixed number of plays, or even for a predetermined period of time. Another use or distribution model provided for according to a preferred embodiment of the present invention allows the distribution of a large piece of media, such as DVD, which includes many separate works, such as hundreds of individual songs or collections of songs. However, each, or ones, of these works are separately protected according to the present invention. Accordingly, a user may access a server and individually unlock or otherwise receive access to desired ones of the works. In this way the user is not required to purchase all the works, but only those in which he/she is interested. This model is advantageous because it saves download time as the bandwidth of many network connections are not yet high enough to speedily accommodate large transfers of data quickly.
The rules of the preferred embodiment provide not only for the actual utilization of the content, but also for content management. For example, rules are directed to the authorized copying of content, such as for backup purposes or for use on an alternative device. Such rules provide for serial copy management and, preferably, are adapted to restrict use of particular copies based upon particular copy management status.
Additionally, rules of a preferred embodiment of the present invention provide for broadcast models. For example, an encrypted stream of data may be broadcast such that anybody that chooses to receive it may do so. However, only those who have the appropriate content key provided by operation of the present invention may actually utilize the broadcast content.
According to a preferred embodiment of the present invention, the rules of the present invention are extensible. For example, associated with ones of the rules are flags which indicate a state of the rule and/or a particular extension to the rule.
Preferably, rules may be developed and added after a particular basic rule set has been established to provide additional functionality according to the present invention. As the preferred embodiment provided the rules with the associated content, and the compliant devices include processors capable of interpreting these rules, new or modified paradigms may be created to address current desires without altering any existing infrastructure of the present invention.
Accordingly, a technical advantage of the present invention is that unauthorized use of protected material is prevented. The content protectable according to the present invention includes audio information, video information, and computer information.
A further technical advantage is provided in that a robust set of use paradigms are supported, such as pay per view techniques, including authorization via phone or Internet, bulk media distribution, use restricted to a location, time, number of plays, and the like.
A still further technical advantage of the present invention is that utilization of protected content in both dedicated devices, such as portable players, and computers is provided for.
The foregoing has outlined rather broadly the features and technical advantages of the present invention in order that the detailed description of the invention that follows may be better understood. Additional features and advantages of the invention will be described hereinafter which form the subject of the claims of the invention. It should be appreciated by those skilled in the art that the conception and specific embodiment disclosed may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present invention. It should also be realized by those skilled in the art that such equivalent constructions do not depart from the spirit and scope of the invention as set forth in the appended claims.