The present invention relates to a method and apparatus for protection of recorded digital data, for example protection of audio and/or visual data as recorded on compact disks, digital video disks or other similar supports.
The introduction of digital technology in the audiovisual field has brought considerable advantages to the consumer in comparison with analog technologies, notably in relation to the quality of reproduction of sound and image and the durability of the support medium. The compact disk has all but replaced traditional vinyl records and a similar trend is expected with the introduction of new digital products aimed at the multimedia and home entertainment markets generally. notably the digital video disk.
A particular problem associated with digitally recorded data lies in its ease of reproduction and the possibilities for piracy that arise therefrom. A single digital recording may be used to make any number of perfect copies without any degradation in the quality of the sound or image. This problem is serious, particularly with the advent of recordable digital products such as the minidisk or DAT, and the reluctance of entertainment companies to license copyright works whilst this problem remains has acted as a break on the introduction into the market of new media products.
At present, the only practically available solution against unauthorized reproduction of copyright works has been a legal one, and a number of countries in Europe and elsewhere have introduced anti-piracy legislation to combat the increasing number of pirate films, CDs etc being brought onto the market. For obvious reasons, a legal solution is less than optimal from the point of view of preventative action.
Technological anti-copying solutions proposed to date for audiovisual works have been extremely basic, relying for example on the idea of using some form of digital  less than  less than handshake greater than  greater than  between the reader and support medium so as to verify the origin of the the recording. Such protection is, however, only effective against only the most low level of copying activity, since the handshake signal is not protected in any way and may be easily read and reproduced so as to convert an unauthorised copy into an apparently authorised and readable copy.
Computer systems using secret keys stored in a smart card to control access to encrypted computer disk data are known, for example, from U.S. Pat. No. 5,191,611. Such systems possess the disadvantage that the reader needs to be provided with considerable processing and memory capabilities in order to decrypt and store the recorded encrypted blocks of data. As will be understood, such systems are generally inconvenient when used to protect computer data and are even more unsuitable for application in the audiovisual domain, where a reader device typically has a much smaller capacity to process and store data in comparison with a computer, but where a real-time flow of data needs nevertheless to be maintained.
The aim of the present invention is to overcome the disadvantages associated with the prior art techniques and to provide an efficient technological solution against the unauthorised reproduction of digitally recorded copyright works, particularly in relation to audiovisual works.
According to the present invention there is provided a method of restricting access to recorded digital data on a digital support medium using an integrated circuit containing a first decryption key characterized in encrypting with a corresponding encryption key one or more elements of the volume descripter of the support medium, recording the encrypted volume descripter elements together with non-encrypted data on the support medium and, when accessing the support medium, using the integrated circuit decryption key to decrypt the encrypted elements of the volume descripter and to supply a reader with these elements so as to permit the reading and/or writing of non-encrypted data on the support medium.
For digital support mediums, such as CDs, CD ROMs, etc., each recording has associated therewith an introduction or header in the form of a volume descriptor which sets out basic information regarding the storage layout and points of access of digital information in the medium, the amount of data stored in the medium, the date of creation of the support medium etc. This information, which occupies only a small amount of memory, is nevertheless essential to the reading of the recording and, without this information the reader cannot access the recorded data.
By encrypting this information and storing the decryption key in an integrated circuit associated with the support medium, the present invention protects against unauthorised copying of the recording, since the reader will not be able to access the stored data without the decrypted elements of the volume descripter and since the key necessary to do this is held by the integrated circuit, which is of course resistant to copying. Even if the stored non-encrypted data is copied, the resulting copy will be unreadable since the volume descripter will only be present in an incomplete or entirely encrypted form. The decryption of the volume elements may be carried out inside the integrated circuit, such that the key is never made freely available.
Unlike the prior art technique used for protecting computer data, only the volume descripter or header data is encrypted/decrypted, avoiding the need to carry out cryptographic operations on the entire volume of stored data. As will be understood, this is particularly advantageous where the invention is to be applied to the field of audiovisual devices, where the processing and memory capacity of a reader may be relatively small.
In one embodiment, the integrated circuit is embedded in a smart card associated with the support medium, the smart card acting to decrypt the encrypted volume elements and to pass these to the reader so as to permit reading and/or writing of the recorded non-encrypted data.
In this context, a smart card provides a secure and durable means for stocking the key necessary for decryption of the volume descripter elements. Equally, the cost of production of such a card is relatively small in comparison with, for example, the price of the recording itself.
In this application the term  less than  less than smart card greater than  greater than  is used to mean any conventional chip-based card device possessing, for example, microprocessor or EEPROM memory for stocking the key. Also included in this term are PCMCIA cards and other portable chip carrying cards or devices having alternative physical forms, such as the key-shaped devices often used in TV decoder systems.
