CN1333975A - Copy protection by ticket encryption - Google Patents

Copy protection by ticket encryption Download PDF

Info

Publication number
CN1333975A
CN1333975A CN99801574A CN99801574A CN1333975A CN 1333975 A CN1333975 A CN 1333975A CN 99801574 A CN99801574 A CN 99801574A CN 99801574 A CN99801574 A CN 99801574A CN 1333975 A CN1333975 A CN 1333975A
Authority
CN
China
Prior art keywords
sign
key
receiver
watermark
copy
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN99801574A
Other languages
Chinese (zh)
Inventor
M·A·埃普斯坦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Koninklijke Philips NV
Original Assignee
Koninklijke Philips Electronics NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics NV filed Critical Koninklijke Philips Electronics NV
Publication of CN1333975A publication Critical patent/CN1333975A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00884Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a watermark, i.e. a barely perceptible transformation of the original data which can nevertheless be recognised by an algorithm
    • G11B20/00898Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a watermark, i.e. a barely perceptible transformation of the original data which can nevertheless be recognised by an algorithm based on a hash function
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/76Television signal recording
    • H04N5/91Television signal processing therefor
    • H04N5/913Television signal processing therefor for scrambling ; for copy protection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • G11B20/00217Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source
    • G11B20/00224Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is obtained from a remote server
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • G11B20/00485Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier
    • G11B20/00557Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein further management data is encrypted, e.g. sector headers, TOC or the lead-in or lead-out areas
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00731Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction
    • G11B20/00746Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number
    • G11B20/00753Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number wherein the usage restriction limits the number of copies that can be made, e.g. CGMS, SCMS, or CCI flags
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00731Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction
    • G11B20/00746Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number
    • G11B20/00811Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number wherein said number is encoded as a cryptographic token or ticket
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00884Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a watermark, i.e. a barely perceptible transformation of the original data which can nevertheless be recognised by an algorithm
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/76Television signal recording
    • H04N5/91Television signal processing therefor
    • H04N5/913Television signal processing therefor for scrambling ; for copy protection
    • H04N2005/91307Television signal processing therefor for scrambling ; for copy protection by adding a copy protection signal to the video signal
    • H04N2005/91328Television signal processing therefor for scrambling ; for copy protection by adding a copy protection signal to the video signal the copy protection signal being a copy management signal, e.g. a copy generation management signal [CGMS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/76Television signal recording
    • H04N5/91Television signal processing therefor
    • H04N5/913Television signal processing therefor for scrambling ; for copy protection
    • H04N2005/91307Television signal processing therefor for scrambling ; for copy protection by adding a copy protection signal to the video signal
    • H04N2005/91335Television signal processing therefor for scrambling ; for copy protection by adding a copy protection signal to the video signal the copy protection signal being a watermark

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Technology Law (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Editing Of Facsimile Originals (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)
  • Television Signal Processing For Recording (AREA)

Abstract

An encryption scheme is provided between a device that communicates material content and the intended receiver of this content. The encryption is applied to a ticket that conveys copy and display rights. To allow for the portability of devices, the encryption scheme in a preferred embodiment is dynamic. At any point in time, the channel between the providing device and the receiving device is configured for the exclusive use of these two devices; thereafter, the channel may be configured for the exclusive use of another set of devices. To prevent the use of non-conforming devices within the system, conforming devices contain verifiable certificates of authenticity, and channels are established when each device on the channel verifies the other device's authenticity.

