WO2007077400A2 - Distribution et gravure de donnees numeriques - Google Patents
Distribution et gravure de donnees numeriques Download PDFInfo
- Publication number
- WO2007077400A2 WO2007077400A2 PCT/FR2007/000021 FR2007000021W WO2007077400A2 WO 2007077400 A2 WO2007077400 A2 WO 2007077400A2 FR 2007000021 W FR2007000021 W FR 2007000021W WO 2007077400 A2 WO2007077400 A2 WO 2007077400A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- encryption key
- digital data
- identifier
- disk
- secure
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000005530 etching Methods 0.000 claims description 5
- 238000007620 mathematical function Methods 0.000 claims description 3
- 238000007726 management method Methods 0.000 claims 2
- 238000002716 delivery method Methods 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 2
- YSCNMFDFYJUPEF-OWOJBTEDSA-N 4,4'-diisothiocyano-trans-stilbene-2,2'-disulfonic acid Chemical compound OS(=O)(=O)C1=CC(N=C=S)=CC=C1\C=C\C1=CC=C(N=C=S)C=C1S(O)(=O)=O YSCNMFDFYJUPEF-OWOJBTEDSA-N 0.000 description 1
- 241001025261 Neoraja caerulea Species 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00094—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures which result in a restriction to authorised record carriers
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/00217—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source
- G11B20/00224—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is obtained from a remote server
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/00217—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source
- G11B20/00253—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is stored on the record carrier
- G11B20/00297—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is stored on the record carrier the key being stored in a management area, e.g. the video manager [VMG] of a DVD
- G11B20/00304—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is stored on the record carrier the key being stored in a management area, e.g. the video manager [VMG] of a DVD the key being stored in the lead-in area [LIA]
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/0042—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the copy protection scheme being related to a specific access protection standard
- G11B20/00449—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the copy protection scheme being related to a specific access protection standard content scrambling system [CSS]
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/00485—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier
- G11B20/00492—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0071—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a purchase action
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00855—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00971—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving measures for monitoring the industrial media production and distribution channels, e.g. for controlling content providers or the official manufacturers or replicators of recording media
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/10—Digital recording or reproducing
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B7/00—Recording or reproducing by optical means, e.g. recording using a thermal beam of optical radiation by modifying optical properties or the physical structure, reproducing using an optical beam at lower power by sensing optical properties; Record carriers therefor
- G11B7/004—Recording, reproducing or erasing methods; Read, write or erase circuits therefor
- G11B7/0045—Recording
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
- H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25808—Management of client data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/266—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
- H04N21/26613—Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/47—End-user applications
- H04N21/472—End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content
- H04N21/47202—End-user interface for requesting content, additional data or services; End-user interface for interacting with content, e.g. for content reservation or setting reminders, for requesting event notification, for manipulating displayed content for requesting content on demand, e.g. video on demand
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/631—Multimode Transmission, e.g. transmitting basic layers and enhancement layers of the content over different transmission paths or transmitting with different error corrections, different keys or with different transmission protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/63—Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
- H04N21/637—Control signals issued by the client directed to the server or network components
- H04N21/6377—Control signals issued by the client directed to the server or network components directed to server
- H04N21/63775—Control signals issued by the client directed to the server or network components directed to server for uploading keys, e.g. for a client to communicate its public key to the server
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/60—Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client
- H04N21/65—Transmission of management data between client and server
- H04N21/658—Transmission by the client directed to the server
- H04N21/6581—Reference data, e.g. a movie identifier for ordering a movie or a product identifier in a home shopping application
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
- H04N21/835—Generation of protective data, e.g. certificates
- H04N21/8352—Generation of protective data, e.g. certificates involving content or source identification data, e.g. Unique Material Identifier [UMID]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N5/00—Details of television systems
- H04N5/76—Television signal recording
- H04N5/91—Television signal processing therefor
- H04N5/913—Television signal processing therefor for scrambling ; for copy protection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N5/00—Details of television systems
- H04N5/76—Television signal recording
- H04N5/91—Television signal processing therefor
- H04N5/913—Television signal processing therefor for scrambling ; for copy protection
- H04N2005/91357—Television signal processing therefor for scrambling ; for copy protection by modifying the video signal
- H04N2005/91364—Television signal processing therefor for scrambling ; for copy protection by modifying the video signal the video signal being scrambled
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N5/00—Details of television systems
- H04N5/76—Television signal recording
- H04N5/84—Television signal recording using optical recording
- H04N5/85—Television signal recording using optical recording on discs or drums
Definitions
- the invention relates generally to a method of burning on a secure disk digital data representative of multimedia content from a remote server.