Whilst providing a particularly convenient way of housing the integrated circuit or  less than  less than chip greater than  greater than  used in the invention, a smart card is not the only solution available. For example, in one realisation, the key is stored in an integrated circuit embedded in the housing of the digital support medium.
Incorporation of a microprocessor within the housing of the support medium is a known technique and has been suggested, for example, in the case of DVHS cassettes where a set of metallic contacts may be provided on an exterior surface of the cassette housing, the contacts leading to an integrated circuit or chip in the interior of the housing. These contacts may be engaged by a corresponding set of contacts in the receptacle of the recorder to enable communication between the integrated circuit and the video recorder.
Such a solution avoids the need for the provision of a smart card or the like in conjunction with the recording and is thus inherently simpler from the point of view of the consumer. The need to include, for example, a smart card slot in the digital reader is also avoided, although the cost of production of the recording medium will of course increase to incorporate the introduction of an integrated circuit in the housing, as may the costs of the elements of the reader used to read the support
In one embodiment the key for encrypting and/or decrypting the volume descripter elements comprises a key diversified by a manufacturing constant representing a value associated with the identity of the support medium or the recorded data, for example a serial or batch number. In this way a simple encryption algorithm can be used, diversified by the manufacturing constant, to provide a  less than  less than unique greater than  greater than  key and a unique encrypted volume descripter. In fact, for most practical purposes, the same key may be generated for a given batch of recording supports or for one particular recorded performance.
In its simplest form the key algorithm used in this invention can be any one of a number of known symmetric algorithms, such as DES or RC2 etc. In such a case, the encryption/decryption keys can be thought of as identical. Other embodiments are possible, using public/private key pairs, for example.
In one realisation of the method of the invention, the volume elements are re-encrypted by the integrated circuit according to a new key generated and stored in the integrated circuit, the re-encrypted volume elements being thereafter recorded on the medium by the reader, replacing the previously encrypted values. In this way, the security of the system is increased and the identification of the integrated circuit with the recording in question assured.
The new key may be generated by the integrated circuit using a random or pseudo-random number generator, for example. Thus, even in the case of a batch of recordings initially encoded with the same key, the encrypted volume descripter will quickly mutate with each playing of the recording, such that no two recordings will open with the same key.
In one embodiment, the new key generated by the integrated circuit is diversified by a value associated with the identity of the reader, for example its serial number, read by the integrated circuit from the reader. This permits the recording only to be read by that particular reader.
In one embodiment, the value associated with the identity of the reader is stored in the support medium and compared by the integrated circuit with the value read directly from the reader on subsequent readings. In one realisation, the integrated circuit may simply reject the value read from the reader if this does not match that stored in the medium.
However, in an alternative realisation, the system may be programmed to allow an update of this value to allow, for example, for the possibility that the reader has been replaced or broken down. In such an embodiment, the integrated circuit compares the identity value read from the support medium with that read from the reader and, in the event of a mismatch or difference between the two, acts to decrypt the volume elements using the previous reader identity value from the recording medium and thereafter to re-encrypt the volume elements using the new reader identity value from the reader.
The new reader identity can either replace or be stored together with the previous reader identity. In the former case, in order to prevent an unlimited number of readers from accessing the disk, the integrated circuit can be programmed to carry out this operation only a predetermined number of times. In the latter case, the integrated circuit can be programmed to permit a predetermined number of authorised reader identities to be stored, so as to allow the recording to be played on a number of readers belonging to the user, for example. With a limited number of reader identities, the integrated circuit can safely permit an unlimited number of changes between the authorised readers.
The present invention has been described above largely in relation to the protection of pre-recorded recordings, such as pre-recorded CDs, CD ROMs etc. However, as will be appreciated, the same technique can be applied to blank recordable units and in one realisation the support medium is blank prior to its first insertion in the reader, the presence of the associated integrated circuit being necessary in order to decrypt the volume elements before the reader is allowed to write any data onto the blank medium.
Such blank units also possess a set of volume descripter elements, some or all of which can be encrypted as described above to ensure that the units can only be read/recorded on in the presence of the stored key and, if desired, in one or a selected number of readers. In this way, protection can be afforded against unauthorised copies of the ultimately recorded work that is stored in non-encrypted form on the recording medium.
Accordingly, whilst the term  less than  less than reader greater than  greater than  is used in the text to generally refer to devices capable of reading pre-recorded digital data, it is also to be understood to include devices capable of writing or recording digital data onto the support medium in those embodiments where recordal of such data is carried out.
In one embodiment the present invention extends to a method of restricting access to recorded digital data, in which the data is audio and/or visual data. However, as will be appreciated, the invention may equally be applied to the protection of computer processed data.
The present invention equally extends to a method of manufacturing a digital support medium and integrated circuit, for example as incorporated in a smart card, for use in the method of the present invention.