EP1472691A1 - System and method for the production and distribution of copy-protected and use-protected electronic audio and visual media and the data contents thereof - Google Patents

Abstract

The invention relates to a system and method for cost-efficiently producing and distributing copy-protected and use-protected electronic audio and visual media and the data contents thereof. The data contents of the electronic media are coded in such a way that said data contents cannot be played back or displayed without the recipient who is authorized to make restricted use thereof carrying out cryptographic processes and that said electronic media cannot be played back in full or at all without carrying out relevant cryptographic processes again when transmitted to third parties. The inventive solution consists of providing the recipient with a cryptographic module which decodes or deciphers, and subsequently transmits to a playback unit in a re-coded or re-ciphered manner, fully or partially coded or ciphered data contents of electronic audio and picture media or keys for decoding or deciphering said data contents in such a way that the audio and visual information can be played in the playback unit without the electronic data contents being available in an uncoded form on the transmission path, at the input our output of the cryptographic module, or at the input of the playback unit.

Description

 System and method for

Creation and distribution of copy- and usage-protected electronic audio and visual media and their data content

description

The invention relates to a system and method for the cost-effective creation and distribution of copy-protected and usage-protected electronic audio and video media and their data content, the data content of the electronic media being encrypted in such a way that its complete reproduction or display is not without the

Implementation of cryptographic processes in which authorized recipients with a certain scope of use can take place and that if the electronic media is passed on to third parties, the complete reproduction cannot be carried out or not without the corresponding cryptographic processes being carried out again.

It is known that digital electronic media can be secured by various methods in such a way that unauthorized use is made difficult or prevented. Such methods, which are discussed in detail below, serve to prevent misuse of the electronic media.

The most important example of misuse is by far the so-called "sound piracy". In particular, the advantage of digital sound carriers such as the compact disc or "MP3 files" is exploited to make identical and thus perfect copies of the original sound carriers by simple copying processes without the knowledge of the author or copyright holder and without Submission of license fees can be brought into circulation free of charge or with costs. The misleading industry loses considerable license income through this abuse.

The known methods are essentially:

1. the insertion of additional characteristic information such as "status bits",

2. encryption of electronic media,

3. the complete isolation of the area of playback and storage of digital media and

4. the attachment of electronic watermarks for identification e.g. the authorship.

Re 1 .: The (known) method of inserting additional characteristic information, such as

"Status bits" is used, for example, to enrich the sound, image and text information of electronic media with information that provides information about the authorship and authorizations for reproduction and copying.

An example of such a "copy protection" are individual bits or bytes at a defined position in the data stream of the digitally output music information (e.g. at

Compact Disc, MiniDisk or Digital Audio Tape), which can have different values depending on the permissions. Are the digital audio data provided with such additional information from a first

Transfer playback device digitally to a second device with the intention of making a copy, the second device recognizes from the value of the additional information whether a

Copy may or may not be made.

In the known method according to 1, however, there is the problem that such additional information can easily be changed in this way with improper intent unauthorized copies can be made despite copy protection. Early digital audio recording devices for the mass market (such as digital audio tape DAT recorders) soon had devices inside the device to bypass or bypass the copy protection by flipping switches or so-called "jumpers". Newer methods of reproducing digital Sound data, for example via a personal computer (PC), is able, given the knowledge of the additional information, to set it to any value during playback or during the copying process and to render this type of copy protection completely ineffective.

This type of protection can be compared to the marking of a document with the inscription "SECRET" to prevent it from being read by unauthorized persons. (In most cases unsuitable protection, since it only avoids malicious, but not malicious, access.)

Re 2: The method of encrypting electronic media designated with 2 serves to transmit electronic data, which for example contain audio information

Encrypt the use of cryptographic keys in such a way that playback can only take place after prior decryption. Have unauthorized third parties since you do not have the cryptographic key

Decryption, not the possibility of error-free playback.

Such encryption methods are common in digital electronic media, as well as in general digital data processing data, as a rule when exchanging data via insecure media or insecure data transmission paths (eg the public Internet). Symmetrical or asymmetrical processes or a combination of both (hybrid processes) are used. In the case of symmetrical methods, the transmitter and receiver must be used have the same secret key that is in the

Apron on another for security reasons

Transmission path must be exchanged. to

As an alternative, asymmetrical methods are used to avoid the exchange of the sensitive symmetric key, which usually The sender and receiver each have an asymmetric key pair consisting of a private and a public key. While the private key always remains with the owner, the public key can be freely distributed and exchanged.

The principle of asymmetric encryption is that data that is encrypted with a recipient's public key can only be decrypted with his private key. Without exchanging secrets, the

Encryption of digital data can be ensured.

In the known method according to 2

Problem that the digital data of the electronic

Medium, e.g. can be securely protected against unauthorized access as part of an encrypted data transmission. After decryption at

However, the data is again available to recipients unencrypted. Copies of any kind can then be made again. The effectiveness of encryption as copy protection is therefore limited to

Transfer and possibly also archiving of data and thus only to an insignificant part of the

Life cycle of digital data. Abuse opportunities still exist.

