WO2009048304A2 - Smart card with flash memory and memory reader of smart card and drm method using that - Google Patents

Smart card with flash memory and memory reader of smart card and drm method using that Download PDF

Info

Publication number
WO2009048304A2
WO2009048304A2 PCT/KR2008/005989 KR2008005989W WO2009048304A2 WO 2009048304 A2 WO2009048304 A2 WO 2009048304A2 KR 2008005989 W KR2008005989 W KR 2008005989W WO 2009048304 A2 WO2009048304 A2 WO 2009048304A2
Authority
WO
WIPO (PCT)
Prior art keywords
bad
reader
card
information
flash memory
Prior art date
Application number
PCT/KR2008/005989
Other languages
French (fr)
Other versions
WO2009048304A3 (en
Inventor
Young Sun Cho
One Hyoung Seo
Original Assignee
Slim Disc Corp.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Slim Disc Corp. filed Critical Slim Disc Corp.
Publication of WO2009048304A2 publication Critical patent/WO2009048304A2/en
Publication of WO2009048304A3 publication Critical patent/WO2009048304A3/en

Links

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B42BOOKBINDING; ALBUMS; FILES; SPECIAL PRINTED MATTER
    • B42DBOOKS; BOOK COVERS; LOOSE LEAVES; PRINTED MATTER CHARACTERISED BY IDENTIFICATION OR SECURITY FEATURES; PRINTED MATTER OF SPECIAL FORMAT OR STYLE NOT OTHERWISE PROVIDED FOR; DEVICES FOR USE THEREWITH AND NOT OTHERWISE PROVIDED FOR; MOVABLE-STRIP WRITING OR READING APPARATUS
    • B42D25/00Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/077Constructional details, e.g. mounting of circuits in the carrier
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B42BOOKBINDING; ALBUMS; FILES; SPECIAL PRINTED MATTER
    • B42DBOOKS; BOOK COVERS; LOOSE LEAVES; PRINTED MATTER CHARACTERISED BY IDENTIFICATION OR SECURITY FEATURES; PRINTED MATTER OF SPECIAL FORMAT OR STYLE NOT OTHERWISE PROVIDED FOR; DEVICES FOR USE THEREWITH AND NOT OTHERWISE PROVIDED FOR; MOVABLE-STRIP WRITING OR READING APPARATUS
    • B42D25/00Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
    • B42D25/30Identification or security features, e.g. for preventing forgery
    • B42D25/305Associated digital information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/072Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips the record carrier comprising a plurality of integrated circuit chips
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Definitions

  • the present invention relates, in general, to a smart card having flash memory, a reader for the smart card, and a Digital Rights Management (DRM) method using the smart card and the reader, and, more particularly, to a smart card having flash memory, a reader capable of either recording digital information in the flash memory included in the smart card, or reading recorded information from the flash memory, a DRM method using an application program that is executed in a personal computer functioning to record or read information while mutually exchanging information with the reader depending on the manipulation of a user, and an electronic commerce method of reading information from the smart card using the reader and connecting information of the smart card to the Internet.
  • DRM Digital Rights Management
  • the present invention relates to a method in which large-capacity flash memory, as well as a smart card Integrated Circuit (IC), is provided in a typically used smart card, so that a smart card can function both as a single credit card and as a medium capable of storing various types of digital information, and so that digital info rmation stored in the flash memory is protected using the unique information of the smart card, and relates to an electronic commerce method in which a reader reads the information from the smart card and connects the read information to the Internet.
  • IC Integrated Circuit
  • a smart card stores therein information about authentication, a credit card, a payment account, etc., thus being used as a transportation card, a credit card, a check card, etc.
  • a smart card may be used for typical banking operations such as account inquiry, account transfer, and bank withdrawals.
  • MP3 player has gradually been becoming diversified and increasing, and the storage capacity of portable devices has also increased to enable the storage of various types of content. For example, when a video capturing function is performed using a digital camera, a larger storage capacity is required to capture video, compared to the capturing of still images.
  • PMP Portable Multimedia Player
  • a structure in which a large-capacity storage space required for such an additional functionality is included in all portable devices may cause problems in that it not only becomes a cause of increasing the costs of devices, but also forces a user who does not need such an additional functionality to purchase the devices after paying unnecessary costs.
  • manufacturing companies which manufacture portable devices such as an MP3 player, a PMP, and a digital camera intend to fix the size of memory provided in each device to a predetermined size, to mount a separate memory card in the device, and to extend the size of the memory at the request of a user.
  • an object of the present invention is to provide a smart card having flash memory in which flash memory is included in an existing smart card and which is configured to provide storage space for digital information as well as the function of the smart card itself, to encrypt information to be protected using the unique information of the smart card (for example, a card serial number), and to store the encrypted information, so that both a smart card function and a memory card function for information protection can be implemented together in a single card, to a reader for the smart card, a digital rights management method using the smart card and the reader, and an electronic commerce method of allowing the reader to read information from the smart card and connect the read information to the Internet.
  • the present invention includes a smart card
  • Chip On Board which is provided in a smart card and is provided with a predetermined Integrated Circuit (IC) chip and eight contact points based on ISO7816 standards, and a flash memory COB which is electrically isolated from the smart card COB, is provided in the smart card, and is provided with a plurality of input/output terminals.
  • IC Integrated Circuit
  • the flash memory is implemented using NAND-type flash memory.
  • a reader to accomplish the above object is configured to have a plurality of electrical contact points so as to exchange information with the smart card COB and the flash memory COB and is connected to a Personal Computer (PC) through a USB.
  • PC Personal Computer
  • the reader is mounted in the PC and is configured to separate information requiring protection and information not requiring protection and to separately record or read the information depending on the manipulation of a user.
  • the reader accesses a server of a credit card company connected thereto via the Internet and is operated in connection with an application program for inquiring whether a credit card incident has occurred and approving or denying the reading of information or in connection with an application program for receiving a password through a USB.
  • the reader decrypts the stored encrypted information into the original information at the time of reading the stored, encrypted information in compliance with the instructions of the application program.