- the invention also relates to a method of distribution and to a method for providing digital data representative of multimedia content intended to be burned on a secure disk.
- the invention further relates to a data provisioning server.
- this method of burning requires the use of a particular burner.
- this particular burner requires significant securing means since it contains a scrambling module of digital data. As a result, the use of this burner is expensive.
- the object of the invention is to provide a cheaper etching method in which a commercially available burner can be used to burn downloaded multimedia content.
- the subject of the invention is a method of burning digital data originating from a remote content server, the digital data being etched on a secure disk by a client device, characterized in that it comprises the steps following performed by the client device:
- identifier being associated with a first encryption key and the secure disk on which the digital data are to be etched, said identifier being specific to this secure disk and different from the identifiers associated with other secure disks;
- the engraving method comprises one or more of the following characteristics:
- the identifier is printed legibly by a user on one side of the secure disk or on a document attached to the secure disk, and in that the step of collecting includes a step of inputting the identifier by the user since the client device;
- the identifier of the secure disk, the download command, the scrambled digital data and the or each second encrypted encryption key are transmitted only during the establishment of a secure link;
- the first encryption key is a disk key and the or each second encryption key is a title key in the sense of the CSS protection protocol;
- the first encryption key is independent of the identifier in that it can not be derived from a mathematical function applied to the identifier.
- the invention also relates to a method of providing digital data by a remote content server to at least one client device via a distribution network, the digital data being intended to be etched on a disk secured by the client device, characterized in that it comprises the following steps performed by the content server: receiving from the client device an identifier and a command for downloading the digital data, said identifier being associated with a first encryption key and the secure disk on which the digital data are intended to be engraved, said identifier being specific to this secure disk and different from the identifiers associated with other secure disks;
- the step of acquiring the first encryption key comprises the following steps:
- the subject of the invention is a content provider server capable of providing digital data to at least one client device via a distribution network, the digital data being intended to be etched on a secure disk, characterized in that it comprises:
- a network interface for receiving an identifier and a command for downloading digital data transmitted by the client device, said identifier being associated with a first encryption key and the secure disk on which the digital data is intended to be etched, said identifier being specific to this secure disk and different identifiers associated with other secure disks;
- a random number generator capable of generating at least one second encryption key
- the network interface being able to transmit to the client device the scrambled digital data using the second encryption key or keys and the second encryption key or keys encrypted using the first encryption key.
- the subject of the invention is also a method of distributing digital data by a remote content server to at least one client device via a distribution network, the digital data being intended to be etched on a network.
- secure disk characterized in that it comprises the following steps:
- FIG. 1 is a diagram in the form of a functional block of the system enabling the methods according to the invention to be implemented.
- FIG. 2 is a diagram illustrating the steps of the methods according to the invention.
- FIG. 1 The system 2 allowing the implementation of the methods according to the invention is illustrated schematically in FIG.
- This system 2 comprises a trusted authority 4, a manufacturer of DVD disks 6 and a server 8 DK key manager, each adapted to exchange data through a distribution network 7, such as for example the Internet.
- the trusted authority 4 is able to encrypt a DK disk key received from the DVD manufacturer 6 by master keys MK specific to each DVD manufacturer to generate a set of secure disk keys SDKs corresponding to the encryption of the key DK disk.
- the DVD maker 6 includes a random number generator 9 and a network interface 10.
- the generator 9 is able to generate DID identifiers so that a unique identifier DID is associated with each DVD produced by the manufacturer of DVD 6.
- the generator 9 is also able to generate DK keys so that each DID identifier corresponds to a unique disk key DK associated with this identifier DID and the corresponding DVD.
- DIDs and thus several DVDs
- DK the probability that a user buys two DVDs with the same associated disk keys during a given period of time (eg, one month) is low and the probability that two users in the same geographic area will acquire DVDs with the same associated DK disk key is also low. For example, a probability of less than 1% can be considered low. This reduces the costs of the system while maintaining a high level of security.
- the disk keys DK are independent of the identifiers DID with which they are associated so that it is impossible to deduce a disk key DK by applying a particular function to the identifier DID.
- the disk keys can not be derived from a mathematical function applied to the identifier DID.
- the DVD maker 6 is adapted to establish a secure link commonly called SAC (Secure Authenticated Channel) with the trusted authority 4 and the disk key manager server 8.