Description

Copy Protection by ticket encryption
The present invention relates to field of entertainment systems, relate in particular to the Copy Protection of copyright material.
Duplicate that it is exactly recording materials that digital recording has unique characteristics and original paper have duplicate quality, therefore, seek a kind of effective copy protection schemes for protection digital record copyright material and seem particularly important.People such as Jean-Paul Linnartz<<Philips Electronics Response to Call for Proposals Issues bythe Data Hiding Subgroup Copy Protection Technical WorkingGroup in (1997.7), describe a kind of cost performance in detail than higher copy protection schemes----Linnartz scheme.The method that this scheme adopts is at the additional sign in the back of recording materials.Comprise " counter " that can verify in this sign, replay each time and write down after all can reduce automatically, and this " counter " is to be difficult to realize increasing with computer means.So-called be difficult to realize just being meant the time that will realize " counter increases " required cost and spend with computer means can obtainable interests compare so much time, it is too greatly too not conform to let it pass really that this time spends.Briefly, thereby the Linnartz scheme acts on a seed (number) with a hash function exactly produces a series of hashed value, if a hashed value so only given in advance just is difficult to conclude with computer means what the seed (number) of this hashed value is actually.
Shown in Figure 1 is exactly the block diagram illustrations that Linnartz is indicated scheme.Represent to use a cover of different input ports 101,102,111,112,122,132 or overlap playback equipment 110 and recording equipment 120 more with a plurality of playback equipments 110 and recording equipment 120 among the figure.A shielded material, for example a Digital video disc can be encrypted to " " promptly 101 states also can be encrypted to " once copy (copy-once) " i.e. 102 states not copy (copy-never).The watermark W that also comprises an insertion among the information C on the CD simultaneously, this watermark is the hashed value of physical markings P.Watermark in a piece of paper, watermark W is a code that is inserted in the recording materials, it does not influence the broadcast of material, but can't under the prerequisite that does not injure quality of materials watermark be removed from material yet.Physical markings P is a code that is inserted in the dish medium, and it can be read by disk player 110, and has the characteristic the same with watermark equally, can't under the prerequisite that does not injure quality of materials watermark be removed from material.The dish 101 of " not copy " state can comprise also can not comprise sign T, and the dish 102 of " once copy " state just must comprise a watermark W (this watermark is the result of physical markings P after hash function four secondary actions) and a sign T (this sign is the result of physical markings P behind the hash function direct action) who is inserted in wherein.
The agreement of reaching according to manufacturer, when the watermark W that comprises in and if only if the recording materials met one of following situation, attached player 110 could be play the recording materials that receive: inserting watermark W is the result of physical markings P behind the hash function direct action; Inserting watermark W is the result of sign T after hash function three secondary actions; Inserting watermark W is the result of sign T behind the hash function direct action.Any other insertion watermark W, the combination of sign T and physical markings P all is considered to be illegal, and player 110 will refuse this illegal recordings of broadcast.If it is legal that recording materials are considered to, so attached player 110 will as output port play material content C and be inserted in watermark W wherein and change after mark T ' (T ' be the result of T behind the hash function direct action).As mentioned above, because watermark this moment W is the result of physical markings P behind the hash function direct action, " copy " has not produced output 111 behind the attached player 110 of dish 101 information vias of state.And because watermark W this moment is the result of sign T after hash function three secondary actions, " once copy " produced output 112 behind the attached player of dish 102 information vias of state.
The insertion watermark W that comprises in the same agreement of reaching according to manufacturer, and if only if material be sign T after hash function two secondary actions as a result the time, supporting record equipment 120 just can duplicate comprising the recording materials that insert watermark W.The insertion watermark W that does not comprise in the output 111 of " not copy " is the result of sign T ' after hash function two secondary actions, so this output 111 can not duplicated by supporting record equipment 120." " the insertion watermark W that comprises in the output 112 of state material is the result of physical markings P after hash function four secondary actions to once copy, and the sign T ' after changing is the result of initial mark T behind the hash function direct action.Again because initial mark T is the result of physical markings P behind the hash function direct action, sign T ' after the transformation is the result of physical markings P after the hash function secondary action, equals to change the result of back sign T ' after hash function two secondary actions just so insert watermark W.Owing to insert watermark W and be the result after the effect of input transition mark T ' secondary hash, so supporting record equipment can duplicate the material 112 of " once copy " state, obtains copying 122.After copy was finished, recording equipment 120 was used the as a result T of input sign T ' behind the hash function direct action " the replacement original T ' append on the material.Because input sign T ' is the result of physical markings P after hash function two secondary actions, so newly indicate T " result that is exactly physical markings P after hash function effect three times.So just having formed watermark is sign result's behind the hash function direct action composite state, just front defined " no longer copy (copy-no-more) " state.