  • the reader may perform the steps of examining unit area-based bad patterns of the flash memory, and determining a bad pattern extraction area; recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; and examining an area corresponding to the area code recorded in the table select code field, and configuring a bad pattern DRM table on the basis of a bad pattern table.
  • DRM Digital Rights Management
  • the reader may perform the steps of extracting physical characteristics of the flash memory; and generating an encryption key using the extracted physical characteristics.
  • the reader may perform the steps of examining unit area-based bad patterns of the flash memory, and determining a bad pattern extraction area; recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; examining an area corresponding to the area code recorded in the table select code field, and configuring a bad pattern DRM table on the basis of a bad pattern table; and recording the digital content in the flash memory by using the bad pattern DRM table as an encryption key.
  • the reader may perform the steps of extracting physical characteristics of the flash memory; generating an encryption key using the physical characteristics; and recording digital content in the flash memory using the generated encryption key.
  • the reader may perform the steps of setting an area in which addresses of bad areas of the memory used are recorded and recording the area in a header data area, in which the characteristics of a memory card are recorded, rather than a data storage space, and of recording the addresses; and extracting encryption feature values by combining the addresses of the bad areas, encrypting original content data using the encryption feature values, and recording the content data in normal areas of memory and not in the bad areas.
  • the reader may perform the steps of marking bad areas of the memory used, at defined locations of corresponding spare areas, as bad areas, and extracting encryption feature values by combining addresses of the bad areas; and encrypting original content data using the encryption feature values and recording the content data in normal areas of the memory and not in the bad areas.
  • the reader may perform the steps of marking bad areas of memory used, at defined locations of corresponding spare areas, as bad areas, and extracting encryption feature values using specific values recorded in the memory; and encrypting original content data using the encryption feature values and recording encrypted content data in normal areas of the memory and not in bad areas.
  • a code value of the bad pattern extraction area is recorded in the table select code field of the card ID, and digital content is recorded by using a 'DRM encryption table configured on the basis of a bad pattern table by examining an area corresponding to the area code recorded in the table select code field' as an encryption key.
  • the reader may perform the steps of examining an area corresponding to an area code recorded in a table select code field of a card ID and configuring a bad pattern DRM table on the basis of a bad pattern table; examining whether patterns having real bad pattern addresses in the bad pattern DRM table are real bad patterns; and playing digital content by using the bad pattern DRM table as a decryption key on the basis of the results of examination.
  • the reader may perform the steps of extracting physical characteristics of the flash memory; generating a decryption key using the extracted physical characteristics; and playing digital content using the generated decryption key.
  • the present invention to accomplish the above object provides a method of playing digital content stored in the flash memory, comprising the reader reading addresses of bad areas from a header data area, and combining the addresses of the bad areas, thus calculating encryption feature values used for encryption of content data; and the reader recovering original content data using the encryption feature values while sequentially reading content data from memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
  • the present invention to accomplish the above object provides a method of playing digital content stored in the flash memory, comprising the reader examining memory, reading addresses of bad areas from the memory, and calculating encryption feature values used for encryption of content data by combining the addresses of the bad areas with each other; and the reader recovering original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform complete duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
  • the present invention to accomplish the above object provides a method of playing digital content stored in the flash memory, comprising the steps of the reader examining memory, reading specific values recorded in the memory, and calculating encryption feature values used for encryption using the specific values; and the reader recovering original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining specific values recorded in the memory used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of the original memory.
  • the present invention to accomplish the above object provides a computer-readable recording medium for recording, in a DRM apparatus having a processor, a program for implementing a function of examining unit area-based bad patters of flash memory and determining a bad pattern extraction area; a function of recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; and a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on the basis of a bad pattern table.
  • the present invention provides a computer-readable recording medium for recording, in a DRM apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory; and a function of generating an encryption key using the extracted physical characteristics.
  • the present invention provides a computer-readable recording medium for recording, in a digital content recording apparatus having a processor, a program for implementing a function of examining unit area-based bad patterns of a memory device constituting flash memory and determining a bad pattern extraction area; a function of recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on the basis of a bad pattern table; and a function of recording content data in the flash memory by using the bad pattern DRM table as an encryption key.
  • the present invention provides a computer-readable recording medium for recording, in a digital content recording apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory; a function of generating an encryption key using the physical characteristics of the flash memory; and a function of recording digital content in the flash memory using the generated encryption key.
  • the present invention provides a computer-readable recording medium for recording, in a digital content play apparatus having a processor, a program for implementing a function of examining an area corresponding to an area code recorded in a table select code field of a card ID and configuring a bad pattern DRM table on the basis of a bad pattern table; a function of examining whether patterns having real bad pattern addresses in the bad pattern DRM table are real bad patterns; and a function of playing digital content by using the bad pattern DRM table as a decryption key on the basis of the results of examination.
  • the present invention provides a computer-readable recording medium for recording, in a digital content play apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory; a function of generating a decryption key using the extracted physical characteristics; and a function of playing digital content using the generated decryption key.
  • the smart card having flash memory, a reader for the smart card, and a digital rights management method using the smart card and the reader according to the present invention are advantageous in that, since flash memory is included in an existing smart card, storage space for digital information, as well as the function of the smart card itself, are provided, and, in addition, information requiring protection is encrypted using the unique information of the smart card and the encrypted information is stored therein, so that smart card and memory card functions for information protection can be provided through a single card, and further in that, since various types of programs and data for banks and persons are stored in the card, a banking function and an entertainment function can be provided, and further in that, since a wireless or mobile c ommunication means is included in the reader, a new personalized financial device function can be implemented simultaneously with the above functions.
  • FIG. 1 is a diagram showing an example of a conventional smart card
  • FIG. 2 is a diagram showing an example of a smart card having flash memory according to an embodiment of the present invention
  • FIG. 3 is a diagram showing the construction of a reader for the smart card having flash memory of FIG. 2;
  • FIG. 4 is a diagram showing the connection of a communication network for inquiry about the occurrence of an incident concerning the smart card of FIG. 2;
  • FIG. 5 is a diagram showing an example of the construction of flash memory used in the present invention.
  • FIG. 6 is a diagram showing an example of the card ID of FIG. 1 ;
  • FIG. 7 is a diagram showing an example of a bad pattern extraction area when all the blocks of flash memory are divided by 2048 blocks, according to an embodiment of the present invention.
  • FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention.
  • FIG. 9 is a diagram showing an example of a 256-byte bad block DRM table generated in the bad block table of area 1 having more than 128 bad blocks according to an embodiment of the present invention.
  • FIG. 10 is a diagram showing an example of the bad block table of area 2 having less than 128 bad blocks according to the present invention.
  • FIG. 11 is a diagram showing another example of a 256-byte bad block DRM table generated by attaching padding data to the bad block table of area 2 of FIG. 10 having 128 or less bad blocks according to an embodiment the present invention
  • FIG. 12 is a flowchart showing an example of a digital content recording method according to an embodiment of the present invention.
  • FIG. 13 is a flowchart showing an example of an authentication process for digital content play according to an embodiment of the present invention.
  • FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention.
  • FIG. 15 is a diagram showing an example of a digital content recording apparatus according to an embodiment of the present invention.
  • FIG. 16 is a diagram showing an example of a digital content play apparatus according to an embodiment of the present invention.
  • FIG. 17 is a diagram showing an example of a key generation apparatus for an asymmetric encryption system to which the present invention is applied. Best Mode for Carrying Out the Invention
  • FIG. 1 is a diagram showing an example of a conventional smart card. As shown in the drawing, a smart card Chip On Board (COB) is provided in the smart card.
  • COB Chip On Board
  • FIG. 2 is a diagram showing a structure in which a flash memory COB is mounted in a space other than the space in which the smart card COB is mounted, in the conventional smart card of FIG. 1.
  • FIG. 2 The structure of FIG. 2 is described in detail.
  • the smart card having flash memory according to the present invention is implemented such that a smart card COB (IC card COB) functioning as a credit card or a transportation card, and a flash memory COB for storing digital information are mounted in a single card.
  • IC card COB smart card COB
  • flash memory COB for storing digital information
  • the smart card COB (IC card COB) is not electrically connected to the flash memory COB.
  • the smart card having flash memory of FIG. 2 according to the present invention when used as a credit card or a transportation card, it is used in the same way as that of an existing smart card. Further, when information is recorded in the flash memory, or when recorded information is read, the smart card can be used to connect to or be inserted into a dedicated reader according to the present invention. That is, the smart card includes the smart card COB, which is provided therein and is provided with a predetermined IC chip and eight contact points based on ISO7816 standards, and a flash memory COB, which is electrically isolated from the smart card COB, is provided in the smart card and is provided with a plurality of input/output terminals.
  • the smart card COB which is provided therein and is provided with a predetermined IC chip and eight contact points based on ISO7816 standards
  • a flash memory COB which is electrically isolated from the smart card COB, is provided in the smart card and is provided with a plurality of input/output terminals.
  • the size of a credit card is 85.5 mm x 54 mm
  • a region of the credit card ranging from the bottom to a position 24 mm above the bottom is defined as an area in which a card number, the term of validity and a name are embossed
  • a region of the credit card ranging from the top to a position 15.3 mm below the top is defined as an allowable region of 3-track magnetic encoding.
  • a space for accommodating the flash memory COB is only the right space, since 3-tracks of magnetic stripes, a signature panel region, and an embossed region are located on the back of the credit card, and an RF antenna region for a transportation card must be excluded, a space for mounting 1 G-byte or higher flash memory is limited to the right portion of the space between the allowable embossed region and the allowable 3-track encoding region. Since the height of the flash memory COB must not be higher than that of the smart card COB, there is a difficulty in that the flash memory COB must be manufactured within a thickness of 0.6 mm in consideration of a card thickness of 0.8mm.
  • Flash memory is provided in such a way that the area thereof is divided into a bank area and a user area.
  • the bank area contains a certificate, a One Time Password (OTP) generation program, and an electronic bankbook, and is not accessible by a user.
  • the user area is composed of folders for music, movie, pictures, documents, an address book, and other folders, and is then allowed to be deleted, added or edited by a dedicated reader or computer.
  • the certificate is included in the credit card, so that Internet banking and electronic commerce can be performed regardless of place.
  • the OTP generation program is included in the credit card, so that a password required for Internet banking can be found using an arbitrary reader, and thus Internet banking can also be performed regardless of place.
  • Details data of account transactions and details data of use of a credit card are recorded in the form of an electronic bankbook to replace a paper bankbook, and are provided to be updated with the latest data, as needed or automatically, through a relevant bank web site accessed by computer or via an ATM.
  • the information of the user area is automatically backed up by forming relevant folders in a computer and a connector computer, so that, when a credit card is lost, damage such as the loss of personal information is prevented.
  • the size of a wafer or the like must be considered, but a NAND flash memory interface, a USB, Secure Digital (SD), a MMC, a micro SD, a T-flash method, etc. may be applied.
  • the flash memory COB is provided in such a way that an Ultra-thin Land Grid Array (ULGA) among semiconductor packages is provided within a thickness of 0.6 mm. Since this ULGA is provided in the form of a Chip Scale Package (CSP) board, the pad surface of the board is formed through the enablement of a specific design to be able to come into contact with a reader connector, and is then provided.
  • ULGA Ultra-thin Land Grid Array
  • CSP Chip Scale Package
  • the dedicated reader may include a socket including a plurality of connection terminals capable of simultaneously connecting both to the smart card COB (IC card COB) and to the flash memory COB, the reader can be configured to exchange information with the smart card COB and the flash memory COB.
  • the reader may generate an encryption table in which the location and number of bad blocks which are physical characteristics of flash memory are used as unique factors. Information requiring protection is encrypted using this encryption table, and the encrypted information can be decrypted thereby.
  • the reader may connect the flash memory to the personal computer of FIG. 4 through a USB, thus enabling the flash memory to be used as a typical large-capacity storage unit.
  • the reader may record or read information in or from the flash memory through the application program included in the present invention, or a general-purpose search program (for example, Windows Explorer).
  • the application program reads the unique information of a given smart card itself from the smart card COB (IC card COB) on the smart card (IC card).
  • the unique information may be the serial number of a given credit card, but is not necessarily limited to such a serial number in the present invention, and it is also possible to replace the unique information with any type of unique information distinguishable from other cards in addition to the serial number of the credit card.