This type of protection can be compared to the encryption of a document which, as long as it is in the encrypted state, cannot be read by unauthorized persons (although it can be after decryption).

Regarding 3 .: The procedure designated as 3 for the complete isolation of the area of reproduction and Storage of digital media serves to make it difficult or impossible for the user who is abusive to access the digital data. The international "Secure Digital Music Initiative" (SDMI) is a pioneer and the most important advocate of this process worldwide. Information on this initiative, including the essential documentation "SDMI Portable Device Specification, Part 1, Version 1.0", is dated July 8, 1999 , is available as a PDF file free of charge on the Internet at http://www.sdmi.org

Since the delimitation of the present invention is of particular importance to this method, the method according to SDMI is dealt with in detail:

The specified specification "SDMI Portable Device Specification, Part 1, Version 1.0" contains functional ones

Requirements for portable players ("Portable

Devices ") and related applications (" Applications "), with which a protected environment (" protected environment ") for digital audio data is to be created. Manufacturers of both applications and

Playback devices can be yours after certification

Technologies acc. offer the SDMI requirements on the market, whereby technical compatibility is to be achieved.

In terms of content, SDMI is based on a three-stage reference model:

1. So-called "applications" include devices or software for various purposes, including for the "import" of unsecured and secured music data of various types, for the administration of pieces of music eg on the personal computer PC ("music library management"), for the control of the authorizations ("rights management") and also for the control of the playback (e.g. on the PC via a graphical user interface).

2. So-called "Licensed Compliant Modules (LCM)", ie a licensed module according to the specification, which as Interface or translation unit between one or more applications and the following portable playback devices PD ("Portable Devices") and portable media PM ("Portable Media") is used.

3. So-called portable playback devices PD ("Portable Devices") and portable media PM ("Portable Media") on which the audio information is stored in a particularly secure manner and played back (only for PDs).

Although the abstract representation in the documentation mentioned does not go into specific details, a typical application of SDMI could look as follows:

A music recipient runs music management and playback software on his PC. The purpose of this software is:

• Load music from the Internet, save it locally and play it back on the hard drive (in view of the current developments regarding "MP3" piracy, e.g. via the Internet exchange "Napster", very realistic).

• Load music from existing sound carriers (e.g. for audio CDs via the built-in CD-ROM drive of the PC), either play them directly, save them on the local hard drive or convert them to other audio formats.

• Generate (especially compress) other audio formats in such a way that they can be transferred to so-called portable playback devices. (Here, too, the model is a relatively compact MP3 data record, which the PC can temporarily load into the data memory of small playback devices.)

• All sound data that are available as data sets from the PC (eg from the local hard drive) can be managed and played back comfortably (eg in the form of a graphic "Disc jockey workplace", from which it is possible to switch and blind between the titles offered and where the sound quality can be manipulated).

The following processes are used with SDMI:

The so-called "screening" provides that the application, ie the software on the PC, carries out an incoming inspection.

The aim of this test is to differentiate between protected and unprotected content ("SDMI Protected Content" or "not SDMI Protected

Content ") and thus illegal copies. It is also the task of the application to evaluate and observe the" Usage Rules ", i.e. the supplied rights of use of the piece of music (e.g. how often the piece may be copied or reproduced).

If the authorization to play or copy this piece of music has been checked positively by the application, it is passed on to the LCM (2nd level of the above reference model). This transfer takes place in a strongly secured way, the so-called "Secure

Authenticated Channel SAC. Authentication of both parties (in this case, the application and the LCM) and any kind of protection of the content ("protection") are required for the SAG. Even if this is not explicitly mentioned, there are indications that it is in this protection around cryptographic

Encryption process could act (see section

5.2.4.1.2).

In the LCM, after ensuring again that the terms of use are not violated, a transfer to a portable player is usually initiated. Here, apparently in the interaction between LCM and application (also via the SAC?), Interesting application options such as "check-in" and "check-out" are provided. When the sound medium is passed on to the portable player, it is noted on the local copy of the sound medium on the PC that a copy (e.g. of three allowed) was spent or better borrowed (check-out). Only after the “return” of the copy that is no longer required on the portable player (check-in) are the copy authorizations fully restored on the PC. On the one hand, this should allow a few private copies for temporary use, commercial pirated copies on a larger scale however be prevented.

The sound information is then passed on to the portable player via an SAC. Authentication between the playback device and the LCM and protection of the data content should also take place here.

The same also applies if so-called portable media PM are used between the LCM and the portable playback device. These media, which may be memory modules or floppy disks that can be exchanged on the portable player to expand the playable repertoire, are also protected by the SAC.

How such an authentication between an LCM and a portable medium PM is to take place if this medium is a conventional data storage medium such as a floppy disk, a mini disc or a memory chip is not explained. After all, authentication between a passive element such as a storage medium and an active element such as the LCM is in principle difficult.