Attention allows the not restriction of carrying out of number of copy times to the dish 102 of " once copy " state in the Linnartz scheme.So the original paper of each " once copy " state dish 102 comprises the output that indicates T ' (T ' be the result of input sign T behind the hash function direct action) after having the material content C that inserts watermark W and transformation always can producing one after the replay.Again because initial mark T is the result of physical markings p behind the hash function direct action, indicate after the conversion that T ' is the result of physical markings P after hash function two secondary actions, so the watermark W in this output is the result of conversion back sign T ' after hash function two secondary actions all the time, that is to say that this output is always recordable.As long as use a series of parallel recording equipments 120, make each recording equipment all receive the output 112 of player 110, just can obtain the dish 102 of many " once copying " state.The recording equipment 120 of use and Linnaz scheme compatibility can carry out this type of massive duplication.
As discussed above like that, attached player 110 only just can be play recording materials during one of condition below satisfying inserting watermark W: insertion watermark W is the result of physical markings P behind the hash function direct action; Inserting watermark W is the result of input sign after hash function three secondary actions; Perhaps inserting watermark W is the result of input sign behind the hash function direct action.Because input sign T in the duplicate 122 of copy state no longer " be the result of physical markings P after hash function three secondary actions; inserting watermark W simultaneously is again the result of physical markings P after hash function four secondary actions; promptly inserting watermark W is input sign T " result behind the hash function direct action, so this duplicate is legal the broadcast.Attached player 110 pairs legal " no longer copies " is play and is produced one and comprises material content C by the duplicate 122 of state, inserts the output 132 of watermark W and transformation back sign T .Indicate that wherein T is former input sign T " result behind the hash function direct action, the just result of physical markings P after hash function four secondary actions.
Same according to top discussion, supporting record equipment 120 only insert watermark W be input sign T after hash function two secondary actions as a result the time just can copy the raw material that comprise watermark W and sign T.Watermark in the output 132 of " no longer copy " state is not to change the result of back sign T after hash function two secondary actions, so this output can not be by supporting record equipment 120 records.
Attention is in the Linnartz scheme, and the output of attached player is always displayable on display terminal, that is to say, on display terminal the material of being play is not added any restriction.See that again relation----watermark W and the sign T of watermark W and sign T equates in the output 132 of attached player 110.So, if want the mandate of playing material to be limited at display terminal based on watermark W and sign T, this restriction must be that the output that only allows watermark W and sign T to equate is shown in this terminal so.Therefore, no matter what the sign that originally provided in the duplicate is, limits as long as cover the broadcast that former sign just can untie based on the copyright material of Linnartz insertion watermark and trade mark scheme with the insertion watermark.
For the purpose of explaining integrality, Fig. 2 and Fig. 3 have described a kind of prior art sign processing scheme that broadcasting channel transmission program (for example pay-per view program that is provided by information desk) copy control is provided.What Fig. 2 described is the transmission of the broadcast message 201 of " not copy " state, and what Fig. 3 described is the transmission of the broadcast message 202 of " once copy " state.In this area generally speaking, broadcast message 201,202 is all encrypted.They are decrypted and produce one by conditional access decipher 210 and comprise material content C, insert the deciphering output 211,212 of watermark W and sign T.This conditional access decipher 210 for example is a cable box, it just is decrypted the broadcast message of input after material receive direction service provider has been paid certain expense, perhaps also may be after one " smart card " inserted cable box the input broadcast message to be decrypted.
As shown in Figure 2, if transmission is the broadcast message 201 of " not copy " state, material content C be will comprise in the deciphering output 211 so, watermark W (this watermark is that physical markings P is in the result after hash function two secondary actions) and sign T (this sign equally also is the result of physical markings P after hash function two secondary actions) inserted.In once broadcasting, physical markings P may be an arbitrary code in the broadcast message, also may be a signal relevant with the broadcast message attribute, for example, and a modulation signal in the broadcast message.In a word, except this mark should not be those public information that get, initial physical mark P had random, that is to say that this mark is difficult to be determined by the stranger.
Except top scheme, also can other method provide suitable value of statistical indicant.Can provide a sign by service provider, this sign is the result of physical markings P behind the hash function direct action, then conditional access decipher 210 is provided with, make it hash function is acted on input sign (once), just like in traditional attached player 110, do such.In addition, service provider can provide direct with the result of physical markings after hash function two secondary actions as the input sign, and conditional access decipher 210 just will import and indicate and directly send as new sign.As described above, supporting record equipment 120 only insert watermark W be input sign T after hash function two secondary actions as a result the time just the watermark material is duplicated.Under the situation of copy state material not, insert watermark W and input sign T equates, so supporting record equipment 120 can not duplicate the material 211 of copy state not.On the other hand, because the watermark W in the copy state material and sign T do not equate, so attached player 220 just can be play copied material 211 not.
As shown in Figure 3, if transmission is the broadcast message 202 of a copy state, material content C be will comprise in the deciphering output 212 so, watermark W (this watermark is that physical markings W is in the result after hash function four secondary actions) and sign T (this sign is the result of physical markings P after hash function two secondary actions) inserted.Because insert watermark W is the result of input sign T after hash function two secondary actions, so supporting record equipment 120 just can carry out authorized copy 222 to deciphering output 212, obtain a copy 222 that mandate is arranged, and 220 pairs of deciphering outputs 212 of attached display terminal show.Comprise material content C in the copy 222 that obtains by recording equipment 120, insert watermark W and conversion back sign T ' (this sign is the result of input sign T behind the hash function direct action).Because input sign T is the result of physical markings P after hash function two secondary actions, be the result of physical markings P after hash function three secondary actions so change back sign T '.
