TW202117571A - Structure and method for encrypting digital data memory card being provided with a memory in a memory card - Google Patents

Structure and method for encrypting digital data memory card being provided with a memory in a memory card Download PDF

Info

Publication number
TW202117571A
TW202117571A TW108139105A TW108139105A TW202117571A TW 202117571 A TW202117571 A TW 202117571A TW 108139105 A TW108139105 A TW 108139105A TW 108139105 A TW108139105 A TW 108139105A TW 202117571 A TW202117571 A TW 202117571A
Authority
TW
Taiwan
Prior art keywords
memory card
area
memory
digital data
encryption
Prior art date
Application number
TW108139105A
Other languages
Chinese (zh)
Other versions
TWI820242B (en
Inventor
林暉
Original Assignee
林暉
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 林暉 filed Critical 林暉
Priority to TW108139105A priority Critical patent/TWI820242B/en
Publication of TW202117571A publication Critical patent/TW202117571A/en
Application granted granted Critical
Publication of TWI820242B publication Critical patent/TWI820242B/en

Links

Images

Abstract

This invention relates to a structure and method for encrypting a digital data memory card. A main body is provided with a memory in a memory card. The memory is provided with a reading controller matched with a reader and a protection area and is additionally partitioned into a hard disk partition table area and a file area. A protected portable storage ID (PSID) is written into any one of all the areas by an application programming interface (API). Before the protected PSID is written by the API, the API provides the reading controller a secret key completed by encryption and decryption logics, the reading controller firstly dencrypts the secret key and transmits a result to the API. Therefore, the safety is further improved.

Description

數位資料記憶卡加密之構造及方法 Structure and method of digital data memory card encryption

本發明係關於一種數位資料記憶卡加密之構造及方法,尤指一種將需要取得權利方可取用之數位資料載入記憶卡內,並將其加密之保護管理機制(DRM,Digital Rights Management)。 The present invention relates to a structure and method for encrypting a digital data memory card, in particular to a protection management mechanism (DRM, Digital Rights Management) that loads the digital data that needs to be obtained before access to the memory card into the memory card and encrypts it.

由於電腦與數位技術之進步使然,許多創作、著作之內容(例如電影或音樂內容),其內容皆被轉換成數位影音壓縮檔案,再將該檔案燒錄於CD、DVD等影音載體供一般消費者使用。該創作、著作之內容,除電影或音樂外,甚至廣泛延伸至演講、教學錄影、舞台劇等等,皆可以將內容轉換成數位影音壓縮檔案(以下合稱為【數位資料】)。然而,由於壓縮與複製技術之純熟,前述之數位資料,無論電影或音樂內容,皆容易被形成各種檔案格式,透過各種複製、燒錄等技術予以重製,更由於網路推波助瀾下,成為散佈之媒介而提供更廣泛之上傳與下載,使得複製之內容,更無遠弗屆地被傳遞、擴散。從而,數位資料(尤其是音樂或電影)之製作心血以及著作內容,被科技所提供之環境輕易攻破,而毫無防備。也令許多著作人之創作意願低落,對於重視智慧財產權之現今文明社會,不啻為一種極大之發展障礙,因此如何透過科技防護機制對於著作內容形成複製之障礙,以及內容之保護,為許多影音出版、發行業者,甚或演藝人員以及詞 曲創作人等高度重視,更符合我國科學技術基本法以及相關之科技法令之立法美意。再者,前述之載體,一般而言CD、DVD等光碟片目前為市場之主流,但由於其重複使用之技術,除少數可抹寫式之光碟片可以多次重複燒錄外,其重複燒錄之型態並未形成如早期錄音帶之普及性,且由於體積較大之關係,使得目前許多播放器材(如MP3播放器)等,並未能同步使用。而是將該數位資料,由前述之載體擷取、複製至所謂之SD卡等記憶卡使用。按,目前記憶卡主要是用於數位檔案資料之儲存(目的同磁碟片等)。若能積極使其形成數位資料之載體,同時配合Secured Digital Card(SD)(安全數位記憶卡)之安全數位特性以及體積小之特性,當可以符合更進一步之形成較佳之數位資料載體,且具有攜帶性高、適用性廣之安全防護機制。尤其目前市面上所流通的SD記憶卡,除傳輸速度以及容量已經大幅提升,且技術成熟而導致產品價格可以被廣泛接受。使得記憶卡形成較佳之數位資料載體之條件更為成熟。 Due to the advancement of computer and digital technology, the content of many creations and works (such as movie or music content) are converted into digital audio-visual compressed files, which are then burned on CD, DVD and other audio-visual media for general consumption者用。 Used by. The content of the creation and work, in addition to movies or music, even extends to lectures, teaching videos, stage plays, etc., can be converted into digital audio-visual compressed files (hereinafter collectively referred to as [digital data]). However, due to the proficiency of compression and copying technology, the aforementioned digital data, regardless of movie or music content, can easily be formed into various file formats and reproduced through various copying, burning and other technologies. It is even more disseminated by the Internet. The media provides a wider range of uploads and downloads, so that the copied content can be transmitted and spread farther. As a result, the production efforts of digital materials (especially music or movies) and the content of the works are easily breached by the environment provided by technology without defense. It has also led to the low creative intentions of many authors. It is a great obstacle to the development of today's civilized society that values intellectual property rights. Therefore, how to use technological protection mechanisms to form an obstacle to the copying of the content of the work, and the protection of the content, is for many audiovisual publications. , Publishers, or even entertainers and words The music creators attach great importance to it, which is more in line with the legislative intentions of the Basic Law of Science and Technology of my country and related science and technology laws. Furthermore, the aforementioned carriers, generally CDs, DVDs, and other optical discs are currently the mainstream in the market, but due to their repeated use technology, except for a few rewritable optical discs that can be burned multiple times, they are burned repeatedly. The type of recording has not formed the popularity of early audio tapes, and due to the large size, many current playback equipment (such as MP3 players), etc., cannot be used simultaneously. Instead, the digital data is retrieved from the aforementioned carrier and copied to a memory card such as a so-called SD card for use. Click, the current memory card is mainly used for the storage of digital file data (the purpose is the same as the floppy disk, etc.). If it can actively form a carrier of digital data, and at the same time cooperate with the secure digital characteristics and small size of Secured Digital Card (SD) (secure digital memory card), it will be able to further form a better digital data carrier and have A security protection mechanism with high portability and wide applicability. Especially the SD memory cards currently on the market, in addition to the transmission speed and capacity have been greatly increased, and the mature technology has led to the product price can be widely accepted. The conditions for the memory card to form a better digital data carrier are more mature.