The SDMI method reveals to a person skilled in the art at this point at the latest a security gap which cannot be bridged by conventional means. Because a passive

Data storage medium like a floppy disk, which can also be read outside the sphere of influence of SDMI, not against the creation of perfect ones

Duplicates can be protected at this point, despite the security measures previously taken

Pirated copies of the door and gate open. Because a perfect one The PM duplicate contains bit by bit and byte by byte exactly the same digital information as the original and is therefore indistinguishable from the original for downstream portable playback devices PD; not from thousands of players PDs to which thousands of duplicates are distributed. This security gap could be closed in the specification by the fact that direct contact between LCM and PD would also be required regularly when using portable media PM in order to query whether portable media originating from other LCMs were played. At the same time, however, the absolutely sensible possibility would have to be taken that playback devices PD receive their portable media PM from various LCM as a source.

Another alternative to eliminating the security vulnerability of the portable medium PM would be to provide it with an active component (eg a microcontroller) that actively monitors the medium and all attempts to copy it (this could be unacceptable for cost reasons, since the portable medium is almost unavailable) as complex as your own player would). It would also be one

Equality of the portable medium with (e.g. via the

Internet) transferable data records are not given, since transferred data records cannot have active components.

Another alternative would be the portable

To design the medium so that it is only (!) Through

SDMI devices can be used. In practice, this meant that a medium deviating from the market standard with a special design, special contacting and special

Formatting would have to be created, the content of which could not be learned even by a specialist. This would be a costly proprietary protection consisting only of obfuscation. Such protection through obfuscation

(Keyword "Security by Obscurity") is used by the experts at

IT security is no longer up to date these days perceived, since there are now safe public procedures with which the highest level of security can be guaranteed without disguising how it works. Apart from this, a very meaningful equalization of portable medium and data transmission, for example via the Internet, would not exist with this alternative.

At this point, the overall important question that cannot be answered on the basis of the documentation arises, how, according to SDMI, the electronic transmission of already saved data should take place at all.

In SDMI, you go in the same direction at another point. In the first

Supplementary document "Amendment 1 to SDMI Portable Device Specification, Part 1, Version 1.0" (also available at http://www.sdmi.org) is, for example, on page

2 below required additional information in the form of

Status bits (so-called "copy control" or "no more copy" status)

NOT mentioned in technical specifications and may not be made directly or indirectly accessible to the public. This is also an out of date approach of "Security by Obscurity"

(Security through obfuscation "), which can not bring the desired success, especially with widely distributed sound carrier data, since such information is ambitious

Experts even legalized in empirical measurements

Experience can be brought and published.

In conclusion, with regard to the security of the

Overall system to mention that all components of the SDMI system also the "Robustness

Requirements "must meet the requirements for the robustness of the components. The specialist in the cryptographic area will read these

Requirements quite reminiscent of so-called "cryptographic modules", such as in the US NIST standard

FIPS 140 are defined. The use of such modules would also explain how the individual components such as application, LCM and at least playback device PD could succeed in enabling the authentication required by SAC and also encryption in a tamper-proof manner. With the portable medium PM at the latest, however, the comparison with FIPS 140 fails for the reasons already mentioned above.

In summary, despite the low level of detail in the documentation, it can be stated that the SDMI process consists of at least three interacting components (applications, LCM and playback device, the portable medium is not considered due to the possible security gaps), which authenticated and through the SAC exchange secured information. According to the classic understanding, each of these components could consist of a cryptographic module. The task of the first module (application) would be to check the data input. The task of the second module (LCM) would be to pass on the data and, if necessary, to translate it, and the task of the third module (playback device) would be to have the data stored ready for playback.

In conclusion, it should be emphasized that with SDMI the actual task of providing secure sound carriers or audio data records, at least with the present one

Status of the document has not yet been achieved. After all, the actual problem to be solved was the

Exchange of audio data both via portable

Ensure media PM as well as data transmission in such a way that no pirated copies can be generated. Despite the excessive security elsewhere

(Use of three cryptographic modules) succeeds

However, SDMI does not guarantee the security of portable media without having to resort to outdated and unsuitable means of protection (status bit). The in

Future extremely important exchange SDMI-secured Audio data via data transmission (i.e. without a portable medium PM) is even completely unregulated!

This type of protection can be compared to a multi-security vault, into which a document must be brought before it can be saved or viewed. If the document is to be read in a place other than the vault, it must be transferred to another portable, closed vault in the vault, which contains a device that reads the wording of the document in an understandable manner to the outside (sometimes excessive, unwieldy protection, sometimes lack of protection: electronic forwarding, e.g. by fax, would be unregulated).

Regarding 4 .: The method of attaching electronic watermarks for identification e.g. the

From a technical point of view, authorship is actually only indirectly a suitable method for preventing the creation of unauthorized copies e.g. of sound and image media. For completeness, however, it will be listed there

Use for two reasons a deterrent when creating unauthorized pirated copies of sound and

Image media can have: on the one hand through the undiscovered

Presence of the author's watermark, on the other hand through the unnoticed attachment of individual

Watermark by the pirate itself.