- SAC Secure Authenticated Channel
- the protocol for establishing a secure link is for example a standard protocol such as the SSL protocol of the English “Secure Socket Layer” or a proprietary protocol such as the protocol described in the specifications of the trademark protection system. "Smart Right", this protocol also being described in US Patent Application No. 10/978162 filed October 29, 2004.
- the manufacturer of DVD 6 is able to transmit to the server managing keys 8 discs couples each comprising a DID identifier and a disk key DK associated with this identifier DID through a secure connection SAC.
- the manufacturer of DVD 6 is able to burn to a starting area 11 of a DVD disc 12, the set of secured disk keys SDKs received from the trusted authority 4 in response to the sending of the disk key DK.
- the DVD manufacturer 6 is adapted to print on a 14 of the faces of the DVD disc 12 in a manner readable by a human user, the identifier DID associated with the encrypted disk key DK to obtain all the secured disk keys SDKs etched on this DVD 12 disc.
- a data area 15 of the DVD disk 12 is blank and can be burned by a user's burner, as explained hereinafter.
- the disk key management server 8 comprises a processor 17 connected to a database 18 and to a network interface 20.
- the processor 17 is able to generate and complete the database 18 with pairs each comprising a DID identifier and a disk key DK associated with this identifier, transmitted by the DVD manufacturer 6.
- the processor 17 is able to search the database 18 for the disk key DK associated with a identifier DID in a given pair.
- the processor 17 is adapted to send an alarm to the trusted authority 4 and not to transmit the disk key DK, when it receives a DID identifier that it has already received during a previous request to identify a problem of piracy.
- the database 18 comprises a correspondence table between the identifiers DID and the keys DK disks associated with these identifiers DID.
- the key management server 8 is secured to ensure the confidentiality, availability and integrity of its database 18.
- the system 2 further comprises a client device 22 and a content provider server 24.
- the client device 22 is generally disposed of in a user who wishes to access multimedia content via the Internet network 7. It may be a computer or a digital decoder or "set top box" in English.
- the client device 22 comprises a network interface 30 for receiving digital data streams from the Internet, by downloading in real time ("streaming" in English), that is to say by accessing the content as and when the loading, or by downloading (“downloading” in English) that is to say by accessing the content after the download.
- the client device 22 also preferably contains means for establishing a payment protocol with a financial intermediary or directly with the content provider server 24.
- the payment protocols of the micro payment type, that is to say dedicated to payments of small amounts, or macro payment type, for higher amounts are well known to those skilled in the art and will not be described further.
- the content provider server 24 comprises a database 32 storing digital data representing multimedia contents in a compressed form and a data processor 34 capable of searching a controlled multimedia content in the database 32 from a designation or from an ICM reference of it.
- the content provider server 24 also comprises a random number generator 36 capable of generating TK title keys, a module 38 for encrypting the TK title keys and a scrambling module 40 for the multimedia contents using the TK title keys all two connected to the generator 36.
- the scrambling of the data is preferably carried out according to the DVB CSS (Digital Video Broadcasting Content Scrambling) standard, which literally means “Videodigital Content Scrambling Broadcasting”.
- DVB CSS Digital Video Broadcasting Content Scrambling
- the server further comprises a network interface 42 connected to the processor 34, to the encryption module 38 and to the scrambling module 40.
- the data exchanges between the trusted authority 4, the DVD maker 6, the disk key management server 8, the client device 22 and the content provider server 24 are established only in the presence of a secure link SAC.
- FIG. 3 The steps of the methods according to the invention are illustrated in FIG. 3 by five axes of the time t and by arrows illustrating the exchanges between the trusted authority 4, the DVD manufacturer 6, the key management server. disks 8, the client device 22 and the content provider server 24 as well as the processing performed by these devices.
- the DVD maker 6 In a step 50, the DVD maker 6 generates a disk key DK and a DID associated with the disk key DK to produce a secure DVD disk 12.
- the DVD manufacturer 6 transmits the disk key DK to the trusted authority 4 through a secure link SAC.
- the trusted authority 4 encrypts the received disk key DK by the set of master keys MK of each manufacturer of DVD players to generate a set of secure disk keys SDKs.
- the trusted authority 4 transmits all the secured disk keys thus obtained SDKs to the DVD manufacturer 6.
- the DVD manufacturer 6 transmits the disk key DK and the identifier DID associated with this disk key DK to the disk key management server 8.
- the processor 17 of the managing server stores in the database 18 the disk key DK and the identifier DID so that they are directly connected to allow the recovery of the disk key DK when receiving the DID.