雖然目前已經對於網路下載之音樂,藉由個人電腦(PC)播放器中含DRM機制(DRM,即所謂的數位版權管理【Digital Right Management】),可以提供使用者在適當提出對價(付費)情形下可以提供相對應的安全保護機制,使得在資訊上傳送的數位資料可免於被有心人士非法複製與散佈。或者藉由限制下載者身份、次數、有限時間、有限份數內之複製,然而對於載體本身(尤其是記憶卡)並無一個適當之防護機制。 Although there is already a DRM mechanism (DRM, the so-called Digital Right Management) included in the personal computer (PC) player for music downloaded from the Internet, it can provide users with appropriate consideration (paid) Under the circumstances, a corresponding security protection mechanism can be provided, so that the digital data transmitted on the information can be prevented from being illegally copied and distributed by interested persons. Or by limiting the downloader's identity, number of times, limited time, and limited number of copies, but there is no proper protection mechanism for the carrier itself (especially the memory card).

本發明人有鑒於於此,曾經發明並提出一「數位資料記憶卡加密之構造及方法」之申請,並獲得發明專利I507993號,雖可達預期功效,然時經多年,破解手法更為翻新,本發明人認為對於記憶卡本身之加密與 解密,應採取更為嚴謹之步驟。 In view of this, the inventor once invented and filed an application for "Digital Data Memory Card Encryption Structure and Method", and obtained invention patent No. I507993. Although it can achieve the expected effect, after years, the cracking method has been more renovated. , The inventor believes that for the encryption of the memory card itself and For decryption, more rigorous steps should be taken.

有鑒於先前技術中對於記憶卡未能有一充分之加密以及防護,因此對於各種需要取得權利,方能取用之數位資料之智慧財產權以及隱私未能達到充分保護。因此,本發明特針對先前技術提出一記憶卡加密之構造及方法,解決先前問題之技術手段,本發明係關於一種數位資料記憶卡加密之構造及方法,係將一記憶卡內之記憶體除本身具有一讀取控制端(Controller)以及一保護區(Protection Area)外,另分割為一硬碟分割表區(Partition Table Area)以及一檔案區(File Area),並利用一應用程式介面(API,Application Programming Interface),於前開各區選擇其任何一區,寫入一受保護儲存裝置識別碼(PSID),而當記憶卡內之檔案區(File Area)載有權利物件(Right Object)(需要具有權利取得之數位資料)時,對於各種讀取器讀取時,可以利用該受保護儲存裝置識別碼(PSID)為辨識讀取之加密機制,增加記憶卡數位資料的保護管理機制(DRM,Digital Rights Management)之安全性。且該應用程式介面寫入該受保護儲存裝置識別碼前,該應用程式介面給予該讀取控制端一透過加解密邏輯完成之密鑰指令,該讀取控制端先行對該密鑰指令進行解密,並將結果傳送至該應用程式介面。因此在記憶卡內共有4個區域:即讀取控制端(Controller)、保護區(Protection Area)、硬碟分割表區(Partition Table Area)以及檔案區(File Area),而欲將受保護儲存裝置識別碼(PSID)(Portable Storage ID)置入該記憶卡可以選擇以下數種方式: In view of the insufficient encryption and protection of the memory card in the prior art, the intellectual property rights and privacy of the digital data that can be accessed for various needs are not fully protected. Therefore, the present invention specifically proposes a structure and method of memory card encryption for the prior art, and technical means to solve the previous problems. The present invention relates to a structure and method of digital data memory card encryption, which removes the memory in a memory card. It has a read control terminal (Controller) and a protection area (Protection Area), and is divided into a hard disk partition table area (Partition Table Area) and a file area (File Area), and uses an application program interface ( API, Application Programming Interface), select any area in the front area, write a protected storage device identification code (PSID), and when the file area (File Area) in the memory card contains the right object (Right Object) (Need to have the right to obtain digital data), when reading by various readers, the protected storage device identification code (PSID) can be used as an encryption mechanism for identification and reading, and the protection and management mechanism for the digital data of the memory card is added ( DRM, Digital Rights Management) security. And before the application program interface writes the protected storage device identification code, the application program interface gives the read control terminal a key command completed through encryption and decryption logic, and the read control terminal first decrypts the key command , And send the result to the application interface. Therefore, there are 4 areas in the memory card: read control terminal (Controller), protection area (Protection Area), hard disk partition table area (Partition Table Area) and file area (File Area). The PSID (Portable Storage ID) can be inserted into the memory card in one of the following ways:

