ITUB20159567A1 - METHOD OF PROTECTION OF MULTIMEDIA FILES FROM COPY AND UNAUTHORIZED DISTRIBUTION AND ASSOCIATED MULTIMEDIA FILES. - Google Patents

Description

"METHOD OF PROTECTING MULTIMEDIA FILES AGAINST AUTHORIZED COPY AND DISTRIBUTION AND ASSOCIATED MULTIMEDIA FILE"

Field of invention

The present invention relates to the field of multimedia files and in detail includes a method for preventing unauthorized copying and distribution of multimedia files.

Technique Note

At present, almost all multimedia content is digital. Digitization brings great advantages, such as the possibility of copying without any loss of quality, the possibility of distribution via networks such as the Internet, the almost unlimited duration of the media.

Unfortunately, however, one of the main advantages, which is the ability to copy the digital file that contains the multimedia data, represents a major drawback when the content is subject to copyright; the illegal copying and distribution of multimedia files, even if prohibited, are widespread and cause enormous damage to authors and to all operators in the distribution chain.

Document RM2013A000728 describes a method for exchanging data and commands between a computer and a peripheral by means of a shared file.

Document 102015000043174 provides for the possibility of allocating the file in the computer or in the cloud instead of in the peripheral as indicated in figure 1. In this document, and with reference to figure 2, a real-time system for storing and bi-directional transmission of data is indicated as a whole. commands and data for a computer in the I / O process.

Between the computer 21 and the peripheral 23 there is a direct USB connection 22, made in detail between the host computer 21 and the peripheral 23, again via USB or other communication protocol.

In the embodiment described in the present invention the communication file 24 is in the computer 21 and not in the peripheral 23.

This arrangement can be realized, for example, by exploiting the USB OTG protocol described above. Preferably but not limitedly, in this case, the peripheral 23 must have the complete functionality of master MSD (Mass Storage Device) which in the original patent was not necessary.

The configuration described here has some advantages. The first advantage consists in the fact that the communication file, created inside the computer disk 21 or in the form of a "ram disk", can have dimensions much greater than those achievable inside the peripheral 23. In the case in point. to which the data are transmitted according to the FIFO technique described in the patent RM2013A000728, the quantity of data that can remain pending can be increased at will.

A second advantage is given by the fact that a disk made in the computer is much faster than the one that can be made in the RAM memory of the peripheral; this is especially true in the case of a "ram disk".

A third advantage, available if the disk is made in the non-volatile disk of the computer 21 (magnetic or flash), is the “non-volatility” of the data and commands. If the device is turned off or disconnected, and even if the computer is turned off and on again, the contents of the command file remain available and the interrupted functions can be resumed exactly from the moment of interruption.

A further advantage is to eliminate the problem that arises, in particular with the units seen as a “network disk” as described above. Since the file is inside the computer itself, even in a virtualized computer (such as in a "thin client"), the file can be updated immediately using the unbuffered read / write functions on the physical disk.

Figure 3 shows a second embodiment of the real time system for storing and bi-directional transmission of commands and data for a computer in the I / O process object of the present invention. In this second embodiment, the file 34 is shared simultaneously with more than one peripheral 33 by means of multiple connections 32. In this way it is possible to transmit the same data to several peripherals 33 at the same time without having to replicate them. Each of the connected peripherals 33 can have its own command area separate from that of the other peripherals connected to the same file, and in this case the FIFO queue can function exactly as in the case of the patent RM2013A000728; or the transmission can take place in "streaming", without updating the pointers by the peripherals that receive the data. In this case the transmission, similar to a UDP broadcast, does not have a flow control.

In the case of file sharing between two or more peripherals, it is also possible that two peripherals exchange data and commands with each other, without intervention by programs on the host computer, or that data originating from a peripheral is received by the computer and at the same time from other peripherals.

Returning to Figure 2 by positioning the command and data file 24 within the computer 21 and in any case outside the peripheral, the system object of the present invention can be operated by disconnected operation. It takes advantage of the possibility of creating FIFO queues of data and commands within the communication file.

If you keep the device disconnected during a data and command transfer session (think for example of a traditional printing or 3D printing operation), the data and commands that are not downloaded from the device accumulate inside the file . When, at the end of the session, the peripheral is reconnected, it downloads commands and data from the queues in the file and the session is executed exactly as if the peripheral 23 had always been connected. It is also possible to transfer or copy the file accumulated during the session to another computer and connect the peripheral to this, obtaining Γ execution of the session (“playback”) in a different place.