The principle of the electronic watermark consists of the user data area of electronic sound or

To change image data in such a way that additional information is brought in that is not noticed during normal use, so to speak in the audio or visual material

Are "hidden", but can be read out again by the manufacturer of the watermark. The quality of such electronic watermarks is characterized either by the fact that they are "robust" and by copying processes and possibly also by slight data manipulation (Filtering or sound processing) are preserved and can be recognized, or - on the contrary - are "fragile" and are destroyed with every manipulation.

In practice, e.g. Often, electronic images are watermarked by the author so that copies of these images can later be identified or individual characteristics can be checked. The manufacturers of the copies usually know not that they copied a watermark or destroyed it.

In the known method according to 4

Problem that the digital data of the electronic

Medium can be identified by the watermark, but the manufacture is unauthorized

Copies cannot be prevented by this measure!

Especially in the case of media distributed in large quantities in an identical form (i.e. also with an identical watermark), e.g. This type of identification by the author would not even be a deterrent to sound carriers, since the watermark could even fake the authenticity and thus the quality of the actual pirated copy. Only with mass copies of media, the individual

Containing information of the unauthorized copier would be in cooperation with the correspondingly equipped, non-manipulable processing and editing

Playback devices have a protective function with high

Effort to achieve.

This type of protection can be compared to a text document that contains a hidden message. (e.g. the combined initial letters of all words make their own sense). Copies of this document can still be made with or without knowledge of the watermark. In all known methods there is equally the problem that it is not possible to generate, distribute and store electronic audio and video media in such a way that the creation or reproduction of illegitimate copies, ie so-called “pirated copies”, is reliably prevented Either the security measures can be easily bridged (as in the case of status bits) or the security measures only work temporarily (as in the case of encryption) or the security measures provide extensive protection, but this is precisely at the most sensitive point, namely the electronic one Disclosure of protected data via an unprotected path (e.g. Internet), failure (as in the case of the SDMI) or the security measures may have a deterrent effect due to the possible provability of the authorship (electronic watermark).

The invention has for its object to further develop existing systems and methods for copy protection of electronic audio and video media and their data content to improve cost efficiency so that their complete reproduction or display does not take place without the implementation of cryptographic processes with the recipient authorized to a certain extent of use can and that if the electronic media is passed on to third parties, the complete reproduction cannot take place or not without the corresponding cryptographic processes being carried out again, so that pirated copies can be reliably prevented.

According to the invention, the object is achieved in that a cryptographic module is used for the recipient, the fully or partially encrypted or encrypted data content of electronic audio and video media or keys for decryption or decryption this data content is decrypted or decrypted and then, in turn, encrypted or encrypted and passed on to a playback unit in such a way that the sound and image information can be played in the playback unit without the electronic data content being transmitted, at the entrance or exit of the cryptographic module or on Input of the playback unit in unencrypted form.

The system is expediently designed and the method is carried out in such a way that the cryptographic module can distinguish between different types of encryption, the distinction permitting conclusions to be drawn about authorship, possession and usage rights, for example for reproduction or for making copies.

An advantageous embodiment of the method and a preferred embodiment of the system are characterized in that the author, creator, processor or

Distributors of the electronic audio and video media encrypted or encrypted the unencrypted output data in whole or in part in such a way that the electronic audio and video media or the keys for decryption or

Decryption of the electronic sound and image media in the cryptographic module of the recipient can be deciphered or decrypted again.

It is expedient that the encryption or encryption of all or part of the electronic

Sound and image media or the "melody" key

Decryption or decryption of this media with the author, creator, processor or distributor with one

"Media" key takes place, which in turn is encrypted or encrypted form the electronic sound and

Image media is attached, with encryption or

Encryption of the "media" key with a "master" key is done so that it is in the cryptographic module can be reversed at the recipient by decryption or decryption.

It is advantageous that all encryption or ciphering by the author, creator, processor or distributor that can be undone in the cryptographic module by the recipient by decryption or decryption is carried out in an emergency with two or more alternative encryption or encryption methods or keys for this can.

The "media" key for partial or complete encryption or encryption of the electronic sound and image media or the "melody" key for decrypting or decrypting these media, which is added to the electronic sound and image media, can expediently be provided with a digital signature that can be verified in the cryptographic module at the recipient.

An advantageous embodiment of the method and a preferred embodiment of the system are further characterized in that the cryptographic module is used for

Recipients after decryption or decryption of the electronic sound and image information or "melody" key from the author, creator, processor or distributor for decryption or

Decryption of this information is encrypted or encrypted again so that only a playback unit can decrypt or decrypt it.

It is advantageous that the "media" key that is used in the cryptographic module for encryption or

Encryption of the electronic sound and image information or the "melody" key for decryption or

Decrypt this information for disclosure to the

Playback unit is used, is securely and authentically exchanged between the cryptographic module and the playback unit. It is also advantageous that the "playback" key used in the cryptographic module for encryption or encryption of the electronic sound and image information or the "melody" key for decrypting or decrypting this information for transmission to the playback unit at random or according to algorithms, that make predictability difficult.