一、若要將受保護儲存裝置識別碼(PSID)(Portable Storage ID)放入記憶卡記憶體內之讀取控制端(Controller),即可使用一般記憶卡讀取器(例如SD Reader)與針對記憶卡記憶體內之讀取控制端(Controller)所發展之應用程式介面(API)即可,此種較為安全。 1. To change the protected storage device identification code (PSID) (Portable Storage ID) is inserted into the reading control terminal (Controller) in the memory of the memory card, you can use general memory card readers (such as SD Reader) and applications developed for the reading control terminal (Controller) in the memory of the memory card Interface (API) is fine, which is more secure.

二、若要將受保護儲存裝置識別碼(PSID)放入記憶卡之保護區(Protection Area),則可以用特殊治具進行記憶卡保護區(Protection Area)大小之切割,亦可使用一般SD Reader與針對記憶卡記憶體內之保護區(Protection Area)所發展之應用程式介面(API)。 2. If you want to put the protected storage device identification code (PSID) in the protection area of the memory card, you can use a special jig to cut the protection area of the memory card, or use ordinary SD Reader and Application Programming Interface (API) developed for the Protection Area in the memory of the memory card.

三、若要將受保護儲存裝置識別碼(PSID)放入硬碟分割表區(Partition Table Area),則使用者使用Windows或其他OS進行Format後即可產生此區。 3. If the protected storage device identification code (PSID) is to be placed in the partition table area of the hard disk (Partition Table Area), the user can generate this area after formatting with Windows or other OS.

四、若要將受保護儲存裝置識別碼(PSID)放入檔案區(File Area),則使用者使用Windows或其他OS進行Format後即可產生此區。 4. If the protected storage device identification code (PSID) is to be placed in the File Area, the user can generate this area after formatting with Windows or other OS.

透過更進一步,於該應用程式介面寫入該受保護儲存裝置識別碼前,該應用程式介面給予該讀取控制端一透過加解密邏輯完成之密鑰指令,該控制端先行對該密鑰指令進行解密,並將結果傳送至該應用程式介面。如此一來,即不用懼怕駭客中途攔截與破解,為增加駭客中途攔截與破解之困難度與增加加密敏捷性。 Further, before writing the protected storage device identification code in the application program interface, the application program interface gives the read control terminal a key command completed through encryption and decryption logic, and the control terminal first commands the key Decrypt and send the result to the application program interface. In this way, there is no need to be afraid of hackers intercepting and cracking midway, in order to increase the difficulty of hackers intercepting and cracking midway and increase encryption agility.

(1)‧‧‧記憶卡 (1)‧‧‧Memory Card

(11)‧‧‧記憶體 (11)‧‧‧Memory

(111)‧‧‧讀取控制端 (111)‧‧‧Read control terminal

(112)‧‧‧保護區 (112)‧‧‧Protection Area

(113)‧‧‧硬碟分割表區 (113)‧‧‧Hard Disk Partition Table Area

(114)‧‧‧檔案區 (114)‧‧‧Archive Area

(115)‧‧‧受保護儲存裝置識別碼(PSID) (115)‧‧‧Protected Storage Device Identification Number (PSID)

(116)‧‧‧權利物件 (116)‧‧‧Object of Rights

(117)‧‧‧公共鑰匙設施(PKI) (117)‧‧‧Public Key Facilities (PKI)

(118)‧‧‧應用程式介面(API) (118)‧‧‧Application Programming Interface (API)

第一圖係本發明之記憶卡架構示意圖 The first figure is a schematic diagram of the memory card structure of the present invention

第二圖係本發明之操作流程圖 The second figure is the operation flow chart of the present invention

第三圖係本發明之讀取控制端與應用程式介面間預先加解密示意圖 The third figure is a schematic diagram of the pre-encryption and decryption between the reading control terminal and the application program interface of the present invention

以下透過圖式說明本發明之內容、特點與實施例,俾使貴審查委員對於本案有更進一步之了解。 The content, features, and embodiments of the present invention will be described in the following diagrams, so that your reviewer has a better understanding of the case.