In the case, for example, of a long operation such as a 3D printing, it is possible to prepare a "print session" file in a computer 21 equipped with the necessary processing power, to then transfer the file and print with a second computer with no graphics processing capabilities. Another advantage is given by the fact that the transferred file (even in multiple copies) is not the 3D graphic file, but a file 24 of commands and data which can only be played back and from which the original file cannot be traced. . The graphic file could in fact be subject to property rights and confidentiality that would make the transfer problematic. Again to protect the rights, by means of suitable cryptographic techniques it is also possible to limit the number of executions of the playback of the command and to establish time limits for its execution.

Ultimately, this technology application allows the "virtualization", even controlled, of a work session.

A third embodiment is described in figure 4. In this third embodiment of the system object of the present invention, the communication file 44 is advantageously allocated in a remote server or, according to the currently most widespread name, is "in cloud" .

File 44 is always shared between computers 41 and one or more peripherals 43, which access it through Internet commissions schematized in the figure with number 42.

Also in this case computer 41 and peripheral 43 can exchange data and commands exactly as in the original patent RM2013A000728.

The lower speed and stability of this kind of connection are amply compensated by the possibility of operating anyway, whatever the distance between the computer and the peripheral.

A fourth embodiment of the system object of the present invention is finally described in figure 5. In this fourth embodiment, a "cloud" application program also called "SaaS" is used, in the example a spreadsheet manager such as " Google Sheets ". Two computers 51 and 53 are connected via Internet 52 to the cloud application program, which presents the spreadsheet 54 to both computers. Instead of disk sectors or bytes within the sectors, in this case the data, commands and Answers are placed in cells of the sheet identified by row number and column letter. Data sequences, instead of in disk sectors as in the RM2013A000728 patent, can be allocated in entire rows or columns of the sheet. All the operation of the interface is similar to that described in the patent RM2013A000728, thus allowing the exchange of data and commands between the two computers. If it is necessary to act on peripherals such as 56, these can be connected to one of the two computers with an interface 55 which can be either of the traditional type, or of the type according to the patent RM2013A000728, in this case operating on a specific data file and commands.

In the two computers 51 and 53, a special application program provides communication with the "Google Sheets" application by means of the API (Application Program Interface) provided by the cloud service provider. So there is no need to make the sheet readable to a human operator or even to make it visible to users. In any case, diagnostics and tuning can be carried out by observing the spreadsheet, possibly opening it on a third computer.

While the example above uses a spreadsheet manager for communicating data and commands, it is also possible to use other types of cloud application programs, such as a text editor; in this case data and commands are placed in predefined locations of a text document.

Ultimately, while the patent RM2013A000728 provides for the allocation in the peripheral of the file used for the communication of data and commands, the invention described here adds the possibility of allocating it advantageously in the host computer or in the cloud.

In document 102015000043174, the applicant tended to specify that the application program which runs on the host computer and which implements the general functionality of the computer-peripheral system must not be modified following the different allocation of the file, because at the end of the program only the logical folder in which the file is to be opened.

It is also possible to conceive a program which, when started, performs a "search by name" of the communication file in all the folders available on the computer, thus eliminating the need to define the folder in an initial configuration phase.

In the description, reference was made in several points to the use of the USB standard for communication; however, it is clear that communication can take place with any current standard (eg SCSI, SAS, SATA, FireWire ..) and further future standards without thereby departing from the scope of patent protection.

In each of the three main cases and also in the secondary case of use of spreadsheets in the cloud, the method has numerous advantages, including the possibility of creating an interaction between a computer and one or more peripherals without using drivers, simplifying application programs and allowing interaction at any distance at low cost.

Document RM2013A000728 and part of this description refer to the use of the technique for interfacing a digitizing tablet, but it is clear that the same technique can be advantageously used in any case in which a computer communicates with one or more peripherals.

Finally, patent 102015000056882 extends the functionality of the original patent by adding security and data protection features.

In this document, a secure data and command exchange method is described, between two devices, one receiving and one transmitting, which are seen, in particular as regards a peripheral, as a mass memory and therefore can operate with an exchange of data. and commands in driverless mode.

As stated, knowing the data and command exchange technique through file described in the patent RM2013A000728 it is possible, with a limited effort, to read the transmitted data. In fact, even not knowing the real positions of the control bytes (for example those containing the pointers to the sectors in reading and writing) and the real positions of the sectors in which the data to be exchanged are allocated, it is possible to obtain these positions by means of careful observation, possibly automated, of the data and sectors involved in an exchange.

In fact, the sectors that contain the transmission control bytes (pointers) are read and written at each reading and writing operation of the data sectors, therefore a sector of this type is accessed much more frequently than those containing the data sectors. data: it is therefore possible to understand which are the sectors relating to the control bytes.