In the band marking panel scheme of noting being discussed, can make it 210 outputs of receiving and deciphering device in the above, obtain corresponding a plurality of copy 222 by a plurality of supporting record equipment 120 are set.Also must be noted that to obtain the copy of material 212 by unafilliated " blind copying " (blind copy), thereby just these copies can be offered the copy 222 that any supporting record equipment 120 obtains ten hundreds of materials then.So-called " blind copying " just is meant that bit-by-bit duplicates, and can not make information be subjected to any variation in this reproduction process.In the band marking panel scheme of mentioning in front, because physical markings P is present on the dish medium, can not transmit with copy information, and auxiliary device refusal is handled watermark at hash function once or the copy of the material that the result does not conform to after four secondary actions, so fundamentally got rid of the possibility of " blind copying ".And under the situation of broadcast transmitted,, be the part of broadcast transmitted information, so in the process of broadcast message being carried out " blind copying ", will finish duplicating simultaneously to physical markings if physical markings P also will be transmitted.
When copy 222 is sent into an attached player 110, player will will insert watermark W and indicate that the result of T ' behind the hash function direct action compares, and produce one and comprise material content C, insert watermark W and conversion back sign T " output 232 (wherein indicate T " be the result of input sign T ' behind the hash function direct action, the just result of physical markings P after hash function four secondary actions).
Supporting record equipment 120 can not duplicate exporting 232, is not input sign T because insert watermark W " result after hash function two secondary actions.And attached display terminal can show exporting 232, equals input sign T because insert watermark W ".As long as attention provides a sign T who equates with insertion watermark W ", any one unafilliated player can have the copy of authorizing or not having the material content C of mandate to show on an attached display terminal 220.
One object of the present invention is exactly to prevent from not have the demonstration of authoritative copy on attached display terminal, another object of the present invention is exactly the unauthorised copies that prevents material on supporting record equipment, another purpose of invention is exactly the unauthorised copies that prevents material on unafilliated recording equipment, or on attached display terminal and recording equipment these no authoritative copy is translated into invalid data.
These all purposes can realize by the encryption to transmission information between information output and the predetermined recipient.Encipherment scheme is acted on the mandate of sign with characterization information copy and broadcast.Because the mobility of playback equipment is dynamic so wish the way of realization of this encipherment scheme.At any time, the channel between information providing apparatus and the accepting device can be configured to only use for these two equipment, certainly after this uses, also can make it for another set of device-specific by setting.For no authorisation device in the anti-locking system has authorisation device all must comprise the voucher of a reliability demonstration to the use of this channel, have only after the equipment in the channel has passed through reliability demonstration each other, channel can be set up.
In conjunction with following respective drawings, the present invention is carried out further careful explanation now by concrete example.
Fig. 1 has described the prior art sign processing scheme block diagram that the copyright material in the physical medium is copied control.
Fig. 2 and Fig. 3 have described the prior art sign processing scheme block diagram that the copyright material of broadcast transmitted is copied control.
Fig. 4 has described the sign processing scheme block diagram that copyright material is shown control according to the present invention.
Fig. 5 has described according to the present invention the sign processing scheme block diagram of copyright material copy control.
Fig. 6 has described the flow chart that according to the present invention copyright material is copied or shows the sign processing scheme of control.
Fig. 4 has described according to the present invention the sign processing scheme block diagram of copyright material copy control.Shown in Fig. 4 a conditional access module 300 and a display device 400.Conditional access module 300 receives broadcast message 301, and this broadcast message may have been encrypted also and may do not encrypted, it may be protected by copyright may be not protected by copyright yet.Represent that with parantheses content wherein may occur also may not occurring in a specific broadcast message 301 among Fig. 4.Broadcast message decipher 350 is traditional deciphers, if broadcast message 301 has been encrypted, decipher 350 just is decrypted this broadcast message 301 so, otherwise, decipher 350 just with information without sending out with changing.Like this, the output 351 of broadcasting decipher has just comprised following components: material content C, inserts watermark W and correlating markings T.
If comprise sign in the broadcast message, landmark detector 340 will detect this sign T341 and separate from output information 351 so, afterwards produce an output (342 signals among the figure just) that comprises material content C and insert watermark W, will indicate that simultaneously 341 deliver to sign decipher 330.According to the present invention, sign decipher 330 usefulness key K 321 acts on sign T only can be by the encryption indicator Ek (T) 331 that is deciphered with the display terminal device 400 that this decipher immediately links to each other, the further in the following discussion refinement of its principle general to produce one.Material content C and insertion watermark W (signal 342) and encryption indicator Ek (T) 331 will be sent to display terminal 400 as transmission signals 401.