請參閱第一圖所示,本發明係關於一種數位資料記憶卡加密構造,包括: Please refer to the first figure, the present invention relates to a digital data memory card encryption structure, including:

一記憶卡(1),該記憶卡(1)內部設置一記憶體(11),而該記憶體(11)除本身設置有一配合讀取器之讀取控制端(Controller)(111)以及一保護區(Protection Area)(112)外,另分割為一硬碟分割表區(Partition Table Area)(113)以及一檔案區(File Area)(114),並以應用程式介面(API,Application Programming Interface)(118),於前開各區選擇任何一區寫入一受保護儲存裝置識別碼(PSID)(115),而當該記憶卡(1)內之檔案區(File Area)(114)載有權利物件(Right Object)(116)(需要具有權利取得之數位資料)時,對於各種讀取器讀取時,可以利用該受保護儲存裝置識別碼(PSID)(115)為辨識讀取之加密機制,增加該記憶卡(1)數位資料的保護管理機制(DRM,Digital Rights Management)之安全性。 A memory card (1), the memory card (1) is provided with a memory (11) inside, and the memory (11) is provided with a reading control terminal (Controller) (111) matched with a reader and a In addition to the Protection Area (112), it is divided into a Partition Table Area (113) and a File Area (114), and uses the API (Application Programming Interface) Interface) (118), select any area in the front opening area to write a protected storage device identification code (PSID) (115), and when the file area (114) in the memory card (1) is loaded When there is a right object (116) (need to have the digital data obtained by the right), when reading by various readers, the protected storage device identification code (PSID) (115) can be used to identify and read The encryption mechanism increases the security of the digital data protection management mechanism (DRM, Digital Rights Management) of the memory card (1).

配合第二圖所示,該記憶卡(1)讀取控制端(Controller)(111)廠商對於應用程式介面(API)應嚴守秘密,否則其他人即可使用此應用程式介面(API)來得到本發明中置於該記憶體(11)內之受保護儲存裝置識別碼(PSID)(115),例如設於該保護區(Protection Area)(112)之程式與受保護儲存裝置識別碼(PSID)(115)。 As shown in the second figure, the memory card (1) reading control terminal (Controller) (111) manufacturer should strictly keep the application programming interface (API) secret, otherwise others can use this application programming interface (API) to obtain In the present invention, the protected storage device identification code (PSID) (115) placed in the memory (11), such as the program and the protected storage device identification code (PSID) set in the protection area (112) )(115).

然而,為求更進一步確保該記憶卡(1)之受保護儲存裝置識別碼(PSID)(115),本發明可以將該記憶卡(1)設置為一種PSD(Personal Storage Disc),透過一體成型將USB功能與記憶卡整合為一體,讓使用者可以不需要透過讀卡機及傳輸線,便可經由電腦的USB介面傳輸資料,也可以免除有心人士利用輕易拆解記憶卡而取得該內部之記憶體,甚至破解。 However, in order to further ensure the protected storage device identification code (PSID) (115) of the memory card (1), the present invention can set the memory card (1) as a kind of PSD (Personal Storage Disc), which integrates the USB function with the memory card through one-piece molding, so that users can transfer data through the USB interface of the computer without using a card reader and a transmission cable, and it can also eliminate the need for people to easily disassemble the memory The internal memory is obtained from the card, and even cracked.

本發明所使用之該記憶體(11)可以為一種快閃記憶體(Flash Memory),亦可以為一種電性可擦除式唯讀記憶體EEPROM((Electrically Erasable Programmable Read-Only Memory)。 The memory (11) used in the present invention can be a flash memory (Flash Memory), or an electrically erasable programmable read-only memory (EEPROM) (Electrically Erasable Programmable Read-Only Memory).

一、若要將該受保護儲存裝置識別碼(PSID)(Portable Storage ID)(115)放入該記憶卡(1)記憶體(11)內之讀取控制端(Controller)(111),即可使用一般記憶卡讀取器(例如SD Reader)與針對記憶卡記憶體內之讀取控制端(Controller)所發展之應用程式介面(API)即可讀取或寫入,此種較為安全。請參閱第三圖所示,該讀取控制端(Controller)(111)與該應用程式介面(API,Application Programming Interface)(118)間之加解密邏輯為該公共鑰匙設施(PKI Public Key Infrastructure)(117)作為加密系統伺服器與解密程式間之加解密邏輯。其公共鑰匙設施(PKI Public Key Infrastructure)為公認最嚴密標準之加解密邏輯。 1. To put the PSID (Portable Storage ID) (115) of the protected storage device identification code (PSID) (Portable Storage ID) (115) into the reading control terminal (Controller) (111) in the memory (11) of the memory card (1), that is It can be read or written by using a general memory card reader (such as SD Reader) and an application programming interface (API) developed for the reading control terminal (Controller) in the memory of the memory card, which is safer. Please refer to the third figure, the encryption and decryption logic between the controller (111) and the application programming interface (API, Application Programming Interface) (118) is the PKI Public Key Infrastructure (PKI Public Key Infrastructure) (117) As the encryption and decryption logic between the encryption system server and the decryption program. Its Public Key Infrastructure (PKI Public Key Infrastructure) is recognized as the most rigorous standard encryption and decryption logic.