Furthermore, it is expedient that the "reproduction" - keys that are used in the cryptographic module for the encryption or encryption of the electronic sound and image information - or the "melody" keys for the decryption or decryption of this information - are used for forwarding to the reproduction unit , differentiate between different playback units.

An advantageous embodiment of the method and a preferred embodiment of the system are further characterized in that the cryptographic module at the recipient after decoding or decoding the sound and image information or the “melody” originating from the author, creator, processor or distributor.

Key to decrypt or decrypt this

Information is encrypted or encrypted again in such a way that the cryptographic module is able to transmit this audio and video information or the "melody".

Key to decrypt or decrypt this

Decrypt or decrypt information again.

It is expedient that the “card” keys that are used in the cryptographic module when the cryptographic module itself is to perform the subsequent decryption or decryption differ in the case of different cryptographic modules.

A further advantageous embodiment of the method and a preferred embodiment of the system are characterized in that the cryptographic module is used for Recipients after decrypting or decrypting the sound and image information previously encrypted even with the "card" key or the "melody" key for decrypting or decrypting this information, encrypted or encrypted this or the corresponding "melody" key again in such a way that only a playback unit can decrypt or decrypt it.

Further advantages, special features and useful features of the invention result from the subclaims and the following description of preferred exemplary embodiments.

The present process and system is to be introduced by several companies in the media industry under the project name "m.sec". Special features of m.sec are described below.

With the advent of methods and systems for digital sound and image storage, a new quality of sound piracy arose: Through the so-called "sampling", the previously only analogue sound and image signals were clearly quantified in the course of digitization. With this clear quantification, e.g. In the form of bits and bytes with unique values, perfect copies could be created for the first time, which could no longer be distinguished from the original and therefore showed no qualitative degradations.

After the piracy of recordings had already taken on a considerable volume in the form of illegally created CD copies with the spread of the compact disc, it intensified again with the advent of the Internet. Due to the large volume of data, these were less CD copies or audio files in CD format. Rather, the piracy of recordings was replaced by a new one Data format promoted with which, due to strong data compression, small, easily interchangeable files could be generated: the so-called "MP3" format.

MP3 received special support from the "Napster" internet exchange, which, partly on the verge of legality and partly outside of legality, apparently offered private exchange campaigns between Internet users in general in a public setting and thus encouraged the illegal transfer of music tracks to third parties.

After MP3 and Napster at the latest, the media industry has an increased need for a new data format for sound and image data. M.sec meets this need by offering the following advantages:

• Digital sound and image data are no longer published unencrypted, so that perfect pirated copies of this original data cannot be created.

• The decoding of the sound and image data at the recipient only takes place against payment of a usage fee.

• It is possible to levy variable user fees.

• It is possible to reproduce parts of the sound and image data (e.g. the first few seconds of a piece of music or the opening title of a film) without paying a usage fee.

• It is possible to reproduce any part of the sound and image data without paying a usage fee with reduced quality.

The encrypted audio and video data can be used with certain usage rights (e.g. number of and copying processes) and other additional information.

• When the sound and image data are played back, the data are also not transmitted unencrypted. Decryption takes place only with the so-called digital-to-analog conversion (D / A conversion).

• With appropriate usage rights, it is possible for the recipient to make copies of the sound and image data after paying a usage fee.

• These personal copies of the sound and image data are "activated" and can be reproduced without further payment of license fees.

• Such copies of the sound and image data that the recipient has created after payment of a usage fee cannot easily be used by other recipients.

To meet these requirements, m.sec provides the following architecture:

► The so-called "publisher" distributes electronic sound and image data that is fully or partially encrypted.

(see "publisher" in Fig. 1)

► The recipient has an individual, personalized chip card (the so-called "m.card"), which as a cryptographic module provides functionalities that cannot be manipulated by him (see "cryptographic module at

Recipients, m.card "in Fig. 1)

► Corresponding playback and display devices (e.g. personal computers, CD players, Walkman, TV etc.), in combination with the plug-in chip card (m.card), offer the option of correctly reproducing encrypted sound and image data. The three possible transmission paths, identified as A, B and C, are shown in FIG. 1:

► With transmission path A (e.g. television, TV) there is a continuous, direct reception of sound and image data, in extreme cases in an uninterrupted data stream with no beginning and end. (so-called "streaming")

► With transmission path B, there is usually a remote transmission of sound and image media (e.g. as an Internet download). as dedicated, closed files.

► With transmission path C, the image and sound information is available to the recipient on physically provided sound and image media (e.g. CDs or DVDs).

The following application scenarios are provided:

1. Playback of transmitted audio and video media (e.g. broadcast TV program)

Should all or part of encrypted content from

Sound and image media received and played back immediately, the m.card serves as

Conversion tool between the publisher's encryption and the playback unit.

Here, the encryption by the publisher is reversed within the m.card by decryption, the right to reproduction is checked and the

Playback initiated. This conversion is usually associated with costs, e.g. in cryptographic

Module can be followed up. In FIG. 1, this corresponds to the transmission path A in connection with the measure for the recipient, identified by the number 1), namely immediate playback.