Comprise a landmark detector 440 in the display terminal 400, the transmission signals 401 that this detector receives processing produces an output that comprises material content C and insert watermark W, and signal 442 extracts sign 431 simultaneously.If as shown in Figure 4, conditional access module 300 is according to auxiliary device of the present invention, and the sign 431 that extracts gained so just equals encryption indicator Ek (T) 331.If transmission signals 401 is not from subsidiary conditions access module 300, the sign 431 that extracts gained so just is different from encryption indicator Ek (T) 331.Obtain after the encryption indicator, the sign 431 that sign decipher 430 just use key K ' 421 pair to extract gained is decrypted, and when and if only if decruption key K ' 421 was corresponding with encryption key K321, sign T441 ability that obtains and initial sign T431 were consistent.Any one key all with another key correspondence that can be decrypted to the information of this secret key encryption.In a symmetric key system, key K 321 and K ' the 421st equate, but in a unsymmetrical key system, it is right to form corresponding key by personal key and public keys two parts, and K321 belongs to personal key, and K ' 421 then belongs to public keys.
Display controller 460 inserts the demonstration that the relation between watermark W and the deciphering sign T441 is come control material content C and inserted watermark W and signal 442 by judging.According to the present invention, and if only if when meeting one of following several situations, and material content C just can show:
Do not insert watermark;
It is identical with deciphering sign T441 to insert watermark W; Perhaps
Inserting watermark W is the result of deciphering sign T441 after hash function two secondary actions.
First kind of condition is not subjected to any copy corresponding to material content C and shows the situation of protection, and second kind of condition corresponds respectively to the not copy state material 212 of prior art sign scheme and the situation of copy state material 232 no longer.The third condition is corresponding to the situation of a copy state material 222 of prior art sign scheme, as shown in Fig. 2 and Fig. 3.According to top discussion, if, insertion watermark W in the prior art sign scheme will equal at copy state material 212 not and the initial mark T341 in the copy state material 232 no longer, and will equal the result of initial mark T341 after hash function two secondary actions in copy state material 222.Since have only when have in the display terminal one with conditional access module 300 in key K 321 corresponding key K ' 421 time, deciphering sign T441 just equals initial mark T341, so had corresponding key K 321 and K ' in conditional access module 300 and display terminal 400 at 421 o'clock, copyright material content C just can obtain showing.Therefore, if transmission signals 401 has been carried out blind copying, this part duplicating material is only to obtain showing at the display terminal 400 that comprises with the corresponding decruption key K ' 421 of encryption key K321 so.
Shown in Figure 5 be one according to corresponding record equipment 500 of the present invention.Recording equipment 500 is quite similar with display terminal 400 in itself, different just replaced display controller 460 with a copy controller 560.And if only if when meeting one of following two kinds of situations, and copy controller 560 just allows material content C is carried out copy operation:
Do not insert watermark; Perhaps
Inserting watermark W is the result of deciphering sign T441 after hash function two secondary actions.
First kind of condition is not subjected to any copy or shows situation about protecting corresponding to material content C.Second kind of condition is corresponding to the situation of a copy state material 222 of prior art sign scheme, as shown in Figure 3.Since have only when have in the display terminal one with conditional access module 300 in key K 321 corresponding key K ' 421 time, deciphering sign T441 just equals initial mark T341, so only had corresponding key K 321 and K ' in conditional access module 300 and recording equipment 500 at 421 o'clock, a copied material content C (the watermark W that wherein comprises is the result of initial mark T341 after hash function two secondary actions) just can be replicated.Therefore, copy, then only can be duplicate on the recording equipment 500 of ' 421 in the key K that comprises counterpart keys K321 if carried out the blind of transmission signals 401.Thereby though can be on identical recording equipment 500 401 carry out blind copying and obtain a large amount of copies to diffusing information, but the use according to encryption indicator of the present invention makes the bootlegger can't carry out parallel copy simultaneously, has therefore reduced the profit of this once a formula copy right piracy greatly.
There is diversified technology can produce corresponding encryption key K321 and K ' 421 now.(for the purpose of convenient the explanation, we refer to display terminal 400 or recording equipment 500 with receiver 400 and 500).Under the simplest situation, each recipient 400,500 all comprises a personal key relevant with self identification symbol, and has a public keys corresponding with each identifier to tabulate in the conditional access module 300.Produce key K 321 by public keys, produce key K ' 421 by personal key.In this example, ticket encryption device 330 and sign decipher 430 are that asymmetric encryptor/decryptor is right.Can give a plurality of receivers 400 or 500 to composing with identical identifier and public/private; By giving each receiver 400,500 feasible original tax special-purpose public keys of when finding the situation of copyright violation, can cancelling to composing to it with a special public/private.
In addition, another kind of method shown in Figure 4 has clearly provided the process that key generator 320 and 420 generates key K 321 and K ' 421.In general, a typical cover key generator 320 and 420 adopts " Diffie-Hellman " Diffie-Hellman.In the Diffie-Hellman scheme, each key generator 320 and 420 is got a big integer x and a y at random respectively, and intercourses key parameter 325, comprises a big prime number n and the random integers remainder g to big prime number in this parameter.
Key generator 320 is delivered to key generator 420 with gx to the remainder X of n, and key generator 420 is delivered to key generator 320 with gy to the remainder Y of n simultaneously.
Then,
Key generator 320 calculates Y xTo the remainder K of n and
Key generator 420 calculates X yRemainder K ' to n.
Like this, K and K ' equal g XyRemainder to n.Because x and y are preserved by each receiver oneself, so be difficult to determine key K and K ' with computer means.In this example, ticket encryption device 330 and sign decipher 430 are encrypt/decrypt systems of symmetry, and the both uses identical key value (g just XyRemainder to n) sign T is carried out encryption and decryption.