二、若要將該受保護儲存裝置識別碼(PSID)(115)放入該記憶卡(1)之保護區(Protection Area)(112),則可以用特殊治具進行記憶卡保護區(Protection Area)(112)大小之切割,亦可使用一般SD Reader與針對記憶卡記憶體內之保護區(Protection Area)所發展之應用程式介面(API)即可讀取或寫入。 2. If you want to put the protected storage device identification code (PSID) (115) into the protection area (112) of the memory card (1), you can use a special jig to perform the protection Area) (112) size cutting can also be read or written using a general SD Reader and an application programming interface (API) developed for the protection area (Protection Area) of the memory card.

三、若要將該受保護儲存裝置識別碼(PSID)(115)放入該硬碟分割表區(Partition Table Area)(113),則使用者使用Windows或其他OS進行 Format後即可產生此區。 3. To put the protected storage device identification number (PSID) (115) into the hard disk partition table area (Partition Table Area) (113), the user uses Windows or other OS to do This area can be generated after Format.

四、若要將該受保護儲存裝置識別碼(PSID)(115)放入該檔案區(File Area)(114),則使用者使用Windows或其他OS進行Format後即可產生此區。 4. To put the protected storage device identification code (PSID) (115) into the file area (114), the user can generate this area after formatting using Windows or other OS.

無論該受保護儲存裝置識別碼(PSID)(115)存在何區,該權利物件(Right Object)(116)皆需要取得權利,方能取用之數位資料。當各種裝置如個人電腦(PC)、手機或各種播放裝置(合稱為讀取器)欲讀取對應之權利物件(Right Object)(116)檔案時,該讀取控制端(Controller)(111)會使用存在該讀取控制端(Controller)(111)之軔體或保護區(Protection Area)(112)之程式來進行該權利物件(Right Object)(116)檔案解密並由解密之權利物件(Right Object)(116)檔案中求得對應之受保護儲存裝置識別碼(PSID)(115),再與儲存在該保護區(Protection Area)(112)(以保護區為例,但不限於保護區)之受保護儲存裝置識別碼(PSID)(115)作比對,若比對成功方將該權利物件(Right Object)(116)檔案提供予播放裝置。若比對不成功則告知播放裝置檔案不可讀取。 No matter where the protected storage device identification code (PSID) (115) exists, the right object (116) needs to obtain the right to access the digital data. When various devices such as personal computers (PC), mobile phones or various playback devices (collectively referred to as readers) want to read the corresponding Right Object (116) files, the read control terminal (Controller) (111) ) Will use the program stored in the firmware or protection area (112) of the controller (111) to decrypt the right object (116) file and decrypt the right object (Right Object) (116) The corresponding protected storage device identification code (PSID) (115) is obtained from the file, and then stored in the protection area (Protection Area) (112) (take the protection area as an example, but not limited to) The protected storage device identification code (PSID) (115) of the protected area is compared. If the comparison is successful, the right object (116) file is provided to the playback device. If the comparison is unsuccessful, the playback device is notified that the file is unreadable.

在該讀取控制端(Controller)(111)或保護區(Protection Area)(112)內置唯一的受保護儲存裝置識別碼(PSID)(115),不管是使用唯讀(Read-only)之獨特裝置(Unique Device)ID或是經隨機數字產生器(Random Number Generator)且是一次程式(Once-Time Programming)產生之受保護儲存裝置識別碼(PSID)(115),其他人無法複製,而該權利物件(Right Object)(116)與受保護儲存裝置識別碼(PSID)(115)之ID比對,可由該讀取控制端(Controller)(111)或播放平台之解密應用程式介面(API)(118)來進行,當 該權利物件(Right Object)(116)與記憶卡之受保護儲存裝置識別碼(PSID)(115)一致時方可進行解密與播放。 A unique protected storage device identification number (PSID) (115) is built in the controller (111) or protection area (112), regardless of whether it is a unique read-only The device (Unique Device) ID or the protected storage device identification code (PSID) (115) generated by the Random Number Generator and once-time programming is not allowed to be copied by others. The ID of the right object (116) and the protected storage device identification (PSID) (115) can be compared by the reading control terminal (Controller) (111) or the decryption application program interface (API) of the playback platform (118) Come on, when The right object (116) and the protected storage device identification (PSID) (115) of the memory card can only be decrypted and played.

