The present invention generally relates to physical storage or memory media. In particular, the present invention pertains to a media comprising enhanced portions of content enabled for use by an encrypted key provided by a third party such as a web service provider.
The entertainment industry is in the midst of a digital revolution. Music, television, and movies are increasingly becoming digital, offering new advantages to the consumer in quality and flexibility. At the same time, since digital data can be perfectly and quickly copied, the digital revolution also comprises a threat. If consumers may freely copy entertainment content and offer that content on the Internet, the market for entertainment content would evaporate.
Another issue faced by content owners is fraudulent manufacturing of media such as DVDs. DVDs are typically manufactured by replicators. On occasion, replicators producing these DVDs do overruns without telling the content owner, for example, a movie studio. After replicating the DVDs for the movie studio, the replicator runs an additional batch for sale on the black market. Movie studios at present have little control over the replicators. However, this source of fraud may be minimized if the DVD were encrypted in such a way that authorization was required before the DVD is played.
One conventional content encryption method encrypts the content on pre-recorded media. The content is enabled for play after the user purchases through an Internet transaction the right to play or otherwise use the content. This approach to content protection has been implemented in several conventional content protection schemes. IBM has implemented a method in which a CD-ROM disc was recorded with encrypted software for many different applications, which is referred to as CD Showcase. The CD-ROM disc was given away for free by mass mailings or at trade shows. After paying a fee, the user would be given a decryption key that would allow them to decrypt a particular application and install it on the system. The disc often contained free demonstration versions of the software that the user may preview, with the intent that the user might decide to purchase the fully featured version.
Another conventional content encryption method was used as a method for renting compact disks (i.e., CD or DVD) movies, implemented by the Divx Company. In one example, the DVD movies were encrypted on the disc using the triple-DES cipher. When the user played a movie, the DVD player may decrypt the content without external authorization from the rental company. However, the DVD player would periodically call a processing center and report the movies it had played.
The DVD player would not play movies if it were unable to call the processing center. The discs were sold for a rental fee and comprised one 48-hour viewing period. If the disc was played after the initial viewing period or if it were played on a DVD player other than the one authorized, these additional viewings would be charged to the user. This approach using content encryption method provided several advantages: the user did not have to return the “rental” disc after playing, and the period of free viewing did not start until the user played the disc. Consequently, the user may “rent” the disc at his convenience, i.e., on a Tuesday for later playing on Saturday night. However, this approach required a specialized DVD player that can call a specific processing system.
One of the shortcomings of both of these content encryption methods was that the cryptographic keys used were essentially global secrets. However, global secrets often do not remain secret very long. In one conventional application of the content encryption method, the global secret may be updated periodically for new discs as the DVD players connected to the processing center. However, the old discs were still compromised.
One approach to protecting copyrighted content on physical storage or memory media is to have the user connect to a web service provided on the Internet to authorize or purchase the content. A conventional approach for this connection is a public/private key system. A web service provider and the DVD player each have a public key. The DVD player and the web service provider handshake on a public/private key to verify the web service provider and the DVD player. The key would be delivered based on the handshake, establishing a secret key. However, the public key calculation is a complicated calculation and is difficult to perform. Furthermore, the handshake requires an active online connection, which may be inconvenient for the user.