  • the application program accesses a service server (for example, a credit card company server), capable of determining whether an incident has occurred, using the read unique information over the Internet in a wired or wireless manner, exchanges information about the occurrence of an incident with the service server, and transmits relevant information to the reader when a given card is a card for which an incident has not been reported.
  • the reader encrypts the relevant information using the encryption table which is generated using the characteristics of the bad blocks of the flash memory mounted in the smart card, and records the encrypted information.
  • the application program accesses a server, capable of determining whether an incident has occurred, over the Internet in a wired or wireless manner, and exchanges information about the occurrence of an incident with the server, similar to the case where information requiring protection is recorded.
  • a server capable of determining whether an incident has occurred, over the Internet in a wired or wireless manner, and exchanges information about the occurrence of an incident with the server, similar to the case where information requiring protection is recorded.
  • the application program receives a command for permitting the reading of relevant information, generates a decryption table, decrypts the encrypted information, and transmits the decrypted information to the PC.
  • the reader may be implemented such that, when a card for which an incident was reported is inquired about, the stored encrypted information cannot be read, but the encrypted information can be read again after the situation of the incident has been terminated through the recovery of a lost card or the like. Further, the reader may be implemented such that, depending on the type of incident report (for example, loss, a theft, disposal, etc.), relevant information is completely deleted, or the current Internet access address (for example, IP address) or the like can be immediately and automatically reported.
  • the type of incident report for example, loss, a theft, disposal, etc.
  • relevant information is completely deleted
  • the current Internet access address for example, IP address
  • a typical USB disc function may be added to the smart card through the provision of the dedicated reader. Further, the functioning of the smart card as a security disc, enabling only a user to record/read the relevant information, can also be predicted.
  • the credit card or the transportation card should not be easily lent to other persons regardless of time or place, and a user must pay great attention to preventing the occurrence of loss or theft, like money, by personally carrying the credit card or the transportation card. That is, information stored in the flash memory included in the smart card (credit card or transportation card), must be primarily secured by the user him or herself. In general, when the loss or theft of the card occurs, this must be immediately reported to a card company, thus preventing damage from occurring.
  • COB IC card COB
  • the present invention may be free of the problem of compatibility with a credit card or transportation card service terminal that may occur in the commercialization stage of the present invention.
  • the reader is first configured to purchase a product on the basis of product purchase information displayed on the screen of the reader, and to select one of a credit card, a certificate, and an OTP creator which are provided therein, thus paying for the product.
  • the reader is configured to receive through a separate means information about a store and an amount of money used and to transmit approval information to the payment device of the store through the wireless or mobile communication means of the reader without the taking out of the credit card.
  • a bank may process and provide information about purchase or convenient facilities suitable for the location of the user, thus allowing the user to become a client providing a higher royalty to the bank.
  • the flash memory is a memory device enabling data to be continuously stored therein even when power is removed, and is capable of freely storing/erasing data.
  • Such flash memory is classified into a NOR type and a NAND type according to the internal structure thereof.
  • the NOR flash memory has a structure in which cells are connected in parallel
  • the NAND flash memory has a structure in which cells are connected in series.
  • the NAND flash memory is mainly used for an SD card or a memory stick among various memory cards, and the NOR flash memory is mainly used for an MMC card or compact flash memory.
  • flash memory has characteristics that power consumption is low, and stored information is retained without being lost even when power is turned off. Further, flash memory is non- volatile memory to which power is continuously supplied, and is not only capable of retaining the stored information in an unchanged state even when power is shut off, unlike Dynamic Random Access Memory (DRAM), but also is capable of freely inputting or outputting information. Accordingly, flash memory is widely used in digital Televisions (TV), digital camcorders, mobile phones, digital cameras, Personal Digital Assistants (PDA), game playing devices, MP3 players, etc.
  • TV digital Televisions
  • PDA Personal Digital Assistants
  • bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of a memory device, such as the flash memory provided in the smart card (for example, NAND flash memory or the like) are used as an encryption key
  • the rights of digital content stored in the flash memory can be protected, and thus the above problem of the content rights can be solved.
  • the physical characteristics of the flash memory may be the bad blocks, bad pages or bad bits.
  • the encryption table can be generated by using the location and number of bad pages or bad bits, as well as the bad blocks, as unique factors.
  • the construction of the file system is also characterized in that digital content is encrypted using a bad pattern DRM table (DRM encryption table) at the time of recording the digital content. That is, in the structure of the file system, the entire area, excepting a minimum region required to detect the bad pattern DRM table (DRM encryption table), is encrypted through relevant Digital Rights Management (DRM), and thus typical access to the area is blocked.
  • DRM Digital Rights Management
  • the physical block number '0' of the flash memory (hereinafter referred to as a 'zero block') is used by the manufacturing company thereof to guarantee that the block is not a bad block. Therefore, in the zero block, format-related information of a storage medium, a medium ID (card ID), etc. are stored.
  • a bad block DRM table may be used as a DRM encryption table
  • a bad page DRM table may be used as a DRM encryption table
  • the bad block DRM table and the bad page DRM table may be collectively called a 'bad pattern DRM table (DRM encryption table)'.
  • a card ID corresponding to a medium ID is stored.
  • Such a card ID is composed of pieces of specific information (for example, card version, a DRM table select code, an area code, a manufacturing company code, a copyright holder ID [writer ID], and card serial number information) of a digital content storage medium (memory card) implemented as flash memory, as shown in FIG. 6.
  • the bad pattern extraction area of the flash memory may be either an entire block area of the flash memory or only a specific area.
  • the DRM encryption table (bad block DRM table) using the extracted bad patterns may be configured to have various sizes, such as 128 bytes, 256 bytes, or 512 bytes.
  • the term 'specific area' means that, for example, all the blocks of the flash memory can be divided by 2048 blocks and can be processed thereby. That is, as shown in FIG. 7, the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table) is determined in such a way that respective areas are set based on multiples of 2048 blocks in all the blocks of the flash memory, and an area meeting a specific criterion, among the areas, is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
  • the term 'specific criterion' means a criterion required to determine whether a relevant area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, when an area including more than a threshold number of (for example, 128) bad blocks is present, the relevant area is determined to be the bad pattern extraction area. However, when an area including more than 128 bad blocks is not present, an area including a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
  • the bad pattern extraction area is determined on the basis of a bad block table generated while a memory card is formatted at the time of manufacturing a digital content storage medium (memory card).