- the DVD manufacturer 6 engraves all the secured disk keys SDKs on the departure zone 11 of the DVD 12 disc and prints the identifier DID on the face 14 of this DVD 12 disc.
- the DVD 12 disc thus pre-printed is distributed and sold commercially as a secure content recording medium.
- a user who has purchased the secure DVD disk 12 wishes to record therein multimedia content downloaded from a content provider server 24, the user selects, via the interface 26 of the client device, a video sequence, for example a particular film or program that it wishes to burn on the DVD disc 12.
- a step 72 the user constructs via the interface 26, a video content control message that it sends to the address of the content provider server 24.
- This control message contains a ICM reference of the requested video sequence, a payment order and the DID identifier printed on the DVD disc 12.
- the control message thus constructed is sent to the content provider server 24.
- the content provider server 24 transmits the identifier DID to the management server 8.
- the processor 17 of the managing server searches for the disk key DK associated with the identifier DID received from the content provider server 24.
- the disk key management server 8 transmits the disk key DK to the content provider server 24.
- the processor 34 searches the database 32 for the video sequence controlled by the user using the reference ICM thereof.
- the random number generator 36 generates title keys TK which it transmits to the encryption module 38 and the scrambling module 40.
- the scrambling module 40 scrambles the video sequence from the database 32 by means of the title keys TK received from the generator 36.
- the encryption module 38 encrypts the title keys TK from the disk key DK received from the disk key management server 8.
- the content provider server 24 transmits the scrambled content using the ETK title keys (content) and the title keys encrypted by the EDK disk key (TK) to the client device 22.
- the client device 22 receives the data transmitted by the content server, transmits it to the burner 28 which burns its data on the data area 15 of the DVD disk 12.
- the identifier DID is pre-recorded on an area of the blank DVD disk, for example in the form of an eight-bit number.
- the identifier DID is printed in the form of a barcode readable by a barcode reader of the client device.
- the identifier DID is printed on a document (label, jacket, etc.) associated with the DVD disc during its sale.
- the identifier DID is transmitted directly by the client device 22 to the disk key management server 8 and does not pass through the content provider server 24.
- the disk key management server 8 transmits the associated disk key DK to this DID identifier at the content provider server 24.
- the database 18 containing the pairs of identifiers DID / key disks DK is managed and contained in the content provider server 24.
- each identifier DID is supported by each disk, that is to say it is necessarily engraved or printed on the disk. This embodiment is safer because it avoids fraud by theft of the document associated with the disk.
- the identifier DID is generated by the trusted authority 4 rather than by the DVD maker 6.
- the trusted authority 4 has no financial connection with the DVD maker, the writer or the provider server of multimedia content, this variant ensures that a single disk key DK corresponds to a unique identifier DID.
- the DVD disc 12 is of the DVD-R / RW type
- the disk key DK is a root key Vidi (in English "Vidi root key")
- the set of secure disk keys SDKs is a block of keys d 'enabling key block'
- the manufacturer is authorizing Vidi (in English "Vidi Licensor")
- the trusted authority is the root key manager Vidi (in English "Vidi Root Key Manager") and finally the method of formatting the scrambled content is replaced by the Vidi formatting method.
- DVD disc is DVD-R, DVD-RW, DVD + R, DVD + RW or DVD-RAM.
- DVD disc thus obtained is protected by a standard protection format (for example CSS or Vidi) and can thus be read by all legal DVD players.
- secure DVD discs can be burned to any existing DVD burner.
- secure DVD discs engraved according to the method described above are resistant to bit-by-bit copying.
- the disk key is not transmitted from the client device to the content provider server which ensures greater security of the system.
- the protection of the encryption keys DK, TK is managed in a professional environment rather than by a client device.
- the client device and the writer do not have embedded encryption keys so that this solution is more secure than existing solutions.
- this invention can be implemented on existing video devices with minor modifications to obtain a secure etched DVD disc.
- the key disk manager ensures the diversification of keys by managing its database which makes it possible to control dishonest DVD manufacturers.
- the multimedia contents are delivered to the client device in a secure manner.
- the content provider server is independent of the representative of the protection format of the DVD disc.
- blank pre-burned DVD discs can also be used as standard DVD discs that can be burned normally without data security.