A subsequent examination of the contents of the bytes inside a control sector allows us to identify which pointers are, because they regularly increase until they point to the last data sector and then go back to point to the first data sector and resume. therefore to increase. The data sectors are also easily recognizable because they are accessed sequentially, one after the other, first in writing and then in reading. So it can be said that, by analyzing a certain amount of transmitted data, it is possible to derive the organization of the data in the exchange disk and therefore it is possible to extract all the data exchanged later with the same protocol.

The technique which is the object of the invention according to document 102015000056882 is based on the fact that the decoding of the exchanged data is far more difficult if the position of the data inside the exchange file changes frequently, for example with each new data exchange. .

With reference to Figure 6, the logical organization of the sectors of the data and command exchange file 100 is indicated (which for simplicity is represented as consisting of only 8 sectors). The first sector, indicated by 0 and dashed, is the one that contains the communication control bytes (status byte and pointers). According to this method, each of the file sectors is actually allocated on the disk in a different position: sector 0 is allocated in physical sector 3, sector 1 in 6 and so on. To establish the position of the sectors, a "scrambling algorithm" 200 is used, which is a mathematical procedure which, starting from a finite set of integers, generates a second set or file 101 formed by the same numbers, but exchanged according to a seemingly random law.

With reference to Figure 7, which illustrates the said scrambling algorithm, it can be seen that the integers belonging to an ordered set of A, by means of the transformation C, called scrambling 200, are connected to as many integers of the second set B in seemingly casual way. Actually Γ scrambling algorithm is based on a scrambling key D, which is a large integer and operates in such a way that the same key, applied at different times or places, always produces the same correspondence between the two sets of numbers.

Thus, similar to an encryption algorithm, possession of the scrambling key D allows two parties to construct the same correspondence. This scrambling key is kept secret.

In the technique object of the present patent, the scrambling key is exchanged, for each new data transfer, with the Diffie-Hellman algorithm according to the technique already described in the patent RM2013A000728, therefore the allocation of the disk sectors changes with an apparently random law at each new communication between the computer and the peripheral and / or vice versa.

An additional level of security can be obtained by means of the scrambling applied, within each sector, to the allocation of the individual bytes that compose it. The key used can be the same used for sector scrambling or a second key also agreed in advance through Diffie-Hellman.

The Applicant points out that, using the technique described herein, it is also possible to use block encryption of the data contained in the sectors at the same time, with a "traditional" symmetric algorithm such as DES, 3DES or AES.

The advantage of protection by means of scrambling is twofold: first of all, it does not allow anyone who intercepts the communication to read the communication control bytes and then to follow (or possibly modify) its progress; secondly, scrambling is less onerous from a computational point of view compared to a traditional cryptographic algorithm, therefore it is more easily achievable in the case of peripherals equipped with small microcontrollers with limited processing capacity.

Conversely, if you want the highest possible security, you can use the scrambling technique, but also encrypting the data blocks with a traditional symmetric algorithm. The symmetric encryption key can be a second or third key always exchanged at the beginning of each new communication.

Both in the case of use of scrambling alone, and in the case of joint use of scrambling + symmetric encryption, the keys can be exchanged at any frequency, according to the desired security level: only once; at each new session; with each new data exchange; periodically also within the same data exchange.

All the methods described so far are based on a more or less frequent exchange of secret and shared keys by means of the well-known Diffie-Hellman method but, as written above, this method cannot be used if the computer and the peripheral they are connected to each other and the data and command exchange file is used to accumulate a work session to be carried out at different times and places.

In the case of disconnected operation, an additional technique described below is used.

The recipient of a data and command exchange file (natural person, organization or peripheral machine, for example 3D printer), is previously equipped with a pair of asymmetric encryption keys, for example according to the RSA method. The private key remains secret inside the device while the public key is sent to the sender (natural person, organization or computer) by any means available, for example via the Internet or by sending a file on a physical medium.

As indicated in figure 8, the device that generates the data and command exchange file 100 (sender computer) generates, by means of a random number generator, the secret keys 300. The secret keys 300 are: the possible encryption key symmetric K1 used to encrypt data (with DES, 3DES, AES or similar algorithm); the K2 sector scrambling key; any byte scrambling key within the K3 sectors. The number of secret keys 300 described here as three is not to be considered limiting for the purpose of the scope of protection provided by the claims.