  • the area code of the relevant area determined at that time is recorded in the DRM table select code field of the card ID of FIG. 6.
  • FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention.
  • the flowchart shows a procedure for examining an area corresponding to the area code recorded in the DRM table select code field of the card ID, and configuring a bad block DRM table (DRM encryption table).
  • the procedure for configuring the bad block DRM table (DRM encryption table) is described below.
  • respective areas are set based on multiples of the number of blocks (for example, based on multiples of 2048 blocks).
  • a bad pattern extraction area meeting a specific criterion for example, an area having more than a threshold number of [for example, 128] bad blocks, or an area having a maximum number of bad blocks, is determined on the basis of the bad block table.
  • the code value of the relevant area (area code) is recorded in the DRM table select code field of the card ID.
  • FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table), generated on the basis of the bad block table of area 1 (block 0 ⁇ block 2047) having more than 128 bad blocks
  • FIG. 11 illustrates a 256-byte bad block DRM table (DRM encryption table), generated by attaching padding data to the bad block table (refer to FIG. 10) of area 2 (block 2048 ⁇ block 4095), having 128 or less bad blocks.
  • a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is generated on the basis of the bad block table of an area having more than 128 (256 byte) bad blocks (for example, area 1 having blocks 0 to 2047) at step 403.
  • FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table) generated on the basis of the bad block table corresponding to area 1 (block 0 ⁇ block 2047) having more than 128 bad blocks. That is, more than 128 real bad blocks are present in the area 1, so that the 256-byte bad block DRM table (DRM encryption table) is configured using only the addresses of the bad blocks. In this case, the padding operation of FIG. 11 is not required.
  • the bad block DRM table (DRM encryption table) is composed of 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data.
  • the bad block DRM table (DRM encryption table) is configured using the card serial number field (16 byte) of the card ID.
  • the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values obtained by sequentially performing an XOR operation on existing real bad block table values and a card serial number value.
  • the bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated by attaching padding data (that is, values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) to the bad block table (that is, the bad block table having 18 [36 byte] real bad block addresses in FIG. 10) of area 2 (block 2048 to block 4095) having 128 or less bad blocks.
  • the bad block DRM table (DRM encryption table) is composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ).
  • FIG. 10 illustrates a bad block table generated on the basis of 128 or less bad blocks (for example, 18 [36 bytes] real bad blocks) in area 2 (block 2048 ⁇ block 4095). That is, when only 18 bad blocks (36 byte) from 0x0812 to OxOCFE are present in area 2, the bad block table corresponding thereto is exemplified.
  • the padding data (values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) is attached to the bad block table (refer to FIG. 10) composed of 18 (36 byte) real bad block addresses, and thus the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11.
  • the bad block DRM table (DRM encryption table) formed using the above-described method is a unique factor that is determined according to the physical characteristic, which a given storage medium (memory card implemented as a memory device) can have, and that is unique in all probability.
  • FIG. 12 is a flowchart showing an example of a method of recording digital content in the flash memory according to an embodiment of the present invention.
  • the flash memory for example, NAND flash memory
  • bit-based bad pages pages including bad bits
  • bit-based bad blocks blocks including bad bits
  • the pages or blocks including bad bits are marked as bad pages or bad blocks at step 802. That is, blocks having bad bits according to bad bit information detected at the time of initialization (formatting) are marked as bad blocks, and pages having bad bits according to bad bits detected at the time of initialization are marked as bad pages.
  • the bad blocks are recorded in a bad block table at step 803.
  • the bad block table may be provided for each of areas into which all the blocks of the flash memory are divided by 2048 blocks.
  • an area satisfying a specific condition is determined with reference to the recorded bad block table, and then the area code value of the relevant area is recorded in the DRM table select code field of the Card ID (page number 9 of the zero block) at step 804.
  • a specific condition for example, all the blocks of the flash memory are divided by 2048 blocks, and then respective areas are set.
  • an area satisfying the specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table), and thereafter the area code of the determined area is recorded in the DRM table select code field of the card ID.
  • the term 'specific condition (criterion)' means a criterion required to determine whether a given area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, an area having more than a threshold number of bad blocks, or an area having a maximum number of (for example, 128) bad blocks may be determined to be a bad pattern extraction area.
  • the determination of the bad pattern extraction area may be performed to assign priority for the determination of an area in such a way that whether an area having more than a threshold number of (for example, 128) bad blocks is present is determined, and an area having a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is determined to be the bad pattern extraction area if it is determined that the area is not present.
  • a threshold number of for example, 128) bad blocks is present
  • the area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6 at step 804.
  • a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9], composed of 128 real bad block addresses, is generated on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks at step 806. This means that, since more than 128 (256 byte) real bad blocks are present in, for example, area 1 (block 0 ⁇ block 2047), the 256-byte bad block DRM table (DRM encryption table) can be configured using only the addresses of the real bad blocks.
  • the relevant area (examination target area [area corresponding to the area code]) does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 805
  • a padding operation is performed, so that the 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated at step 807. That is, the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11, using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
  • the bad block table of area 2 having 128 or less bad blocks of FIG. 10 an XOR operation is sequentially performed on the real bad block table values and the card serial number value, thus generating a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11], in which padding data (values generated by sequentially performing an XOR operation on the bad block table values and the card serial number value [for example, '0x01020304050607080900010203040506']) is attached to the bad block table of area 2 (block 2048 ⁇ block 4095) (that is, in FIG. 10, a bad block table having 18 (36 byte) real bad block addresses]).
  • the bad block DRM table (DRM encryption table) composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17,...) is configured.
  • flash memory' described in the present invention may mean the flash memory COB itself shown in FIG. 2.
  • FIG. 13 is a flowchart showing an example of an authentication process for digital content play according to an embodiment of the present invention.
  • digital content may be played by merely reading data from flash memory provided in the smart card using a reader.