該應用程式介面(118)寫入該受保護儲存裝置識別碼(PSID)(115)前,該應用程式介面(118)給予該讀取控制端(111)一透過加解密邏輯完成之密鑰指令,該讀取控制端(111)先行對該密鑰指令進行解密,並將結果傳送至該應用程式介面(118),即該記憶卡讀取控制端(Controller)(111)與播放平台之解密應用程式介面(API)(118)間之資料是加密之資料(即應用程式介面(API)(118)欲讀取或寫入保護區(Protection Area)(112)之明文資料)前,該應用程式介面(API)(118)需先以應用程式介面(API)與該讀取控制端(Controller)(111)雙方已協議取得之密鑰加密命令後,再傳送至該讀取控制端(Controller)(111)內,而該讀取控制端(Controller)(111)則先行解密命令、解譯命令、執行命令,再將結果(命令回應或資料)先以該應用程式介面(API)(118)與該讀取控制端(Controller)(111)雙方已協議取得之密鑰加密命令後,再傳送至該應用程式介面(API)(118),而該應用程式介面(API)(118)再以應用程式介面(API)與該讀取控制端(Controller)(111)雙方已協議取得之密鑰解密結果(命令回應或資料),如此一來,即不用懼怕駭客中途攔截與破解,為增加駭客中途攔截與破解之困難度與增加加密敏捷性。 Before the application program interface (118) writes the protected storage device identification code (PSID) (115), the application program interface (118) gives the read control terminal (111) a key command completed through encryption and decryption logic , The reading control terminal (111) first decrypts the key command, and sends the result to the application program interface (118), which is the decryption of the memory card reading control terminal (Controller) (111) and the playback platform Before the data between the application programming interface (API) (118) is encrypted data (that is, the application programming interface (API) (118) wants to read or write the plaintext data of the Protection Area (112)), the application The programming interface (API) (118) needs to use the key encryption command that both the application programming interface (API) and the reading control terminal (Controller) (111) have agreed to obtain before sending it to the reading control terminal (Controller) (111). ) (111), and the read control terminal (Controller) (111) first decrypts the command, interprets the command, executes the command, and then sends the result (command response or data) to the application programming interface (API) (118) ) And the reading control terminal (Controller) (111) have agreed to obtain the key encryption command, and then sent to the application programming interface (API) (118), and the application programming interface (API) (118) then Use the key decryption result (command response or data) that both the application programming interface (API) and the controller (111) have agreed to obtain. In this way, you don’t have to be afraid of hackers intercepting and cracking it in the middle. Increase the difficulty of interception and cracking by hackers and increase the agility of encryption.

只有對應之記憶卡讀取控制端(Controller)(111)與播放平台之解密應用程式介面(API)(118)(如第三圖)方能解密,以避免其他人經記憶卡讀取器(SD Card Reader)之界面來攔截資料。 Only the corresponding memory card reading control terminal (Controller) (111) and the decryption application program interface (API) (118) of the playback platform (as shown in the third figure) can decrypt, so as to prevent others from passing through the memory card reader ( SD Card Reader) interface to intercept data.

進一步說明第二圖之意義,當該讀取控制端(Controller)(111)接受讀取器指令而進行資料讀取時,首先會進行特定副檔名(例如但不限於 ROM),當確定為該保護區(Protection Area)(112)之變數所形成之副檔名之後,若是,則循由電性可擦除式唯讀記憶體EEPROM(Electrically Erasable Programmable Read-Only Memory)(亦可為快閃記憶體(Flash Memory)),例如但不限於其保護區(Protection Area)(112)儲存之加密受保護儲存裝置識別碼(PSID)(115),並且取出該副檔名下某一位元資料,然後執行存在於該讀取控制端(Controller)(111)之記憶卡韌體,或存在於該保護區(Protection Area)(112)內之內碼(CODE)。然後判斷取出之位元資料是否符合該受保護儲存裝置識別碼(PSID)(115),若是,則執行原來讀取器得以讀取之路徑與資料;若不是,則依不正常回報bus protocal(匯流排協定)。本發明對於數位版權管理機制(DRM,Digital Rights Management)提供一種數位資料的保護管理機制,除音樂、影像甚至視訊的數位資料,皆可以達到有效保護,保障數位資料使用的授權取用,以及不被第三者非法存取,避免不必要的數位資產損失。 To further explain the meaning of the second figure, when the reading control terminal (Controller) (111) accepts a reader command to read data, it will first perform a specific extension (such as but not limited to ROM), when it is determined to be the extension formed by the variable of the Protection Area (112), if it is, then it will be EEPROM (Electrically Erasable Programmable Read-Only Memory) ) (Also Flash Memory), such as but not limited to the encrypted protected storage device identification code (PSID) (115) stored in its Protection Area (112), and take out the auxiliary file Under the name of a certain bit of data, then execute the memory card firmware existing in the controller (111) or the internal code (CODE) in the protection area (112). Then determine whether the extracted bit data matches the protected storage device identification code (PSID) (115), if yes, execute the path and data that the original reader can read; if not, report the bus protocal( Bus agreement). The present invention provides a digital data protection management mechanism for digital rights management (DRM). Except for the digital data of music, images and even video, it can achieve effective protection, guarantee the authorized access to the use of digital data, and not Illegal access by a third party to avoid unnecessary loss of digital assets.