The sending computer then proceeds, by means of the RSA 402 encoder, to encrypt the secret keys 300 with the recipient's public key 400. The RSA 402 encoder therefore has a first and a second input 402 ', 402 "respectively powered with the secret keys 300 and with the public key 400, and produces the coded message on its output 403. The result produced on the output 403 of the encoder RSA 402, ie the set of secret keys 300, is written in one of the sectors of the exchange file 100, indicated by E in Figure 3. The sector E is allocated in a predetermined position; if the length of the keys is such as to require more than one sector, a sufficient number of contiguous or separate sectors is allocated 404. Possibly said predetermined position is generated in turn by a random number generator, and the number corresponding to said sector And it is shared between computer and peripheral. In this way the security of the transmission is increased from time to time. The file thus protected is stored and sent to the device that will have to implement it.

With reference to Figure 9, when the peripheral has received the data and command exchange file 100, it first extracts the secret keys E from the said file 100 from the exchange file and by means of an RSA 502 decoder decrypts the keys using its own private key 500. Similarly to the case of the encoder, the RSA decoder comprises a first and a second input 502 ', 502 ”powered respectively by the keys E and by the private key 500 and outputs the decoded keys K1-K3 600.

At this point the secret keys K1-K3 are available for decryption and for the "descrambling" of the data and the process of executing the commands contained in the file and extracting the data takes place as described above for the case in which the keys are exchanged with the Diffie-Hellman algorithm.

Having seen the above, the object of the present invention is therefore to describe a method for preventing the unauthorized copying and distribution of multimedia files.

Summary of the invention

According to the present invention, a method of protecting multimedia files from unauthorized copying and distribution is provided, said method being characterized in that it comprises:

- a step of creating a multimedia file in a memory, in which the said multimedia file has a plurality of sectors;

- a step of creating an authorization sector on said multimedia file, in which a plurality of access and / or reading permissions of said multimedia file are stored in said authorization sector;

- a step for creating in said memory an allocation table of a plurality of data and command sectors of said multimedia file;

- an encryption step of said authorization sector and of said allocation table of a plurality of data sectors and commands of said multimedia file, in which encryption takes place with a first public encryption key.

In an aspect of the present invention, in said method, in a step of downloading the said multimedia file the said multimedia file is downloaded one sector at a time in a destination file contained in a destination memory, and in which there is a step of repeated reading for each downloaded sector, in which a computer program accesses the operating system or a file allocation table of said destination memory, and loads a physical address of the sector just downloaded.

In one aspect of the present invention, in said method, said computer program, after having accessed said operating system or said file allocation table, adds a new row to a data and command sector allocation table and repeats the steps of transferring the physical address and writing a new line up to the end of said multimedia file.

In one aspect of the present invention, in said method, said computer program performs a generation of said authorization sector and performs a storage step within said authorization sector of file use permissions.

In one aspect of the present invention, in said method, said computer program, at the end of said memorization step, executes an encoding step of the data and command sector allocation table on said destination file and closes said file.

In an aspect of the present invention, in said method, there is a reproduction step of the said multimedia file in which there is first a reading step of the data and command sector allocation table and a subsequent decryption step of the said data table. allocation of the data sectors and commands of the said multimedia file.

In one aspect of the present invention, in said method, said decryption step takes place using said first public encryption key.

In one aspect of the present invention, in said method, there are a decryption step of said authorization sector and a step for loading a plurality of authorization data contained in said authorization sector after decryption.

In one aspect of the present invention, in said method, an electronic reproduction of said multimedia file occurs only when said authorization data includes an authorization for said reproduction.

In one aspect of the present invention, in said method, in the reproduction of the said multimedia file there is a sequential reading of the plurality of sectors of the said multimedia file using the said table for allocating the data and command sectors stored in the multimedia file itself.

In one aspect of the present invention, in said method, there is a step for loading at least part of said plurality of sectors of said multimedia file into a buffer stage of an electronic device for reproducing said file.

In one aspect of the present invention, in said method, at least part of said sectors of said multimedia file contains useful data encrypted by symmetrical coding with a scrambling key.

In one aspect of the present invention, in said method, said scrambling key is written in said multimedia file by asymmetric coding.

In one aspect of the present invention, in said method, said scrambling key is a single use key obtained from a predefined internet site.

In one aspect of the present invention, in said method, said scrambling key is a key for use wired inside a computer program for decoding said multimedia file.

In an aspect of the present invention, in said method there is a copying step of the said multimedia file in turn comprising a decoding step of the said table for allocating data and command sectors and of the said authorization sector of the said multimedia file. and a subsequent step of reading from said table for allocating data sectors and commands of said multimedia file of a sector and a subsequent writing step of the sector just read in a destination file.

