The invention relates to software piracy prevention. More specifically, the invention pertains to a novel method of protecting digital data against unauthorized copying and use.
Digital media have become popular carriers for various types of data information. Computer software and audio information, for instance, are widely available on optical compact disks (CDs). Recently, the digital audio tape (DAT) has gained in distribution share. The CD and the DAT utilize a common standard for the digital recording of data, software, images, and audio. Additional media, such as multimedia compact disks (MCD), digital video disks (DVD), super density disks, and the like, are making considerable gains in the software and data distribution market.
The substantially superior quality of the digital format as compared to the analog format renders the former much more prone to unauthorized copying and pirating. Copying of a digital data streamxe2x80x94whether compressed, uncompressed, encrypted or non-encryptedxe2x80x94typically does not lead to any appreciable loss of quality in the data. Digital copying thus is essentially unlimited in terms of multi-generation copying. Analog data with its substantial signal to noise ratio, on the other hand, is naturally limited in terms of multi-generation and mass copying.
The advent of the recent popularity in the digital format has also brought about a slew of copy protection systems and methods. These are generally grouped in categories such as encryption, copy protection, and content extensions.
Prior art methods of preventing unauthorized copying of copyrighted and protection-worthy data do not attain a particularly high degree of protection.
Encryption, which is used in the digital and the analog format, essentially scrambles the information. The data stream can be made usable only with the proper key. It has been found that encryption is usually easy to crack. Once the key has been found by a copy pirate, the information may be freely multiplied without encryption.
Software copy protection was widely used during the early days of the personal computer. However, software manufacturers essentially stopped copy protection once it was found that, on the one hand, virtually all copy protection codes would be quickly broken by hackers and, on the other hand, the development of new types of copy protection was becoming prohibitively expensive. Furthermore, non-protected programs soon turned out to become so widely usedxe2x80x94even though many copies were unauthorizedxe2x80x94that the additional sales could largely make up for the bootleg losses.
One hybrid solution is partly software and partly hardware based. In such systems, the identification features of the storage media are used, in order to determine their existence in the system. If that feature is also present in the data to be protected, then it is assumed on the basis of the binder connection between the data and the storage medium, that the data have been read from or used by just that medium. An example is a copy protection system in which the identification number of compact flash cards are used (company Liquid Audio). That protection is easily cracked in so far as the feature ID of the memory card can be easily manipulated in the system.
An established hardware-based protection system uses a special hardware circuit (e.g. at the parallel port of a PC) for processing an authentification between the data and the circuit. The relevant data can be used only in the presence of that hardware module. Such a hardware module for copy protection is often referred to as a dongle. That solution has several disadvantages. On the one hand, the module must be usable on all platforms on which the memory card is to be used. This is very difficult and hardly possible in heterogeneous user environments (e.g. PC, PDA, low-cost audio player, etc.). The target system, furthermore, must include a corresponding interface. In PCs this is typically the printer interface. Such an interface, however, is not typically present in low-cost applications (e.g. portable tape players and disc players).
On the other hand, the data can be copied and used without any problem when the hardware module is correspondingly manipulated. It is also understood that copy protection and the prevention of pirating in general is not typically in the consumer""s interest.
Several popular programs use a system in which an installation key is delivered with the original program packaging of the data carrier (e.g. CD or floppy). The installation key is required before the program data can be installed on a PC. It is thereby easily possible to copy the key together with the data content of the CD any number of times and to thus distribute and bring into circulation any number of pirated copies.
Another established protection mechanism comprises preventing copying in general with the aid of special protocol conventions. Such protocols have been established, for instance, in the audio application of DAT recorders. As noted above, CD and DAT data formats are substantially identical and, accordingly, multi-generation copying would be possible. In the DAT system, therefore, the CD to be copied is queried for special copy protection information and, if the protection is activated, the DAT recorder is not authorized for copying. Such a method, however, is disadvantageous in that a high degree of discipline with regard to the target devices is necessary. Special anti-copy circuitry must be included in the recorder. Such a system is known as the serial copy management system (SCMS). The end user is not generally interested in those measures. It has been shown that the discipline is not always maintained. In particular, black boxes for filtering the copy-prohibit instruction from the digital signal are widely available. Recently, also, the use of modern PCs makes it possible to easily manipulate such mechanisms and, in the end, to circumvent them.
It is accordingly an object of the invention to provide a copy protection method and system, which overcomes the above-mentioned disadvantages of the heretofore-known devices and methods of this general type and which safely protects against copying of protected data from one medium onto an equivalent storage medium and the identical use of the copied data as the data on the original storage medium. It is a particular object to prevent the reading-out of information while retaining existing protection mechanisms and the subsequent copying of the deciphered data. Finally, it is a specific object of the novel method to bind the data to be protected with the carrier medium and to render free duplication of the data onto other carrier media impossible.
With the foregoing and other objects in view there is provided, in accordance with the invention, a method of preventing unauthorized copying of data by authorizing data and a storage medium. The method comprises the following steps:
providing a storage medium with useful data and a unique identification;
transmitting a challenge signal from a host to the storage medium;
generating a response signal in the storage medium and transmitting the response signal to the host; and
determining whether a proper correlation exists between the storage medium and the useful data, and authorizing the data for use in the host if the proper correlation exists.
In accordance with an added feature of the invention, a random number is generated and incorporated in the challenge signal.
In accordance with another feature of the invention, the useful data comprise a software program and the host is a software processor, and the method further comprises copying a plain copy of the software program from the storage medium to the host prior to the transmitting step.
In accordance with a further feature of the invention, a further challenge signal is transmitted from the storage medium to the host, a response to the further challenge signal is generated in the host, the response is transmitted to the storage medium, and the response is authorized in the storage medium if the response corresponds to a setpoint response.
With the above and other objects in view there is also provided, in accordance with the invention, a copy protection system, comprising:
a storage medium containing useful data and having a unique identification;
a host adapted to receive from the storage medium a transmission with the useful data, the host being programmed to:
generate and transmit a challenge signal to the storage medium;
process a response signal received from the storage medium; and
determine whether a proper correlation exists between the storage medium and the useful data, and authorize the data for use in the host if the proper correlation exists.
In accordance with again a further feature of the invention, the storage medium is a multimedia card and the host is a computer.
In accordance with a concomitant feature of the invention, the host includes a random number generator and a random number generated in the host is included in the challenge signal. In addition, or in the alternative, the storage medium includes a random number generator.
Other features which are considered as characteristic for the invention are set forth in the appended claims.
Although the invention is illustrated and described herein as embodied in a copy protection system and method, it is nevertheless not intended to be limited to the details shown, since various modifications and structural changes may be made therein without departing from the spirit of the invention and within the scope and range of equivalents of the claims.
The construction and method of operation of the invention, however, together with additional objects and advantages thereof will be best understood from the following description of specific embodiments when read in connection with the accompanying drawings.