2. Download and personal activation of sound and image data for subsequent playback. If fully or partially encrypted content is to be downloaded from the Internet, for example by download, and activated for later personal use, see above The m.card serves as a conversion tool between the encryption of the publisher and the personal encryption of the m.card. This conversion is usually associated with costs that can be tracked, for example, in the cryptographic module. In FIG. 1, this corresponds to the transmission path B in connection with the measure for the recipient, identified by the number 2), namely the local storage of the information. The encryption is canceled by the publisher within the m.card by decryption, the right to create a local copy is checked, the encryption is carried out with the m.card's own key and the creation of a copy is initiated.

Reproduction of sound and image data provided by the author on physical media

Should all or part of encrypted content from

If audio and video media are reproduced, which are provided on physical media, the m.card serves as an instrument for the conversion between the

Encryption of the publisher and the playback unit.

Here, the encryption by the publisher is reversed within the m.card by decryption, the right to reproduction is checked and the

Playback initiated. This conversion is usually associated with costs, e.g. in cryptographic

Module can be followed up. In FIG. 1, this corresponds to the transmission path C in connection with the measure for the recipient, identified by the number 1), namely immediate playback.

If the audio and video information is not in the decrypted state according to Number 2 in FIG. 1 is buffered, so that the information about the first-time decryption of precisely defined sound and image data can be stored either in the cryptographic module itself for the repeated reproduction of the unencrypted data or outside the cryptographic module with a digital signature of the cryptographic module.

First and repeated playback of personally activated sound and image data

Should the content of audio and video be unlocked and encrypted again with the m.card's own key

Image media are played back, so the m.card serves as a conversion tool. This conversion is usually free of charge, since the original

Storage one-time costs for the activation were raised. In Figure 1, this corresponds to that with the

Number 3) marked measure at the recipient, namely the later reproduction. Here, the m.card's own encryption within the m.card is undone by decryption and playback is initiated.

Disclosure of personally activated sound and image data to (unauthorized) third parties. Activated and encrypted with the own key of the m.card again contents of sound and

Played image media to third parties, they are not able to decrypt them, so that pirated copies cannot be successful. In Figure 1, this corresponds to that with the number

4) marked measure at the recipient, namely the transfer to third parties.

Passing on sound and image data released as re-releasable to third parties (optional) If the contents of sound and image media (eg for a separate fee) are released as "re-releasable" and encrypted again with the m.card's own key, they are passed on to third parties However, for third parties there is the possibility of decryption (for a fee, for example), as well this is possible with sound and image data that come directly from publishers.

Use of bowls in the overall system

Figure 2 illustrates the use of keys in the overall system. In addition to the parties or system components already mentioned (publisher, transmission path / medium, cryptographic module m.card, storage and playback unit), the certification authority ("Certification Authority", CA) is now added as a new party, acting as a neutral, trustworthy entity or "Trust Center" guarantees the issuance of keys.

The parties use the following keys:

The certification body has a so-called first “main key maini. Encryption with this first "master key" can be decrypted with the counterpart to this "master key, which is in every m.card. The "master key" is, for example, a symmetrical key according to TDES with at least 168 bit key length. Alternatively, keys according to other encryption methods and with other key lengths, for example asymmetrical keys with a length of 1024 bits, can be used, with asymmetrical methods for example keeping the private key in the certification authority and the public key in the cryptographic modules m.cards. To increase security, the "public" key component in the cryptographic module m.card would not really be published when using asymmetric keys, but would also be introduced into the cryptographic module in a secure manner and would not be known to the recipient. For security reasons, the "main key is at least duplicated, so that in an emergency there is the possibility, both in the certification body and in the m.cards, to switch to a second or even further" main key n main ₂ , main _n . To simplify the following illustration, the symmetrical variant is shown and explained regardless of whether symmetrical or asymmetrical keys are used as the main key. In the asymmetrical variant, the maini key in the certification body corresponds to the private key and the maini key in the cryptographic module to the corresponding public key.

The individual publishers receive from the certification body e.g. to encrypt their audio and video media. annually a new "media" key me & r (cf. step 1 in Fig. 2). With this key, which is generally symmetrical, indirect, namely via changing "melody" -

Keys ", which are referred to in their sequence as" key melody ", which encrypts the data content

(See explanation below). Other encryption methods (e.g. asymmetrical or elliptical)

Curves) are possible. Since the key to medi

Decryption in the m.card is not available, it is together with the data content of the sound and

Image media supplied in encrypted form again.

The publisher "media" key is encrypted at the certification body using the "main key ini". The publisher "media" key encrypted with the "main key" (med ^ m is also digitally signed by the certification body sigc _A med _ϊ J _ma i _n }. The certification body creates one from the encrypted publisher "media" key So-called digital fingerprint, which is then encrypted with the private signature key of the certification authority priv _CA (see steps 2 and 3 in Fig. 2).

To the publisher by the existence of the pairing of "media" key and the one with the top secret "Mainf key encrypted" media "key not the possibility to calculate the" main key by cryptanalysis or by trying out all possible key combinations, the publisher of the "media" key is only available in such a cryptographic module Available that this the

Do not read the "media" key, but only according to it

Can use purpose.