In an aspect of the present invention, in said method following said step of subsequent writing of the sector just read in said destination file, said computer program reads the physical number of the sector of the destination file just written and adds a line containing this physical number in the data and command sectors allocation table of said destination file.

According to the present invention, an electronic computer program is provided, loaded on a non-transient memory support and adapted to be executed on an electronic computer, said program being able to cause the execution of at least part of the steps described in any one of the steps described above.

According to the present invention, a multimedia file is also produced characterized in that it comprises a structure having a plurality of sectors, in which in said plurality of sectors, at least part is adapted to contain useful multimedia data and in which in said plurality of sectors there are present :

- at least one authorization sector containing electronic data authorizing the reading or copying of said useful multimedia data and / or said multimedia file itself; And

- an allocation table of data sectors and commands of said multimedia file in which said table of allocation of data sectors and commands of said multimedia file is encrypted together with said authorization sector.

Description of the figures

The invention will now be described with reference to the attached figures in which:

Figure 1 illustrates a real time system for storing and bi-directional transmission of commands and data for a computer in the I / O process in an embodiment thereof known from document RM2013A000728;

Figure 2 illustrates a real time system for storing and bi-directional transmission of commands and data for a computer in the I / O process in a first known embodiment thereof;

Figure 3 illustrates a real time system for storing and bi-directional transmission of commands and data for a computer in the I / O process in a second known embodiment thereof;

Figure 4 illustrates a real time system for storing and bi-directional transmission of commands and data for a computer in the I / O process in a third known embodiment thereof;

Figure 5 illustrates a real time system for storing and bi-directional transmission of commands and data for a computer in the I / O process in a fourth known embodiment thereof;

Figure 6 illustrates a plurality of rows with exchanged sectors and exchange order;

Figure 7 illustrates an order of exchange of the sectors of said rows;

Figure 8 illustrates an encoding diagram of a file;

Figure 9 illustrates a decoding diagram of a file; and as regards specifically the object of the present invention;

Figure 10 illustrates a mass memory containing a multimedia file structure;

Figure 11 illustrates a flow diagram of a download process of the said multimedia file object of the present invention;

figure 12 illustrates a flow diagram of a reproduction process of a multimedia file object of the present invention; And

Figure 13 illustrates a flow diagram of a copying process of a multimedia file object of the present invention.

Detailed description of the invention

A data and command exchange file according to the RM2013A000728 patent provides for a strictly consecutive allocation of the disk sectors that contain the file.

This feature, implemented in a peripheral governed by a microcontroller, has the advantage of simplifying the access to the file by the microcontroller.

If, on the other hand, you want to use a file format according to the cited patents to contain multimedia data, the greater processing power of the multimedia processor that processes the data makes consecutive allocation no longer necessary and the file, which can reside on a computer, in a tablet or smartphone or in a multimedia player, it can be allocated according to any sequence and, in particular in FAT systems which are the most common in portable media such as "USB sticks '' and SD memory cards and the like, it can have any degree of fragmentation .

Pursuant to the present invention, please note that by "fragmentation" we mean the allocation of a file in sectors that are not consecutive but distant from each other and "scattered" in the disk and in any case not one consecutive to the other. Fragmentation normally represents a drawback, because it slows down the read and write accesses to the file, but in the present invention it is exploited to protect a file from unauthorized copying.

Figure 10 illustrates a multimedia file introduced into a mass memory 1000. A multimedia file 1002 made according to the present invention contains, in a predetermined position (for example at the end), a map of the physical sectors in which the file itself is allocated, encrypted with an asymmetric algorithm using as a key a public key of the recipient authorized to use the multimedia data.

The multimedia file 1002 then contains the multimedia data, organized in the form of a data queue and protected against unauthorized copying using the method described in the IT document 102015000056882.

The multimedia file 1002 also contains, always encrypted with the same key, a sector P, indicated with the reference number 1004, which contains the permissions relating to the file: the authorization to copy and possibly the number of copies allowed; any maximum number of reproductions permitted; a possible expiry date of the authorizations.

The multimedia file 1002 structured in this way cannot be used as it is, for example using normal playback programs such as Windows Media Player with a standard codec, but must be played with a specifically designed program or codec capable of decoding it correctly. Even copying, if permitted, cannot be made by means of the normal functions of the operating system but by means of a specific program. In fact, the normal copy, still possible, carried out by means of the operating system, produces a file that can no longer be reproduced even using the program or the appropriate codec indicated above.

While it is not possible to prevent copying made by means of the operating system functions (but which produces unusable copies), the technique described here allows to completely prevent copying in usable form or to limit the number of usable copies, for example to three normally intended for personal use.

