The problem of protecting creative works stored on data recording media, such as movies or other home entertainment video programs which are distributed to a large number of users, is very well known. Preventing copying works recorded in digital format is particularly challenging and troublesome because digitally recorded works can be easily copied with virtually no degradation in quality. Indeed when the first DVD systems were sold, the content providers were reluctant to make full use of the new technology for fear of easy, degradation-free copying. The problem is becoming more acute since the quality of optical media is improving from CIF (in conventional CD's with MPEG-1) to MPEG-2 MP@ML (in current DVD) to HDTV (in future optical memory devices). This problem will be even greater when re-writable DVD-RAM becomes available.
The DVD industry has proposed a minimal security system in which the creative work is encrypted and decryption keys are stored in a dedicated location on the disk. During reading, the keys are read and used to decrypt a data stream, but the decrypted stream is not made available to the user in its compressed format. The result is that the user cannot write a clear data stream into a writable disk unless the data stream is compressed again which reduces image quality. However, there are doubts about the efficiency of this approach. The main limitation is that this method does not provide any way of dynamically allocating rights to the creation, thereby making it impossible to have time-limited renting. Another drawback is that the success of this method depends on the secrecy of the DVD encryption which cannot be expected to be kept secret a very long time. Another limitation is that this method does not differentiate between the rights of disk owners.
In another approach, called the Divx™ system, the DVD player has full responsibility for managing the viewer's rights. The player calls a central Divx™ computer via a phone line to get new rights, or to report on the disk use. The encryption used is proprietary.
The main disadvantage of both of the above methods is that security can be breached once the encryption algorithm is known merely by reading the disk content.
Attempts have been made in the art to provide a more secure media recording disk. PCT patent application WO 97/415,62, published Nov. 6, 1997, the disclosure of which is incorporated herein by reference, describes a CD with a built-in chip. The CD has a layer for data storage in which is embedded a chip and CD coupling element for contact-free transmission of data between the chip and a data processing device. The CD coupling element may be a coil, dipole antenna, an electrostatic coupling surface or an optical coupling element. The chip can be a processor chip on which algorithms can be run or security structures can be realized in order to protect software or prevent access to data on the CD. In one example described in the WO 97/415,62 patent application, an inquiry can be made from the CD player via the CD coupling element to the chip regarding a password which is required to run a program or to retrieve privileged information. The inquiry can be concerned with a key or algorithm required to decode a program code.
Although the system of the WO 97/415,62 patent application contemplates protecting creative works stored on CD's by providing the chip embedded in the CD with security algorithms, no enabling description, however, is provided regarding the exact nature of how such security algorithms actually work. Moreover, the problem of security being breached by listening to the communication between the chip on the disk and the player is not addressed at all in the WO 97/415,62 patent application.
An earlier German patent document 4403206 describes a CD with an integrated smart chip on its outer surface. The chip contains encoding data for accessing data on the disk. Again the problem of security being breached by listening to the communication between disk and player is not addressed in this document.
Encryption technology is a well known method for restricting the ability to make illegal copies of software or programs stored on recording media and for securing authorization of use of software, such as from an authorized distributor. Two relevant examples of such implementation of encryption technology are U.S. Pat. No. 4,658,093 to Hellman and U.S. Pat. No. 5,416,840 to Cane et al., the disclosures of which are incorporated herein by reference.
Hellman describes a system for secure distribution of software between a base unit which uses the software and a remote authorization unit which authorizes use of the software in the base unit. Compressive, one-way cryptological functions, known as hash functions, are used to secure communication between the base unit and the remote authorization unit, the communication being non-real time by telephone line, mail or the like. The base unit communicates requests to the authorization unit. The authorization unit processes the request and generates a key which is recognized in the base unit, thereby allowing use of the software. Cane et al. also requires generating an authorization key in a remote authorization center. However, the use of non-real time communication with a remotely-located authorization center is not practical for the problem of securing use of home-distributed CD's used with CD players and for preventing any security breach between the CD and the CD player.
Thus, the encryption techniques of the prior art even when combined with using a chip on the disk, are not sufficient to solve the problem of security breaches by listening to the communication between disk and player.