Note, corresponding conditional access module 300, these two receivers 400 can not produce identical key value with 500, unless they have selected identical random number y.In preferred embodiment of the present invention, receiver 400 and 500 foundation must make the possibility of getting two same random numbers reach minimum.Like this, compare, in this system, just can allow many supporting record equipment 500 parallel receive transmission signals 401 and can not make wherein any recording equipment all have copy power a copy state material with prior art sign treatment system.Similarly, as above-mentioned, the supporting record equipment 500 that the blind generation of copying transmission signals 401 will only allow to have appropriate keys K ' produces the copy of a plurality of each portions.
Can also increase the fail safe of material by the safety approach that adds other.Give an example, key generator 320,420 can optionally use validator 310 and 410, as shown in Figure 4 and Figure 5.Validator 310 after receiving the trigger impulse 346 that landmark detector is sent, just carries out initialization to proof procedure to validator 410 application checkings 411.In this area in general, checking 411 is the digital certificate books that can verify, is provided by the manufacturer of receiver, in order to indicate a specific receiver.The digital label recognition technology that validator 310 usefulness are traditional is verified certificate, and checking result 311 is delivered to key generator 320.In such a way, when receiving each marking material 301, receiver 400 and 500 all can be verified again, thereby is prevented unauthorized receiver and be cancelled the reception of the special receiver of checking qualification to marking material.
Note, determine or the corresponding key K 321 in generation and key K ' 421 should be periodic, at any time or as mentioned above like that, be when receiving marking material 301 at every turn.In preferred embodiment, as long as key can be determined or produce to the channel between conditional access module 300 and the receiver 400,500 just in real time once establishment.In this manner, different receiver 400,500 can be reassigned or be restricted to conditional access module 300 on request.Comprise pair of secret keys maker 320 in the conditional access module 300 of attention in preferred embodiment, and to ticket encryption device 330 should be arranged, each is all relevant with channel.Give an example, when a display terminal 400 was sent in the output 401 of a channel, a recording equipment 500 just was sent in the output 401 of another channel, and like this, that can also authorize when copyright material is carried out authorized copy watches.In this example, the encryption indicator of the output 401 of every channel is different, and this is by two different receivers 400 that receive output 401 and 500 decisions.For the purpose of explaining integrality, Fig. 6 provides a kind of FB(flow block) according to subsidiary conditions access module 300 of the present invention and receiver 400,500.In 610 steps, conditional access module receives broadcast material.If comprise encrypted material 620 in the broadcast material, so just material is decrypted,, so just goes on foot with one and receiver 400 635 if also comprise sign 630 in the material in 625 steps, the corresponding key of key is decrypted sign in 500, concrete operations and discussed above just the same.In 640 steps, material and encryption indicator after the deciphering are delivered to receiver 400,500.One receives material, and receiver 400,500 just judges whether comprise sign in this material.If conclude and comprise sign in the material in 650 steps, so just the key of being correlated with and receiver 400,500 in 655 steps is decrypted work to sign.In 660 steps, if receiver 400,500th, recording equipment 500 is so just tested to determine whether material can be replicated material with 680 steps.If not comprising watermark in the material or inserting watermark is the result of deciphering sign after hash function two secondary actions, so just material content and insertion watermark W are duplicated in 685 steps, then hash function is acted on deciphering sign T (once), this step operation is consistent with prior art sign processing scheme.Otherwise the copy operation in 685 steps just can not be carried out.If judge that in 660 steps receiver 400,500 is display terminals 400, so just material is tested with 670 steps.Do not mate if do not comprise insertion watermark W in the material or insert watermark and decipher sign or decipher the result of sign after hash function three secondary actions, material content C just can go on foot 675 and obtain showing so.Otherwise the display operation in the 675th step just can not carry out.Finish copy, after demonstration or the do-nothing operation, system's operation does not stop, and in 690 steps, is in and waits for the next broadcast message materials behavior of reception, comes back to 610 steps of flow process.
The principle of this invention operation has just simply been introduced in the front.To those skilled in the art, under the prerequisite that does not break away from the scope of the invention and spirit, can also design varied front does not have clear and definite improvement project.Give an example, the used ticket encryption scheme of above-mentioned conditional access module also can be used on other device, such as can be used on the traditional player 110, or on non-conditional access module or be any one and can and mail to this material on the equipment of a receiver 400,500 from information source receiving belt marking material.In order to explain needs, preamble has described prior art sign processing scheme in detail.Can certainly use other ticket encryption scheme, the required change of just carrying out a distinctive mark test 675 and 685 for corresponding scheme.
Attention needs to have provided among the figure many specific action functions and structure in order to explain, this does not also mean that other scheme is infeasible, and many other alternative methods can also be arranged.For example, ticket encryption device 330 can be placed on the output of broadcast message 301, and like this, when receiving this information 301 at decipher 350 places, the sign in the information just can be received device 400,500 and correctly decipher.In this example, just require the device that conditional access module 300 has can provide the identification of receiver 400,500 to the broadcast message output.In similar mode, the parts of conditional access module shown in some or all 300 can be included in receiver 400,500 or other device.Certainly, according to the present invention, these all system configuration and prioritization scheme are conspicuous to those of ordinary skills, and are included within the appended claim scope.