In order to be able to use a multimedia file 1002 such as the one object of the present invention (for example, music or film), the user who acquires it is provided with a pair of asymmetric encryption keys, whose private key is safely delivered to him and which remains protected inside the reproducing device it intends to use (computer, tablet, smartphone or similar).

To better describe the technique, it is necessary to refer to figure 10, in which a schematic representation of the mass memory 1000, organized in sectors, in which the multimedia file 1002 is stored, is seen.

The file is made up of data and commands, indicated with the reference number 1005, organized according to the technique described in the patent RM2013A000728 and containing the actual multimedia data; but it also contains further data introduced by the invention described here: a certain number of sectors, indicated with A, B,., which contain an allocation table of the data and command sectors indicated with the reference number 1003. data and command sectors indicated with 1003 is formed by the series (indicated with NI, N2 ... in Figure 10) of the physical addresses of the sectors that contain the data and commands of the file.

The physical addresses are related to the real numbering of the sectors into which the disk is divided, which, for example in the case of the FAT system (which, being well known, does not require further explanations), are those reported in the "file allocation table" file itself and can be derived from low-level functions of the operating system. Therefore, the sector allocation table is a subset of the file allocation table of the multimedia file 1002 itself.

The table of allocation of the data and command sectors indicated with 1003, even if for simplicity it appears in clear text in Figure 10, is actually encrypted together with sector P (indicated with the reference number 1004) using the associated asymmetric cryptographic public key to the user authorized to reproduce.

The operational details of the three phases that typically make up the life of a multimedia file are explained below: downloading from the Internet, reproduction and copying.

The following portion of the description describes the download of a multimedia file; this description refers to the flow diagram shown to support the description in Figure 11.

The download from the Internet can be done by means of a computer program, a software application, or an active object embedded in a Web page and requires that such program or application be able to access the low-level functions of the operating system or in any case that can read the “file allocation table” of the mass memory unit in which the multimedia file is written during the download.

If the transferor of the file has decided not to authorize the copy, the download can only be done directly to the device that will be used for reproduction, which in this case can also be read-only (CD-ROM). In cases where a maximum number of copies is authorized, the medium must be modifiable (hard disk, Flash memory or similar).

As can be seen in Figure 11, which represents a simplified flow diagram of this operation, the multimedia file (already in the format envisaged by patent RM2013A000728 and protected as envisaged in patent 102015000056882) is transferred one sector at a time in the destination file (step 2100 ). As soon as the sector has been written, the download program accesses the operating system or reads the FAT of the mass memory to obtain the physical address (sector number) in which the sector was written (step 2200); the program or application then adds a row to its data sector and command allocation table indicated with the reference number 1003 (step 2300) and repeats the cycle (step 2400) until the end of the file.

The program then generates the sector P which contains, in an appropriately coded way, the permissions to use the file (step 2500), and then encodes with the public key of the user the table of allocation of the data and command sectors indicated with the number of reference 1003 and sector P (step 2600). Finally, it writes the table of allocation of the data and command sectors indicated with 1003 in a predetermined position in the destination file (for example at the end) and closes the file (steps 2700 and 2800).

When the multimedia file 1002 is reproduced, the method object of the present invention operates as follows. In detail, the description of the operation of the method object of the present invention is assisted by the visual support provided by the flow chart of figure 12.

The reproduction (for example of an audio file) can be carried out only using a special reproduction program or by installing, in a normal multimedia playback program (such as Windows Media Player), a plug-in codec designed to decode the generated files according to the present technology. With reference to Figure 12, the first operation (step 3100) consists in reading the sector allocation table from the file, which as mentioned is in a predetermined position, and decoding it by means of the private key of the user who performs reproduction. Clearly an unauthorized user does not have the key and cannot perform the reproduction.

The sector P which contains the permissions is examined (step 3200) to verify if the reproduction is allowed; the technology makes it possible to establish a maximum number of reproductions or a time limit for the use of the file.

At this point the reading and playback loop begins, formed by 3300,3400,3500,3600 steps. Each sector is read by addressing it by means of the sector allocation table read from the file itself (step 3300), and not using the operating system functions that allow the sequential reading of the file. In this way, if the file has been moved or copied, playback cannot take place because the sectors in which the file is physically written no longer correspond to those listed in the allocation table read from the file itself.

The sectors are read in succession (step 3400), eventually accumulated in a reading buffer and then reproduced (step 3500). When the file finishes, it is closed (steps 3600 and 3700).