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Databases & Information Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Human Computer Interaction (AREA)
- Computer Graphics (AREA)
- Storage Device Security (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
- Information Transfer Between Computers (AREA)
- Television Signal Processing For Recording (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP07717702A EP1969597A2 (fr) | 2006-01-06 | 2007-01-08 | Methode de mise a disposition, de distribution et de gravure de donnees numeriques et serveur de distribution associe |
JP2008549044A JP2009522678A (ja) | 2006-01-06 | 2007-01-08 | デジタルデータを提供、配信及び記録する方法並びに関連する配信サーバ |
US12/087,404 US20090070584A1 (en) | 2006-01-06 | 2007-01-08 | Method for Providing, Distributing and Engraving Digital Data and Associated Distribution Server |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0600135 | 2006-01-06 | ||
FR0600135A FR2896076A1 (fr) | 2006-01-06 | 2006-01-06 | Methode de mise a disposition, de distribution et de gravure donnees numeriques et serveur de distribution associe. |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2007077400A2 true WO2007077400A2 (fr) | 2007-07-12 |
WO2007077400A3 WO2007077400A3 (fr) | 2007-09-07 |
Family
ID=37076013
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR2007/000021 WO2007077400A2 (fr) | 2006-01-06 | 2007-01-08 | Distribution et gravure de donnees numeriques |
Country Status (7)
Country | Link |
---|---|
US (1) | US20090070584A1 (fr) |
EP (1) | EP1969597A2 (fr) |
JP (1) | JP2009522678A (fr) |
KR (1) | KR20080083133A (fr) |
CN (1) | CN101366088A (fr) |
FR (1) | FR2896076A1 (fr) |
WO (1) | WO2007077400A2 (fr) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2009193623A (ja) * | 2008-02-13 | 2009-08-27 | Toshiba Corp | 記録装置、再生装置、記録プログラム及び再生プログラム |
JP2011509496A (ja) * | 2008-01-09 | 2011-03-24 | サムスン エレクトロニクス カンパニー リミテッド | コンテンツ記録方法、タイトルキー提供方法、コンテンツ記録装置及びコンテンツ提供サーバ |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7965844B2 (en) * | 2007-03-20 | 2011-06-21 | International Business Machines Corporation | System and method for processing user data in an encryption pipeline |
US9197407B2 (en) * | 2011-07-19 | 2015-11-24 | Cyberlink Corp. | Method and system for providing secret-less application framework |
EP3375165B1 (fr) * | 2015-11-13 | 2023-06-14 | Samsung Electronics Co., Ltd. | Procédé et appareil de téléchargement de profil sur une carte de circuit intégré universelle incorporée de terminal |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0802527A1 (fr) * | 1995-10-09 | 1997-10-22 | Matsushita Electric Industrial Co., Ltd. | Disque optique, enregistreur optique, dispositif optique de reproduction, systeme crypte de communications et systeme d'autorisations associe |
US20050154682A1 (en) * | 2003-11-14 | 2005-07-14 | Sonic Solutions | Secure transfer of content to writable media |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH11177924A (ja) * | 1997-12-10 | 1999-07-02 | Sony Corp | 信号再生装置、信号記録装置、信号記録システム、信号再生方法、並びに、信号記録方法 |
US6865550B1 (en) * | 2000-02-03 | 2005-03-08 | Eastman Kodak Company | System for secure distribution and playback of digital data |
US20050154982A1 (en) * | 2004-01-13 | 2005-07-14 | International Business Machines Corporation | Apparatus, system and method of importing cascading style sheets to macromedia flash |
US20070198855A1 (en) * | 2004-06-07 | 2007-08-23 | Pioneer Corporation, Tokorozawa Works | Information Recording Media, Information Recording Device And Method, Information Distribution Device And Method, And Computer Program |
US20070143594A1 (en) * | 2005-12-20 | 2007-06-21 | Yan-Mei Yang-Talpin | Method for distributing digital data and burning them on a DVD, client device and remote server associated |
-
2006
- 2006-01-06 FR FR0600135A patent/FR2896076A1/fr active Pending
-
2007
- 2007-01-08 EP EP07717702A patent/EP1969597A2/fr not_active Withdrawn
- 2007-01-08 JP JP2008549044A patent/JP2009522678A/ja active Pending
- 2007-01-08 WO PCT/FR2007/000021 patent/WO2007077400A2/fr active Application Filing
- 2007-01-08 CN CNA2007800019222A patent/CN101366088A/zh active Pending