綜上所述,本發明確實符合產業利用性,且未於申請前見於刊物或公開使用,亦未為公眾所知悉,且具有非顯而易知性,符合可專利之要件,爰依法提出專利申請。 To sum up, the present invention is indeed in line with industrial applicability, and has not been seen in publications or publicly used before the application, and has not been known to the public, and is non-obvious and easy to know, and meets the requirements of patentability. A patent application is filed in accordance with the law. .

惟上述所陳,為本發明產業上一較佳實施例,舉凡依本發明申請專利範圍所作之均等變化,皆屬本案訴求標的之範疇。 However, the foregoing is a preferred embodiment in the industry of the invention, and all the equivalent changes made in accordance with the scope of the patent application of the invention belong to the scope of the claims of this case.

Claims (10)

一種數位資料記憶卡加密之方法,係於一記憶卡內設置一記憶體,而該記憶體本身設置有一配合讀取器之讀取控制端(Controller)以及一保護區(Protection Area)外,另外分割為一硬碟分割表區(Partition Table Area)以及一檔案區(File Area),並以應用程式介面(API,Application Programming Interface),選擇其一區,寫入一受保護儲存裝置識別碼(PSID,Portable Storage ID),而當記憶卡內之檔案區(File Area)載有權利物件(Right Object)時,對於各種讀取器讀取時,可以利用該受保護儲存裝置識別碼(PSID)為辨識讀取之加密機制,增加記憶卡數位資料的保護管理機制(DRM,Digital Rights Management)之安全性,且該應用程式介面寫入該受保護儲存裝置識別碼(PSID)前,該應用程式介面給予該讀取控制端透過加解密邏輯完成之密鑰指令,該讀取控制端先行對該密鑰指令進行解密,並將結果傳送至該應用程式介面。 A method for encrypting a digital data memory card is to install a memory in a memory card, and the memory itself is provided with a reading control terminal (Controller) and a protection area (Protection Area) that cooperate with the reader, and Divide it into a partition table area (Partition Table Area) and a file area (File Area), and use the API (Application Programming Interface) to select one area and write a protected storage device identification code ( PSID, Portable Storage ID), and when the file area (File Area) in the memory card contains the right object (Right Object), the protected storage device identification code (PSID) can be used when reading by various readers In order to identify and read the encryption mechanism, increase the security of the digital data protection management mechanism (DRM, Digital Rights Management) of the memory card, and the application program interface writes the protected storage device identification code (PSID) before the application The interface gives the read control terminal a key command completed through encryption and decryption logic, and the read control terminal first decrypts the key command and sends the result to the application program interface. 如申請專利範圍第1項所述之數位資料記憶卡加密之方法,其特徵在於該記憶體為一種選自於快閃記憶體(FLASH)、電性可擦除式唯讀記憶體EEPROM((Electrically Erasable Programmable Read-Only Memory)。 The method for encrypting a digital data memory card as described in item 1 of the scope of the patent application is characterized in that the memory is selected from flash memory (FLASH), electrically erasable read-only memory EEPROM (( Electrically Erasable Programmable Read-Only Memory). 如申請專利範圍第1項所述之數位資料記憶卡加密之方法,該應用程式介面(API)係使用該讀取控制端(Controller)置入該記憶體之保護區。 For example, in the method for encrypting a digital data memory card described in item 1 of the scope of patent application, the application programming interface (API) uses the read control terminal (Controller) to be placed in the protected area of the memory. 如申請專利範圍第1項所述之數位資料記憶卡加密之方法,該應用程式介面(API)係使用微軟視窗作業系統(Windows)置入該硬碟分割表區。 Such as the method for encrypting a digital data memory card described in item 1 of the scope of patent application, the application programming interface (API) is built into the hard disk partition table area using the Microsoft Windows operating system (Windows). 如申請專利範圍第1項所述之數位資料記憶卡加密之方法,該應用程式介面(API)係使用微軟視窗作業系統(Windows)置入該記憶體之檔案區。 For example, in the method for encrypting a digital data memory card described in item 1 of the scope of patent application, the application programming interface (API) is built into the file area of the memory using the Microsoft Windows operating system (Windows). 如申請專利範圍第1項所述之數位資料記憶卡加密之方法,其特徵在於該記憶卡為PSD(Personal Storage Disc)一體成型。 The method for encrypting a digital data memory card as described in item 1 of the scope of patent application is characterized in that the memory card is integrally formed with PSD (Personal Storage Disc). 一種數位資料記憶卡加密之構造,該記憶卡包括一記憶體,而該記憶體設置: A structure for encrypting a digital data memory card, the memory card includes a memory, and the memory is set: 一讀取控制端(Controller): A read control terminal (Controller): 一保護區(Protection Area): A protection area (Protection Area): 一硬碟分割表區(Partition Table Area),以及一檔案區(File Area);以應用程式介面(API,Application Programming Interface),於前開各區選擇其一,寫入一受保護儲存裝置識別碼(PSID,Portable Storage ID),且該應用程式介面寫入該受保護儲存裝置識別碼前,該應用程式介面給予該讀取控制端一透過加解密邏輯完成之密鑰指令,該讀取控制端先行對該密鑰指令進行解密,並將結果傳送至該應用程式介面。 A hard disk partition table area (Partition Table Area), and a file area (File Area); use the API (Application Programming Interface), open each area to select one of them, and write a protected storage device identification code (PSID, Portable Storage ID), and before the application program interface writes the protected storage device identification code, the application program interface gives the read control terminal a key command completed through encryption and decryption logic, and the read control terminal Decrypt the key command first, and send the result to the application program interface. 如申請專利範圍第7項所述之數位資料記憶卡加密之構造,其特徵在於該記憶體為一種選自於快閃記憶體(FLASH)、電性可擦除式唯讀記憶體EEPROM((Electrically Erasable Programmable Read-Only Memory)。 As described in item 7 of the scope of patent application, the encryption structure of a digital data memory card is characterized in that the memory is selected from flash memory (FLASH), electrically erasable read-only memory EEPROM (( Electrically Erasable Programmable Read-Only Memory). 如申請專利範圍第7項所述之數位資料記憶卡加密之構造,其特徵在於該記憶卡為PSD(Personal Storage Disc)一體成型。 The encryption structure of the digital data memory card described in item 7 of the scope of patent application is characterized in that the memory card is integrally formed with PSD (Personal Storage Disc). 如申請專利範圍第7項所述之數位資料記憶卡加密之構造,其特徵在於該記憶卡之讀取控制端(Controller)與該應用程式介面(API,Application Programming Interface)間之加解密邏輯為公共鑰匙設施(PKI Public Key Infrastructure)作為加密系統伺服器與解密程式間之加解密邏輯。 For example, the digital data memory card encryption structure described in item 7 of the scope of patent application is characterized in that the encryption and decryption logic between the read control terminal (Controller) of the memory card and the application programming interface (API, Application Programming Interface) is Public Key Infrastructure (PKI Public Key Infrastructure) serves as the encryption and decryption logic between the encryption system server and the decryption program.
TW108139105A 2019-10-29 2019-10-29 Structure and method of digital data memory card encryption TWI820242B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW108139105A TWI820242B (en) 2019-10-29 2019-10-29 Structure and method of digital data memory card encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108139105A TWI820242B (en) 2019-10-29 2019-10-29 Structure and method of digital data memory card encryption