Claims (19)

1. an equipment (300) comprising:
A landmark detector (340) indicates (341) and has the material content (342) of inserting watermark (W) in order to extract from information source,
A ticket encryption device (330), its key (321) based on the predetermined receiver that depends on material content (342) is encrypted sign (341), this encryption equipment provides a sign (331) through encrypting, it is sent to receiving equipment (400,500) with having the material content (342) of inserting watermark (W).
2. the equipment in the claim 1 (300) also comprises:
A broadcast message decipher (430) is decrypted in order to broadcast message is transmitted (301), thereby produces the information source that indicates (341) and have the content material (342) that inserts watermark.
3. the equipment in the claim 1 (300) also comprises:
A key generator (320), its generation depend on the key (321) of predetermined receiver.
4. the equipment in the claim 3 (300), wherein, key generator (320) comprises a Diffie-Hellman cipher key exchange system.
5. the equipment in the claim 1 (300) also comprises:
A validator (310) is in order to verify that receiving equipment (400,500) is as predetermined receiver.
6. a receiver (400,500) comprising:
A landmark detector (340), in order to from comprising encryption indicator (431) and have extraction encryption indicator (431) institute's transmission information that receives (401) of the material content (442) of inserting watermark (W),
A sign decipher (430), in order to encryption indicator (431) thus be decrypted produce a deciphering sign (441) and
A controller (460,560), it indicates (441) next definite at least one that authorize and copy mandate that show based on inserting watermark (W) and deciphering.
7. the receiver in the claim 6 (400,500) also comprises:
A key generator (420), in order to produce key (421), it is provided for sign decipher (430), and the sign decipher is finished encryption indicator (431) deciphering to form deciphering sign (441).
8. the receiver in the claim 7 (400,500), wherein, key generator (420) comprises a Diffie-Hellman cipher key exchange system.
9. the receiver in the claim 6 (400,500) also comprises:
A validator (410), in order to provide checking (411) to equipment (300), this checking provides the transmission information (401) that is received to simplify the generation of encryption indicator (431).
10. the receiver in the claim 6 (400,500), wherein, controller (460,560) is determined at least once demonstration mandate and copy mandate according to deciphering sign (441) result after at least one secondary action of hash function.
11. the receiver in the claim 6 (400,500) also comprises at least one of display terminal (400) and reproducer (500).
12. a method that is used to transmit copyright material comprises:
To a sign relevant (341) with copyright material encrypt (635) with produce a encryption indicator (331) based on predetermined receiver and
Encryption indicator (331) is transmitted (640) to receiving equipment (400,500) together with copyright material, thereby simplify based on differentiating whether receiver (400,500) is the copyright protection dynamics of predetermined receiver.
13. the method in the claim 12 also comprises:
Produce a key based on predetermined receiver (321), it encrypts (635) with the sign (341) of opposing.
14. the method for claim 13, wherein, the step that produces key (321) comprises: adopt the Diffie-Hellman cipher key change.
15. the method in the claim 12 also comprises: checking receiver (400,500) is as predetermined receiver.
16. the method that enhancing is protected copyright material comprises:
Encryption indicator (431) is decrypted (655) thus produce a deciphering sign (441),
Determine that according to the watermark of deciphering sign (441) and be inserted in the copyright material (670,680) show at least one that authorize and copy mandate.
17. the method in the claim 16 also comprises:
Produce a key (421), in order to encryption indicator (431) is decrypted.
18. the method in the claim 17, wherein, the step that produces key (421) comprises: adopt the Diffie-Hellman cipher key change.
19. the method in the claim 16, wherein, at least one shows that authorizing and copy the step of authorizing is according to deciphering sign (441) result after at least one secondary action of hash function to determine (670,680).
CN99801574A 1998-07-14 1999-07-07 Copy protection by ticket encryption Pending CN1333975A (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US9272798P 1998-07-14 1998-07-14
US60/092,727 1998-07-14
US33362899A 1999-06-15 1999-06-15
US09/333,628 1999-06-15