  • the digital content provision apparatus (a media player, a computer, etc.) reads the information of the card ID (page number 9 of zero block), and starts an authentication process at step 902.
  • the DRM table select code field of the card ID information about the code of an area (area having more than a threshold number of bad blocks, or an area having a maximum number of bad blocks), in which bad patterns (bad blocks, bad pages, bad bits, etc.) desired to be used for a DRM decryption table (bad block DRM table) are present, is recorded, and thus the information of the card ID is determined at the time of playing media.
  • a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks.
  • step 905. whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), is determined.
  • a procedure for determining whether blocks are real bad blocks is described below. For example, about 10 bad blocks are randomly selected from the real bad block table, and whether the selected bad blocks are real bad blocks is examined at step 906. At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block, and thus whether the bad blocks are real bad blocks is determined at step 907.
  • WP Write Protect
  • step 907 If it is determined at step 907 that bad blocks are real bad blocks, a predetermined number of (about 10) real bad blocks are additionally examined using the same method at step 906. Similarly, for the additionally selected bad blocks, a procedure for disabling a WP pin and writing 0xAA55 and 0x55AA in the corresponding page of each real bad block is performed at step 907.
  • the bad block table of FIG. 10 is a bad block table having 18 (36 byte) real bad block addresses
  • the last bad block address is 'OxFE'
  • the determination of real bad blocks is performed by examining bad blocks corresponding to a multiple of 14. If the number of bad blocks which are examination targets does not exceed 5, bad blocks from a first bad block are additionally included in the sequential examination targets, and thus the total number of examination target bad blocks is maintained at at least 5.
  • the above-described method of the present invention can be applied to various fields in consideration of the entire performance and other conditions of the system to which DRM is applied.
  • the method can be applied to an asymmetric encryption system.
  • a bad pattern DRM table (DRM encryption table) is generated using bad patterns.
  • a seed key is generated using a Hash function that uses the bad pattern DRM table (DRM encryption table) as a transform parameter.
  • a public key and a private key are generated through a Public Key Infrastructure (PKI) algorithm (Rivest-Shamir-Adleman [RSA], Elliptic Curve Cryptography [ECC], etc.), and they can be applied to PKI solutions that have been used in various existing fields.
  • PKI Public Key Infrastructure
  • a client may download content data, encrypted by a server using the public key, and may decrypt the encrypted content data using the private key extracted from the digital content data.
  • a memory device constituting a digital content storage medium for example, NAND flash memory
  • a digital content storage medium for example, NAND flash memory
  • the duplicated digital content storage medium is not effective.
  • the bad patterns bad blocks, bad pages, bad bits, etc. which are physical characteristics of a memory device (for example, NAND flash memory) constituting the storage medium are not duplicated.
  • the present invention can sufficiently protect the digital content of a copyright holder, unlike existing storage media, such as a CD or a DVD, having contradiction indicating that the existing storage media become media capable of providing profit to the copyright holder of digital content, and, simultaneously, they become media through which the copyright holder's digital content is infinitely duplicated because they are infinitely exposed to illegal duplication by typical users.
  • other examples of methods of preventing the copying and illegal duplication of the entirety of the flash memory may include an encryption/decryption method using different bad areas (blocks, pages, sub-pages, or locations) for respective flash memory devices.
  • an area in which the addresses of bad areas of memory used (blocks, pages, sub-pages, or locations) are recorded, is set in a header data area in which the characteristics of a memory card (digital content storage medium) are recorded, rather than a data storage space, and the set area is recorded.
  • the addresses of the bad areas are combined with each other to extract encryption feature values (for example, encryption feature values based on a bad block DRM table [DRM encryption table]). Thereafter, original content data is encrypted using such encryption feature values, and thus the encrypted content data is recorded in the normal areas of the memory and not in the bad areas of the memory.
  • encryption feature values for example, encryption feature values based on a bad block DRM table [DRM encryption table]
  • a play apparatus reads the add resses of the bad areas from the header data area, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used for the encryption of content data by combining the addresses of the bad areas with each other, and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas.
  • encryption feature values are calculated through a combination of unique values, such as the addresses of different bad areas for respective memory devices used, so that perfect duplication is physically impossible unless the bad areas of the memory used for duplication and bad areas of the original memory are entirely identical to each other.
  • bad areas (blocks, pages, sub-pages or locations) of memory used are marked on defined locations of spare areas corresponding thereto as bad areas, and encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) are extracted by combining the addresses of the bad areas. Thereafter, original content data is encrypted using the encryption feature values, and the encrypted content data is recorded in the normal areas of the memory and not in the bad areas of the memory.
  • encryption feature values for example, encryption feature values based on the bad block DRM table [DRM encryption table]
  • the play apparatus reads the addresses of bad areas by examining the memory, calculates encryption feature values used for the encryption of content data by combining the addresses of the bad areas (for example, encryption feature values based on the bad block DRM table [DRM encryption table]), and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas.
  • encryption feature values are calculated by combining unique values, such as the addresses of different bad areas for respective memory devices, perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are entirely identical to each other.
  • the bad areas (blocks, pages, sub-pages, and locations) of memory used are marked at defined locations of spare areas corresponding thereto as bad areas, and encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) are extracted using specific values (for example, a serial number, etc.) recorded in the memory. Thereafter, original content data is encrypted using the encryption feature values, and encrypted content data is recorded in normal areas of the memory and not in the bad areas of the memory.
  • encryption feature values for example, encryption feature values based on the bad block DRM table [DRM encryption table]
  • the play apparatus reads the specific values recorded in the memory, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used as specific values, and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas.
  • encryption feature values for example, encryption feature values based on the bad block DRM table [DRM encryption table]
  • the encryption feature values are calculated through a combination of specific values recorded in the memory used, so that perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are completely identical to each other.
  • the play apparatus determines whether bad areas are physically formed or are merely marked for duplication through a procedure of writing/reading data in/from the bad areas when the memory card is inserted. If it is determined that the bad areas are merely marked, the play apparatus classifies the memory card as an 'illegally duplicated memory card', and does not play recorded digital content data. As described above, the present invention determines the authenticity of bad areas, thus identifying an illegally duplicated memory card.
  • FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention. For convenience of description, a description will be made on the basis of the operation of the apparatus for generating a bad block DRM table (DRM encryption table).
  • a bad pattern detection unit 101 sets areas based on multiples of the number of blocks (/bad pages) (for example, based on multiples of 2048 blocks) in all the blocks of the flash memory, and detects bad blocks (/bad pages) in each of the areas.
  • a real bad pattern examination unit 102 determines a bad pattern extraction area meeting a specific criterion (for example, an area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), and records the code value (area code) of the relevant area in the DRM table select code field of the card ID.
  • a specific criterion for example, an area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]
  • the specific condition is, for example, a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table). According to such a specific condition, an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages), can be determined to be the bad pattern extraction area.
  • a threshold number of for example, 128) bad blocks (/bad pages
  • an area having a maximum number of bad blocks (/bad pages) can be determined to be the bad pattern extraction area.
  • a bad pattern table configuration unit 103 records the addresses of bad blocks (/bad pages) of the area corresponding to the area code, recorded in the DRM table select code field of the card ID, in the bad block (/bad page) table.
  • a bad pattern DRM table calculation unit 104 examines the area corresponding to the area code recorded in the DRM table select code field of the card ID. That is, whether the area corresponding to the area code has bad blocks (/bad pages) sufficient to configure a bad block (/bad page) DRM table (DRM encryption table) is examined.
  • a bad pattern DRM table generation unit 105 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID.
  • a 256-byte bad block DRM table (DRM encryption table) [refer to 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ⁇ block 2047) having more than 128 (256 byte) bad blocks.
  • a 256-byte bad block DRM table [refer to FIG. 11] is generated by performing a padding operation.
  • the bad block DRM table (DRM encryption table) of FIG. 11 is configured using 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data.
  • a 256-byte bad block DRM table (DRM encryption table) can be configured, as shown in FIG. 11, using padding values, generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
  • FIG. 15 is a diagram showing an example of the construction of a digital content recording apparatus according to an embodiment of the present invention.
  • a bad pattern examination and marking unit 111 formats the flash memory (for example, NAND flash memory) of a storage medium (memory card implemented using a memory device) to a low level, examines bit-based bad pages (pages having bad bits) or bit-based bad blocks (blocks having bad bits) by writing 0xAA55, and marks pages or blocks having bad bits as bad pages or bad blocks.
  • flash memory for example, NAND flash memory
  • a storage medium memory card implemented using a memory device
  • a bad pattern area selection unit 112 formats the flash memory to a low level, and determines an area meeting a specific condition (criterion) with reference to a recorded bad block (/bad page) table.
  • a media information recording unit 113 records the area code of the area in the DRM table select code field of the card ID (page number 9 of zero block).
  • all the blocks of the flash memory are divided by 2048 blocks, and thus respective areas are set.
  • an area meeting a specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of a bad block (/bad page) DRM table (DRM encryption table).
  • DRM encryption table DRM table select code field of the card ID.
  • the term 'specific condition (criterion)' means a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table).
  • an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages) can be determined to be a bad pattern extraction area.
  • the determination of the bad pattern extraction area may be performed by determining whether an area having more than a threshold number of (for example, 128) bad blocks (/bad pages) is present, and by determining an area, having a maximum number of bad blocks (/bad pages) among the plurality of areas (areas set based on multiples of 2048 blocks), to be the bad pattern extraction area if it is determined that the relevant area is not present.
  • the area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6.
  • a bad pattern DRM table generation unit 114 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID. For example, when the area corresponding to the area code has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ⁇ block 2047) having more than 128 (256 bytes) bad blocks.
  • DRM encryption table composed of 128 real bad block addresses
  • a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation.
  • a content encryption recording unit 115 records digital content in the memory device (for example, NAND flash memory) by utilizing the bad pattern DRM table (DRM encryption table), generated by the bad pattern DRM table generation unit 114, as an encryption key.
  • DRM table DRM encryption table
  • FIG. 16 is a diagram showing an example of the construction of a digital content play apparatus according to an embodiment of the present invention.
  • a media information collection unit 121 reads information about a card ID (page number 9 of zero block).
  • a card ID page number 9 of zero block.
  • the area code information of the area having bad patterns (bad blocks, bad pages, bad bits, etc.) (area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), desired to be used for a bad pattern DRM table (DRM decryption table) is recorded, and thus information of the card ID is collected at the time of playing media.
  • a bad pattern DRM table generation unit 122 configures a bad block (/bad page) DRM table (DRM decryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code field of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks.
  • the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) by performing a padding operation (refer to FIG. 11). That is, the 256-byte bad block DRM table (DRM decryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
  • a media authentication unit 123 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block(/bad page) DRM table (DRM decryption table) generated by the bad pattern DRM table generation unit 122, are real bad blocks (/bad pages). For example, the media authentication unit 123 determines whether blocks having real bad block addresses in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), are real bad blocks.
  • a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined.
  • WP Write Protect
  • a suitable number of real bad blocks (/bad pages) are additionally examined using the same method.
  • a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the additionally selected blocks are real bad blocks (/bad pages) is determined.
  • a content decryption and play unit 124 permits the use of digital content media (play or read) on the basis of the results of the authentication performed by the media authentication unit 123. That is, when the authentication of the use of media has succeeded, the content decryption and play unit 124 transmits digital content data to a user while decrypting the digital content data using the generated bad block (/bad page) DRM table (DRM decryption table). Further, when the authentication of the use of the media has failed, the content decryption and play unit 124 notifies the user of the failure of the authentication, thus requesting the user to check the digital content storage medium.
  • DRM table bad block
  • FIG. 17 is a diagram showing an example of the construction of a key generation apparatus for an asymmetric encryption system to which the present invention is applied.
  • a bad pattern detection unit 131 sets areas based on multiples of the number of blocks (/pages) (for example, based on multiples of 2048 blocks) in all the blocks (/bad pages) of the flash memory, and detects bad blocks (/bad pages) from each of the areas.
  • a bad pattern DRM table generation unit 132 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG.