This signature of the certification body is checked later in the cryptographic module m.card by the self-certificate of the certification body stored there, which is the public counterpart pub _{CA of} the signing key of the

Certification body and in turn its signature with the signing key. Alternatively, especially if there is insufficient storage space in the cryptographic module, only the public key of the certification body can be stored there. If there is not enough space, a summary of the two is also in the

Certification body and key components maini and pub _CA / priv _CA available in the cryptographic module are possible while reducing the security level.

The publisher is now including data content in chronological order

Sequence (e.g. every minute or every second) of changing so-called

"Melody" keys, which in their sequence form the so-called "key melody", are encrypted. It makes sense that the changing "melody" keys are

Random keys after any, e.g. symmetrical

Procedure like TDES with 128 bit. Alternatively, other keys can also be used as random keys (cf. step 4 in FIG. 2).

In order to enable later decoding of the data content encrypted with the key melody, the key melody is encrypted with the "media" key from the publisher medi and transmitted to the recipient along with the encrypted audio and video information via the transmission path or medium (see step 5 in Fig. 2). The key melody encrypted with the "media" key is referred to as "crypto melody".

Also transmitted to the recipient are the encrypted "media" key (medι) _main (see step 6 in FIG. 2) that was originally provided to the publisher by the certification body, as well as the certificate or digital signature of the encrypted " Media "key sigc _A ftmed nain} (see step 7 in Fig. 2).

In summary, at least the following four are

Information on the transmission path or on the

Medium along with the actual sound and

Pass image information on to the recipient (further

Information may include permissions and usage information such as prices):

► Media data encrypted with the key melody: (media data) shooting sequence

► The key melody encrypted with the "media" key: (key melody) ^^

► The "media" key encrypted with the "main key":

► The certificate of the "media" key or the digital signature of the "media" key created by the certification body: sig ^ -ried. _! ) -, ^}

The m.card now decrypts the

Data content of the "media" key med _! Was discovered. Since this is still encrypted and signed

Form is enclosed with the audio and visual media, the certificate or signature of the certification body is first checked with the public key of the certification body pb _CA in the m.card (cf. step 8 in FIG. 2).

The “media” key is then decrypted with the “main key maini” present in the m.card and used for decryption (cf. step 9 in FIG. 2). Regardless of whether the sound and image media should be played back immediately or temporarily stored, the crypto melody is now decrypted

Key melody using the previously decrypted "media" key (see step 10 in Fig. 2).

At this point, the advantage of changing is revealed

Melody key, from which the key melody is composed. In the course of processing the data stream of sound and image data, taking into account the computing capacity of the cryptographic module, only one media key must be processed in this module, which is valid for a certain time. Even if a single melody key e.g. would be made public through cryptanalysis or trial and error, this would only have an impact on a short one

Sequence of sound and then no longer protected

Image data.

Just like the "media" key, the key melody must not be read out. This is guaranteed by using the cryptographic module.

If the audio and visual media are to be reproduced immediately, the certificate sig _CA {pub _re } created by the certification body for the playback unit (or the design of the playback unit) is first transferred from the playback unit to the cryptographic module and there using the deposited public key of the certification body pub _CA checked (see step 11 in Fig. 2). For practical reasons, the asymmetrical keys of the pub _re and priv _re playback unit are usually not individually different key pairs, but keys that are changed with each new construction of the playback unit and are identical within one construction type.

After successful verification, a random or unpredictable temporary "play" key rdm in generated cryptographic module, encrypted with the public key taken from the previously checked certificate of the playback unit (rdm) _pubre and transferred to the playback unit (cf. step 12 in FIG. 2).

Then in the cryptographic module

Key melody encrypted with the playback key rdm (cf. step 13 in FIG. 2) and together with the still encrypted media data to the

Playback unit forwarded (see step 14 in Fig. 2). The playback key thus takes on the function of a temporary “media” key. “Recording” the data exchanged between the cryptographic module and the playback unit cannot be done by unauthorized persons

Pirated copies can be used because the encrypted key melody cannot be decrypted.

The playback key is decrypted in the playback unit, with which the key melody can be decrypted, with which the media data can finally be decrypted for final playback.

If the audio and video media are not to be played back immediately, but rather to be temporarily stored as a local copy, the unencrypted key melody in the cryptographic module with an individually assigned and securely stored "card" key edcard is stored in the cryptographic module after a corresponding check of the usage rights 2. The key melody newly encrypted to form a card-specific crypto melody is stored together with the still encrypted media data on any data carrier, for example on the hard disk of the PC (see step 16 in FIG. 2) .This card key acts like a publisher "media" key, but in contrast to this the key is and image media usually not included for security reasons.

In an optional alternative, special card keys as well as the publisher "media" key can be added to the audio and video media in encrypted form. The card key is encrypted, similar to the publisher "media" key, with another "main key" that is present in each card.

It also makes sense with this alternative to encrypt the card key together with a signature

To attach the certification body to the audio and visual media.