Note that, since the real sector allocation of the file is always obtainable from the operating system, it seems possible that a reproduction program written specifically to circumvent the protection could decrypt the file. This cannot happen because, as mentioned, the data and commands cannot be decoded anyway, since the technique described in the patent 102015000056882 is used for them, which performs a "scrambling" and a symmetrical coding of the useful data of the file. To carry out the "descrambling" it is necessary to have the scrambling key which is kept secret: it can be fixed and wired inside the authorized decoding program, written in the multimedia file itself in an encrypted form with an asymmetric algorithm or obtained each time by a service via Internet network.

If the file has a maximum number of authorized reproductions, it must necessarily be on rewritable media. In this case, the P sector is updated by decreasing the number of reproductions still allowed, it is re-encoded with the user's public key and the sector of the file that contains it is rewritten at the end of the reproduction (or even at the beginning of the reproduction, or after a few seconds, depending on the manufacturer's choice).

The copy of the multimedia file 1002, as can be seen in figure 13, begins with the decoding of the sector allocation table and of the sector P of the source file (step 4100), If, as shown by sector P, copying is allowed ( step 4200), the sector number to be copied is read from the sector allocation table of the source file (step 4300); then the sector is read from the source file (step 4400), the sector is written to the destination file (step 4500), the physical number of the sector relative to the destination file is read (step 4600) and the addition of a line containing this number to the sector allocation table of the destination file (step 4700).

The copy of the sectors continues until the end of the file (step 4800). At the end, a new sector P is created for the destination file, which contains the rights that the originator of the file has established: for example, it is possible to make the copy be reproducible but cannot be copied further (step 4900 ). The new sector allocation table is then encrypted with the recipient's public key, which can be the same as the source file or another (step 5000), and then written to the destination file in the predetermined position (step 5100). The file is then closed (step 5200).

Further particular methods are described in this part of the description. As can be understood from the previous description, the copy protection is given by the presence of the sector allocation table and by the fact that, if the one present in the file does not coincide with the one in which the file is actually allocated, the reproduction or copy will not are possible. It follows that, for security purposes, it is preferable that the file has some degree of fragmentation, because a contiguous sector allocation is easier to reproduce. There is also a particular case in which the protection could be ineffective: the one in which the file is downloaded to a completely empty disk, and is therefore allocated starting from the first sector of the disk and on contiguous sectors. If the file is copied to another completely blank disk, the protection is unable to work. This possible problem, as well as that of the weakness of the protection in case of lack of fragmentation, can be solved by introducing a certain degree of fragmentation on purpose when the file is written. This can be achieved both by accessing low-level functions of the operating system, and (particularly in FAT systems) by closing and reopening the file several times during writing and by going, between one writing and another, to write a dummy file, of variable dimensions, which, going to occupy the first free sectors of the disk, creates a fragmentation in the multimedia file. The dummy file can be opened multiple times, adding varying lengths of data, and deleted at the end of writing the media file.

The size of the fragmentation "gaps" is preferably pseudorandom and, because it is not the same for all multimedia files, it can use the user's public key or a part of it as the seed of the random number; the degree of fragmentation thus generated does not necessarily have to be very high, but sufficient to guarantee the desired level of protection.

The description reported so far assumes that the data area of the multimedia file is protected with the method described in the patent 102015000056882; of course, in less important cases, this protection is not required for the copy protection method to be used.

The data format, instead of the one with a data queue envisaged by the patent RM2013A000728, can also be the traditional one used up to now for the type of multimedia file desired.

To avoid the consequences due to unauthorized changes to the sector allocation table (which can occur after decryption), a control hash (of the whole file or part of it) can be added to it, encoded with the transferor's private key. of the multimedia file (digital signature).

If, despite the protection, copies of the multimedia file circulated together with their reading key (user private key) are found in circulation, it is possible from the key to trace the author of the unauthorized copy without the possibility of denial.

The system has a possible weak point: if you use a disk defragmentation program, and this defragments the multimedia file or in any case allocates a part of it to a different area of the disk, the file becomes unusable. In some operating systems it is possible to mark the file as “not to be deframmed” to avoid this possibility. In other systems, such as Linux and derivatives, defragmentation is not usually necessary and the defragmentation programs are often not even installed. One way to avoid defragmenting a file is to make it appear as “open” or “in use” when you start the defragmentation program.

When the method described in the present patent has a sufficient diffusion, the producers of defragmentation programs will certainly ensure that their utilities do not defragment multimedia files of the type described here.

Finally, it is clear that additions, modifications or obvious variants for a person skilled in the art can be applied to the object of the present invention without thereby departing from the scope of protection provided by the attached claims.