- 2007-01-08 KR KR1020087016383A patent/KR20080083133A/ko not_active Application Discontinuation
- 2007-01-08 US US12/087,404 patent/US20090070584A1/en not_active Abandoned
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0802527A1 (fr) * | 1995-10-09 | 1997-10-22 | Matsushita Electric Industrial Co., Ltd. | Disque optique, enregistreur optique, dispositif optique de reproduction, systeme crypte de communications et systeme d'autorisations associe |
US20050154682A1 (en) * | 2003-11-14 | 2005-07-14 | Sonic Solutions | Secure transfer of content to writable media |
Non-Patent Citations (1)
Title |
---|
INTEL CONRPORATION ET AL: "Content Protection for Recordable Media Specification - Network Download Book, Revision 0.90" 5 août 2004 (2004-08-05), 4C ENTITY , XP002379489 pages 3.1-3.5 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2011509496A (ja) * | 2008-01-09 | 2011-03-24 | サムスン エレクトロニクス カンパニー リミテッド | コンテンツ記録方法、タイトルキー提供方法、コンテンツ記録装置及びコンテンツ提供サーバ |
JP2009193623A (ja) * | 2008-02-13 | 2009-08-27 | Toshiba Corp | 記録装置、再生装置、記録プログラム及び再生プログラム |
Also Published As
Publication number | Publication date |
---|---|
CN101366088A (zh) | 2009-02-11 |
KR20080083133A (ko) | 2008-09-16 |
WO2007077400A3 (fr) | 2007-09-07 |
US20090070584A1 (en) | 2009-03-12 |
EP1969597A2 (fr) | 2008-09-17 |
JP2009522678A (ja) | 2009-06-11 |
FR2896076A1 (fr) | 2007-07-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1645100B1 (fr) | Méthode de création et d'administration d'un réseau local | |
EP1305948B1 (fr) | Methode de distribution securisee de donnees numeriques representatives d'un contenu multimedia | |
US7499550B2 (en) | System and method for protecting a title key in a secure distribution system for recordable media content | |
US6385596B1 (en) | Secure online music distribution system | |
Jonker et al. | Digital rights management in consumer electronics products | |
US20080071617A1 (en) | Apparatus and methods for validating media | |
US8762708B2 (en) | Secure content distribution system | |
ES2673645T3 (es) | Un procedimiento y sistema para la distribución sintonizable de contenido | |
AU783094B2 (en) | Controlled distributing of digital information, in particular audio | |
WO2007045756A2 (fr) | Gravure et distribution securisee de donnees numeriques | |
JP2007060066A (ja) | コンテンツデータ配信方法、並びにコンテンツデータ配信システム及びこれに用いられる携帯端末。 | |
WO2007077400A2 (fr) | Distribution et gravure de donnees numeriques | |
FR2762417A1 (fr) | Procede de controle de l'execution d'un produit logiciel | |
US20030233563A1 (en) | Method and system for securely transmitting and distributing information and for producing a physical instantiation of the transmitted information in an intermediate, information-storage medium | |
JP3556891B2 (ja) | デジタルデータ不正使用防止システム及び再生装置 | |
EP1979904A2 (fr) | Methode de gravure et de distribution de donnees numeriques et dispositif associe | |
KR20010069723A (ko) | 암호화된 디지털 컨텐츠를 포함하는 디지털 기록매체와이의 배포방법, 그리고 이를 이용한 디지털 기록매체 제작시스템 | |
JP4017150B2 (ja) | コンテンツ配信装置 | |
EP2810203B1 (fr) | Procédé et système de mise a disposition d'au moins un objet numérique sur un gestionnaire de bibliotheque numérique | |
JP4712369B2 (ja) | コンテンツ配信方法 | |
EP1930895A1 (fr) | Enregistrement de contenu protégé par CSS sur disques DVD | |
ODISC et al. | Willem Jonker and Jean-Paul Linnartz | |
JP2004260865A (ja) | コンテンツデータのスクランブル及びデスクランブル方法、コンテンツ販売システムのホスト装置、販売元端末装置及び販売先端末装置 | |
FR2832575A1 (fr) | Procede de transaction securisee sur un reseau de communication | |
KR20060065210A (ko) | 멀티미디어데이터 이용을 위한 암호화/복호화 모듈 방법 및 통합관리 프로그램 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2007717702 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 3426/CHENP/2008 Country of ref document: IN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12087404 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2008549044 Country of ref document: JP Ref document number: 200780001922.2 Country of ref document: CN Ref document number: 1020087016383 Country of ref document: KR |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWP | Wipo information: published in national office |
Ref document number: 2007717702 Country of ref document: EP |