This alternative makes it possible to have the sound and image media encrypted with one card reproduced on another card. This may make audio and video media "re-publishable", subject to a charge.

The use of main media and signature keys reduces the overall risk of corruption of the entire system: By using relatively fewer "media" keys (eg one per publisher per year), the sensitive "main" key is used as little as possible, which means that it is difficult to uncover the key in the course of the cryptanalysis, but even the actually serious uncovering of the "main key" (which is present in every m.card) does not yet lead to a failure of the overall system, because this also affects the

Detection of the well secured signing key of the

Certification body would be required. Only through that

The interplay of "master key", "media" key and signing key ensures simple and secure copy and usage protection.

Claims

claims

1.System and method for creating and distributing copy-protected and usage-protected electronic audio and video media and their data content, the data content of the electronic media being encrypted in such a way that its complete reproduction or display is not possible without the implementation of cryptographic processes with a certain scope of use legitimate recipients can take place and that if the electronic media is passed on to third parties, the complete reproduction cannot take place or not without the corresponding cryptographic processes being carried out again, characterized in that a cryptographic module is used for the recipient, in whole or in part encrypted or encrypted data content of electronic audio and video media or keys for decrypting or decrypting this data content in such a way decrypted or decrypted and then in turn encrypted or passes encrypted to a playback unit that the audio and video information can be played back in the playback unit without the electronic data content being present in unencrypted form on the transmission path, at the input or output of the cryptographic module or at the input of the playback unit.

2. The method according to claim 1, - characterized in that the cryptographic module can differentiate between different encodings, the distinction permitting conclusions about authorship, ownership and usage rights, for example for reproduction or for making copies. Method according to one or both of claims 1 or 2, characterized in that the author, creator, processor or distributor of the electronic sound and image media encrypts or encrypts the unencrypted output data in whole or in part in such a way that the electronic sound and image media or the keys for decryption or deciphering the electronic sound and image media in the cryptographic module of the

Recipients can be decrypted or decrypted again.

Method according to one or more of the claims to 3, characterized - indicates that the encryption or encryption of the electronic audio and video media or the “melody” key to decrypt or decrypt these media, carried out in full or in part, by the author, creator , Processor or distributor with one

“Media” key takes place, which in turn is added to the electronic audio and video media in encrypted or encrypted form, with the “media” key being encrypted or encrypted with a “master key” in such a way that it is in the cryptographic module at the recipient can be undone by decryption or decryption.

Method according to one or more of claims 4 to 4, characterized in that, in an emergency, two or more encodings or ciphers by the author, creator, processor or distributor that can be undone in the cryptographic module by the recipient by decryption or decryption alternative encryption or encryption procedure or keys can be carried out for this.

Method according to one or more of the claims to 5, d a d u r c h g e - k e n n z e i c h n e t that the

"Media" keys for partial or complete encryption or encryption of the electronic sound and image media or the "Melody" keys for decrypting or decrypting these media, which is added to the electronic audio and video media, are provided with a digital signature that can be verified in the cryptographic module at the recipient.

Method according to one or more of the claims to 6, that the cryptographic module at the recipient after decrypting or decrypting the electronic sound and image information originating from the author, creator, processor or distributor or

“Melody” key for decrypting or decrypting this information is encrypted or encrypted again in such a way that only a playback unit can decrypt or decrypt it.

Method according to claim 7, d a - d u r c h g e k e n n z e i c h n e t that the "media" key used in the cryptographic module to encrypt or encrypt the electronic

Sound and image information or the "melody" key is used to decrypt or decrypt this information for forwarding to the playback unit, is exchanged securely and authentically between the cryptographic module and the playback unit Method according to one or both of claims 7 or 8, characterized in that the "playback" key used in the cryptographic module for encrypting or encrypting the electronic sound and image information or the "melody" key for decrypting or decrypting this information for transmission to the Playback unit is generated randomly or according to algorithms that make predictability difficult.

Method according to one or more of claims 7 to 9, d a d u r c h g e k e n n z e i c h n e t that the "playback" key, which is in the cryptographic

Module for encryption or encryption of the electronic sound and image information - or the "melody" key for decrypting or decrypting this information - to be passed on to the playback unit, differentiate between different playback units.

Method according to one or more of claims 1 to 6, characterized in that the cryptographic module at the recipient after decoding or decrypting the sound and image information originating from the author, creator, editor or distributor or the "melody" key for decrypting or decrypting it Information is encrypted or encrypted again in such a way that the cryptographic module is able to decrypt or decrypt this sound and image information or the "melody" key to decrypt or decrypt this information. Method according to claim 11, characterized in that those “card” keys that are used in the cryptographic module when the cryptographic module itself is to perform the subsequent decryption or decryption differ in different cryptographic modules.

Method according to one or more of claims 11 to 12, so that the cryptographic module at the recipient after decrypting or decrypting the sound and image information or the "melody" key previously encrypted with the "card" key

Decrypt or decrypt this

Information this or the corresponding

"Melody" keys are again encrypted or encrypted in such a way that only a playback unit can decrypt or decrypt them.