Claims (19)

Claims 1. Method of protecting multimedia files from unauthorized copying and distribution, the said method being characterized by comprising: - a step of creating a multimedia file (1002) in a memory (1000), in which the said multimedia file (1002) has a plurality of sectors; - a step for creating an authorization sector (P) on said multimedia file (1002), in which a plurality of access and / or reading permissions of said multimedia file are stored in said authorization sector (P) ( P); - a step for creating in said memory (1000) an allocation table of a plurality of data and command sectors (1003) of said multimedia file (1002); - an encryption step of said authorization sector (P) and of said allocation table of a plurality of data and command sectors (1003) of said multimedia file, in which encryption takes place with a first public encryption key. 2. Method according to claim 1, characterized in that in a download step of said multimedia file (1002), said multimedia file (1002) is downloaded one sector at a time (2100) in a destination file contained in a memory destination, and in which there is a reading step repeated for each downloaded sector, in which a computer program accesses the operating system or a file allocation table of said destination memory, and loads (2200) a physical address of the sector you just downloaded. The method according to claim 2, wherein in said computer program, after accessing said operating system or said file allocation table, adds a new row (2300) to a data sector allocation table and commands (1003), and repeats the transfer steps (2100), obtaining the physical address (2200) and writing a new line (2300) until the end of said multimedia file (1002). Method according to any one of the preceding claims 2-3, characterized in that said computer program performs a generation of said authorization sector (P) and executes a storage step (2500) within said sector (P) authorization of file usage permissions. 5. Method according to claim 4, characterized in that the said computer program, at the end of the said memorization step (2500), executes a coding step (2600) of the table for allocating the data sectors and commands (1003) on the said destination file and closes said file (2800). Method according to any one of the preceding claims, characterized in that it comprises a reproduction step of said multimedia file (1002) in which there is first a reading step of the data and command sector allocation table (1003) and a subsequent decryption step (3100) of the said table for allocating the data and command sectors (1003) of the said multimedia file (1002). 7. Method according to claim 6, characterized in that said decryption step takes place using said first public encryption key. 8. Method according to claim 5 or claim 6, characterized in that it further comprises a decryption step of said authorization sector (P) and a step for loading a plurality of authorization data contained in said sector (P) authorization after decryption. Method according to claim 8, characterized in that an electronic reproduction of the said multimedia file (1002) takes place only when the said authorization data includes an authorization to the said reproduction and the physical allocation of the sectors of the file in the memory unit coincides with the one written in the allocation table in the file itself. Method according to claim 8 or claim 9, characterized in that it comprises in the reproduction of the said multimedia file (1002) a sequential reading (3400) of the plurality of sectors of the said multimedia file (1002) using the said allocation table of the data and command sectors (1003) stored in the multimedia file (1002) itself. Method according to claim 10, characterized in that it comprises a step for loading at least part of said plurality of sectors of said multimedia file (1002) into a buffer stage of an electronic device for reproducing said file. 12. Method according to claim 11 or claim 12, characterized in that at least part of said sectors of said multimedia file (1002) contain useful data encrypted by symmetrical coding with a scrambling key. 13. Method according to claim 12, characterized in that said scrambling key is written in said multimedia file (1002) by asymmetric coding. 14. Method according to claim 12, characterized in that said scrambling key is a single-use key obtained from a predefined internet site. 15. Method according to claim 12, characterized by the fact that said scrambling key is a key for use wired inside a computer program for decoding said multimedia file (1002). Method according to any one of the preceding claims, characterized in that it comprises a copy step of the said multimedia file (1002) in turn comprising a decoding step (4100) of the said data and command sector allocation table (1003 ) and of said authorization sector (P) of said multimedia file (1003) and a subsequent reading step (4400) from said table for allocating data sectors and commands (1003) of said multimedia file (1002) of a sector and a subsequent write step (4500) of the sector just read in a destination file. Method according to claim 16, characterized in that following the step of subsequent writing (4500) of the sector just read in said destination file, said computer program reads the physical number of the sector of the destination file just written and adds a line containing such physical number in the data and command sectors allocation table (1003) of said destination file. 18. Computer program, loaded on a non-transient memory medium and adapted to be executed on an electronic computer, said program being capable of causing the execution of at least part of the steps described in any one of the preceding claims 1- 17. 19. Multimedia file (1002) characterized in that it comprises a structure having a plurality of sectors, in which in said plurality of sectors, at least part is suitable for containing useful multimedia data and in which in said plurality of sectors there are: - at least one sector (P) of authorization containing electronic data authorizing the reading or copying of said useful multimedia data and / or said multimedia file itself; And - a table for allocating data sectors and commands (1003) of said multimedia file (1002), in which said table for allocating data sectors and commands of said multimedia file is encrypted together with said sector (P) of authorization .