Publications (1)

Publication Number Publication Date
CN1333975A true CN1333975A (en) 2002-01-30

Family

ID=26785979

Family Applications (1)

Application Number Title Priority Date Filing Date
CN99801574A Pending CN1333975A (en) 1998-07-14 1999-07-07 Copy protection by ticket encryption

Country Status (5)

Country Link
EP (1) EP1145243A3 (en)
KR (1) KR20010023967A (en)
CN (1) CN1333975A (en)
TW (1) TW406249B (en)
WO (1) WO2000004549A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100593205C (en) * 2005-09-16 2010-03-03 索尼株式会社 Information processing device and method, information recording medium, manufacturing device, method and computer program of theinformation recording medium
CN101558645B (en) * 2006-12-11 2012-05-23 汤姆森特许公司 Text-based anti-piracy system and method for digital cinema

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8261315B2 (en) 2000-03-02 2012-09-04 Tivo Inc. Multicasting multimedia content distribution system
US8171520B2 (en) 2000-03-02 2012-05-01 Tivo Inc. Method of sharing personal media using a digital recorder
US8812850B2 (en) 2000-03-02 2014-08-19 Tivo Inc. Secure multimedia transfer system
US7908635B2 (en) 2000-03-02 2011-03-15 Tivo Inc. System and method for internet access to a personal television service
US20020166056A1 (en) * 2001-05-04 2002-11-07 Johnson William C. Hopscotch ticketing
CN100356789C (en) * 2004-09-01 2007-12-19 华为技术有限公司 Method and device for protecting broadband audio-video broadcasting content
CN100364332C (en) * 2004-09-01 2008-01-23 华为技术有限公司 Method for protecting broadband video-audio broadcasting content
US7934170B2 (en) 2004-11-19 2011-04-26 Tivo Inc. Method and apparatus for displaying branded video tags
CN101052068B (en) 2006-04-03 2011-04-06 华为技术有限公司 Device and method for providing wet current

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5574787A (en) * 1994-07-25 1996-11-12 Ryan; John O. Apparatus and method for comprehensive copy protection for video platforms and unprotected source material
KR0136458B1 (en) * 1994-12-08 1998-05-15 구자홍 Copy protection apparatus of digital magnetic recording and reproducing system
CA2179223C (en) * 1995-06-23 2009-01-06 Manfred Von Willich Method and apparatus for controlling the operation of a signal decoder in a broadcasting system
KR100254029B1 (en) * 1995-10-09 2000-04-15 모리시타 요이찌 Data transmission apparatus and data transmission method
AU3207697A (en) * 1996-05-15 1997-12-05 Macrovision Corporation Method and apparatus for copy protection of copyrighted material on various recording media
KR20000064791A (en) * 1997-01-27 2000-11-06 엠. 제이. 엠. 반 캄 Method and system for transmitting content information and additional information related thereto
KR100594954B1 (en) * 1997-08-26 2006-07-03 코닌클리케 필립스 일렉트로닉스 엔.브이. System for transferring content information and supplemental information relating thereto

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100593205C (en) * 2005-09-16 2010-03-03 索尼株式会社 Information processing device and method, information recording medium, manufacturing device, method and computer program of theinformation recording medium
CN101558645B (en) * 2006-12-11 2012-05-23 汤姆森特许公司 Text-based anti-piracy system and method for digital cinema

Also Published As

Publication number Publication date
WO2000004549A2 (en) 2000-01-27
WO2000004549A3 (en) 2001-06-07
EP1145243A2 (en) 2001-10-17
KR20010023967A (en) 2001-03-26
TW406249B (en) 2000-09-21
EP1145243A3 (en) 2004-11-03

Similar Documents

Publication Publication Date Title
US6978370B1 (en) Method and system for copy-prevention of digital copyright works
US7065216B1 (en) Methods and systems of protecting digital content
US7716487B2 (en) License-based cryptographic technique, particularly suited for use in a digital rights management system, for controlling access and use of bore resistant software objects in a client computer
CN101268652B (en) Renewable traitor tracing
US7080262B2 (en) Key compression
US7760904B2 (en) Proprietary watermark system for secure digital media and content distribution
US6801999B1 (en) Passive and active software objects containing bore resistant watermarking
US7549063B2 (en) Methods and systems of protecting digital content
CN102118655B (en) System and method for controlled copying and moving of contents
WO2006051043A1 (en) Method for securely binding content protection information to a content and method for verifying this binding
CN1981527A (en) Secure video system for display adaptor
CN1723501A (en) Public key media key block
KR20040053170A (en) Secure single drive copy method and apparatus
EP1502170A2 (en) Revocation of copyrighted content
CN1333975A (en) Copy protection by ticket encryption
EP1412943B1 (en) Apparatus and method for reproducing user data
DE10164134A1 (en) System for preparing and distributing copyright-protected electronic media in a receiver, involves encoding data for reproduction after applying cryptographic processes.
WO2005106870A1 (en) Access authorization across processing devices
US7603720B2 (en) Non-repudiation watermarking protection based on public and private keys
CA2493042A1 (en) Apparatus and system for data copy protection and method thereof
Craver et al. Lessons learned from SDMI
EP1191421A2 (en) Tamper resistant software protection method with renewable security mechanism
Goldschlag et al. Beyond Cryptographic Conditional Access.
US20070143216A1 (en) Data Signal with a Database and a Compressed Key
JP2002520682A (en) Copy protection with ticket encryption

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
PB01 Publication
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication