Preventing unauthorized access to digital content is an important problem in numerous applications. The present invention broadly relates to and provides a solution to this problem. In some commercial applications, where the content includes, for example, valuable audio or video content, unauthorized access by those who obtain the content may tend to reduce the profit margin of the content provider(s), who typically provide the content, e.g. to various listener and/or viewers, for a fee. In particular, with the advent of high definition video, this problem is even more serious because the digital data is of sufficient resolution to be shown on a full size theater screen. This opens up a whole new area for content pirates to market their stolen property. While the description which follows may sometimes be described in the context of audio/video/data as an example of content to be provided, the invention is not so limited and may equally to any type of information or content data from any source, including without limitation audio and/or video data or other type of data or executables. If the unauthorized accesser is a content pirate, he or she may pose a serious threat to a content provider by inducing others to pirate the content as well. More particularly, the pirate may generally sell pirated access to the content at a lower cost than the legitimate content provider because the pirate obtains access to the content by using the legitimate provider's infrastructure and therefore does not have to invest resources to produce and disseminate the content. This becomes even a greater concern where the pirate may copy and mass produce a relatively inexpensive component which allows a large number of users to obtain access to the content without authorization by the legitimate content provider. As a result, content providers have resorted to increasingly expensive and complex schemes to prevent unauthorized access to their information and content, i.e. to prevent pirating.
The present application is directed to the same general technology as copending commonly assigned patent application Ser. No. 09/253,013, entitled “Information Access Control System and Method” naming Goldshlag et al. as inventors (the contents of which are incorporated by reference herein). The present application presents a more complete architecture and method for content distribution. The present invention, while employing many common encryption/decryption techniques with Ser. No. 09/252,013, provides a more comprehensive overall architecture and methodology for securely managing content from content authoring to ultimate display.
One plan for controlling access to content involves the use of an IRD (integrated receiver device) with smart cards as a security module. This plan was proposed by Fiat and Schamir in a paper titled “How To Prove Yourself: Practical Solutions To Identification And Signature Problems” The Weizmann Institute of Science, Rehovot Israel (1986), and involves the use a trusted center to encode a smart card with personal information and secret values relating to the access. The smart card proves its identify to a verifier (IRD) which in turn must have knowledge of the secret values used to place the information onto the smart card. While the Fiat-Schamir plan is designed to make it difficult to forge personal information of one card, it does not prevent mass distribution of the forged card when and if the pirate has broken the smart card secrets used to prove identity. Also see, U.S. Pat. No. 4,748,688 to Schamir.
Another approach is described in U.S. Pat. No. 5,481,609 to Cohen et al., which uses a smart card in a system for controlling access to broadcast transmissions. Cohen uses a verifier function in an IRD to authenticate the authenticity of a smart card, a secret-learning operation, and a blacklisting operation that prevents previously detected illegal cards from gaining access. However, as indicated by the presence of the blacklisting operation, the system proposed in Cohen et al. can talk to any smart card that is not on the blacklist, and is thus susceptible to a pirated card (or a plurality of pirated cards) that has not yet been blacklisted. Furthermore, the verification process proposed by Cohen et al. is triggered by the broadcast source. Thus, a pirate could simply remove the verification commands from the broadcast stream thereby circumventing the verification process altogether. Another practical problem resulting from use of the broadcast source to trigger the verification process is an architectural one whereby what should be a local level decision (when and whether to challenge a smart card) is turned into a system level decision. Finally, the verification process in Cohen et al. is not tied to the transaction between the smart card and the verifier. Thus, a pirate could use a legitimate card for access authentication, i.e., to authenticate its right to access the content of the broadcast, and then use a pirated card to avoid being billed for the access, i.e. to avoid recording that the access was actually made by the legitimate card holder. This type of pirating is referred to herein as an example of a type of attack known as a conduit attack.
Another security approach is described in U.S. Pat. No. 5,461,675 to Diehl et al., which proposes to relate data between successive data packets, thus detecting when a packet has been removed. Particularly, Diehl et al. propose to inform a legitimate smart card when it is being avoided. However, a pirated card could simply ignore such information and provide pirated access to the content.
In yet another approach, proposed in U.S. Pat. No. 5,778,068 to Johnson et al., a determination is made whether a processing device and a user device, which contains a storage device, are authorized to operate with each other. The Johnson et al. approach determines whether a user device, in this case, a device which generally corresponds to a set top box, is valid by authenticating the user device to a provider device, in this case, a device which generally corresponds to a backend module. However, this approach does not determine if the provider device is valid, i.e. if the provider device is authorized to operate with the user device or with a provider device. Accordingly, a pirate who successfully reverse engineers and modifies the provider device could overcome the security protocols in Johnson et al., and more importantly, could mass-produce the pirated provider device for distribution to and by users.
Another approach is proposed in U.S. Pat. No. 5,825,876 to Peterson, Jr. Peterson authorizes access through a smart card that delivers key content to a processor that allows a playback device to reproduce content from a recording medium. The system proposed by Peterson uses a public key held at an authorization center and a private key held by the card. However, there is no pairing operation between the card and the processor, and there is no shared secret key between the card and the processor. Therefore, if a pirate successfully broke the encryption mechanism he/she could mass-produce and widely distribute pirated cards, causing harm to the content provider.
Another approach is proposed in U.S. Pat. No. 5,448,045 to Clark, which uses a smart card to create a secure boot application on a computer by using the smart card to verify the executable files that the computer will run. The smart card and the computer share a secret that is installed by an administrator and the smart card and the computer executes an authentication operation. However, once an attacker figures out the code, the pirated smart card would be able to authenticate itself. Furthermore, since there is no notion of challenge to the card by the computer, the authentication is replayable. Therefore, a card that is no longer valid may continue to be used.
Finally, another approach proposed in U.S. Pat. No. 5,802,176 to Audebert, controls access to a particular function on a computer by using a renewable card. This is a transaction based system in which the card and the computer negotiate access and a key changes each time access occurs. However, this approach is limited to the particular function which is to be accessed on the computer, and is not useful for a system which deals with many different unpredictable functions/programs such in an information dissemination system, i.e. a system in which each different program (movie, song, article, executable, etc.) would be a different function.
What is needed is a system and method for protecting valuable content; a method and system which is robust, which may be tailored to the needs of a particular content provider, and which overcomes the above noted deficiencies.