Publications (2)

Publication Number Publication Date
TW202117571A true TW202117571A (en) 2021-05-01
TWI820242B TWI820242B (en) 2023-11-01

Family

ID=77020785

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108139105A TWI820242B (en) 2019-10-29 2019-10-29 Structure and method of digital data memory card encryption

Country Status (1)

Country Link
TW (1) TWI820242B (en)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020157011A1 (en) * 2001-04-20 2002-10-24 Thomas Iii Fred C. Method and apparatus for secure transmission of identifier for removable storage media
EP1507261B1 (en) * 2001-08-08 2016-07-20 Panasonic Intellectual Property Management Co., Ltd. Copyright protection system, recording device, decryption device, and recording medium
US20110271119A1 (en) * 2010-04-30 2011-11-03 Gsimedia Corporation Secure Data Storage and Transfer for Portable Data Storage Devices

Also Published As

Publication number Publication date
TWI820242B (en) 2023-11-01

Similar Documents

Publication Publication Date Title
CN1331125C (en) System and method for controlling the use and duplication of digital content distributed on removable media
US10592641B2 (en) Encryption method for digital data memory card and assembly for performing the same
US7957535B2 (en) Data storing method, data playback method, data recording device, data playback device, and recording medium
KR101954215B1 (en) Method and apparatus for using non volatile storage device
WO2007013092A1 (en) An electro-mechanical system for non-duplication of video files
KR101558914B1 (en) How multimedia source files generated by the usb otg memory not applied anti-piracy system and to play
JP2005505853A (en) Apparatus and method for reading or writing user data
TWI553473B (en) Secure data storage and transfer for portable data storage devices
TWI820242B (en) Structure and method of digital data memory card encryption
WO2021087710A1 (en) Structure and method for digital data memory card encryption
US8397303B2 (en) Memory controller, nonvolatile storage system, and data management method
Poonia Data wiping and anti forensic techniques
KR101270712B1 (en) A method for protecting digital content by encrypting and decrypting a memory card
TWI448134B (en) A method for reading a portable data storage device for a playback platform
TW200903340A (en) Structure and method for encrypting digital data memory card
Staring et al. Protected data storage system for optical discs
WO2009152639A1 (en) Method for play platform reading portable data storage device
TW200809503A (en) Apparatus and method for digital content protection and universally play using hidden data area
Kabachinski DRM: Tales from the Crypt (ography)
WO2007013090A1 (en) An electro - mechanical system for non - duplication of audio files