  • a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation. That is, the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
  • a media authentication unit 133 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block (/bad page) DRM table (DRM encryption table) generated by the bad pattern DRM table generation unit 132, are real bad blocks (/bad pages). For example, the media authentication unit 133 determines whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM encryption table) of FIG. 11 composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ).
  • a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined.
  • WP Write Protect
  • a suitable number for example, about 10
  • a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the additionally selected blocks are real bad blocks (/bad pages) is determined.
  • a seed key generation unit 134 generates a seed key through a Hash function which uses a bad pattern DRM table (DRM encryption table) as a transform factor.
  • An asymmetric encryption key generation unit 135 generates a public key and a private key through a PKI algorithm (RSA, ECC, etc.) using the seed key generated by the seed key generation unit 134.
  • the public key may be used to encrypt digital content data, and the private key may be used to decrypt digital content data.
  • the above-described method of the present invention may be implemented in the form of a program and may be stored in recording media (Compact Disc (CD)-Read Only Memory (ROM), Random Access Memory (RAM), ROM, a floppy disc, a hard disc, a magneto-optical disc, etc.) in a computer-readable form.
  • recording media Compact Disc (CD)-Read Only Memory (ROM), Random Access Memory (RAM), ROM, a floppy disc, a hard disc, a magneto-optical disc, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

According to the present invention, a smart card, including a smart card COB provided therein and a flash memory COB provided therein, electrically isolated from the smart card COB, and provided with a plurality of input/output terminals. A reader is provided with a plurality of electrical contact points to exchange information with the smart card COB and the flash memory COB and is connected to a PC through a USB. The reader is connected through a USB to an application program, which is mounted on a PC and is configured to separately record or read information requiring protection and information, not requiring protection, depending on the user's manipulation, to inquire about the occurrence of an incident concerning a credit card through a server of a credit card company connected through the Internet when information requiring protection is desired to be read, and to approve or deny the reading.

Description

Description
SMART CARD WITH FLASH MEMORY AND MEMORY READER OF SMART CARD AND DRM METHOD USING THAT
Technical Field
[1] The present invention relates, in general, to a smart card having flash memory, a reader for the smart card, and a Digital Rights Management (DRM) method using the smart card and the reader, and, more particularly, to a smart card having flash memory, a reader capable of either recording digital information in the flash memory included in the smart card, or reading recorded information from the flash memory, a DRM method using an application program that is executed in a personal computer functioning to record or read information while mutually exchanging information with the reader depending on the manipulation of a user, and an electronic commerce method of reading information from the smart card using the reader and connecting information of the smart card to the Internet.
[2] That is, the present invention relates to a method in which large-capacity flash memory, as well as a smart card Integrated Circuit (IC), is provided in a typically used smart card, so that a smart card can function both as a single credit card and as a medium capable of storing various types of digital information, and so that digital info rmation stored in the flash memory is protected using the unique information of the smart card, and relates to an electronic commerce method in which a reader reads the information from the smart card and connects the read information to the Internet. Background Art
[3] Generally, a smart card stores therein information about authentication, a credit card, a payment account, etc., thus being used as a transportation card, a credit card, a check card, etc. In addition, a smart card may be used for typical banking operations such as account inquiry, account transfer, and bank withdrawals.
[4] Meanwhile, the functionality of portable devices, such as an MPEG Audio Layer-3
(MP3) player, a Portable Multimedia Player (PMP), and a digital camera, has gradually been becoming diversified and increasing, and the storage capacity of portable devices has also increased to enable the storage of various types of content. For example, when a video capturing function is performed using a digital camera, a larger storage capacity is required to capture video, compared to the capturing of still images.
[5] A structure in which a large-capacity storage space required for such an additional functionality is included in all portable devices may cause problems in that it not only becomes a cause of increasing the costs of devices, but also forces a user who does not need such an additional functionality to purchase the devices after paying unnecessary costs.
[6] In order to solve these problems, manufacturing companies which manufacture portable devices such as an MP3 player, a PMP, and a digital camera intend to fix the size of memory provided in each device to a predetermined size, to mount a separate memory card in the device, and to extend the size of the memory at the request of a user.
[7] However, as portable devices get diversified and various types of memory cards are applied to the portable devices, a user having various portable devices undergoes inconvenience in that he or she must individually prepare various types of memory cards (for example, a Secure Digital [SD] memory card, a Smart Media Card [SMC], a Multimedia Card [MMC], a memory stick, a Universal Serial Bus [USB] disc, etc.).
[8] Further, there are problems in that, when such a memory card is lost or stolen, information contained in the memory card is exposed to the person who has acquired the memory card, so that important personal or secret information may be easily exposed, thus resulting in considerable secondary damage, and allowing content, purchased by paying the costs, to be easily used by the person who acquired the memory card without paying the costs.
[9] In addition, there is a problem in that, since personal information is not recorded in a memory card unless it is specially recorded in the memory card, the person who has acquired the memory card cannot easily return the memory card to the owner who lost the memory card even if the person intends to return the memory card.
[10] Meanwhile, although Internet banking/stock exchange and Internet Electronic
Commerce (EC) have been universalized with the popularization of computers, an amount of money usable for financial transactions is limited in spite of the use of certificates due to worries about hacking or the like. Such an EC method is problematic in that, even if there are several payment service institutions, several steps of procedures are required to pay an amount of money above three hundred thousand Won. Accordingly, there is a need to overcome such problems by providing a security function for smart cards to payment institutions by way of computers according to the present invention.
Disclosure of Invention Technical Problem
[11] Accordingly, the present invention has been made keeping in mind the above problems occurring in the prior art, and an object of the present invention is to provide a smart card having flash memory in which flash memory is included in an existing smart card and which is configured to provide storage space for digital information as well as the function of the smart card itself, to encrypt information to be protected using the unique information of the smart card (for example, a card serial number), and to store the encrypted information, so that both a smart card function and a memory card function for information protection can be implemented together in a single card, to a reader for the smart card, a digital rights management method using the smart card and the reader, and an electronic commerce method of allowing the reader to read information from the smart card and connect the read information to the Internet. Technical Solution
[12] In order to accomplish the above object, the present invention includes a smart card
Chip On Board (COB) which is provided in a smart card and is provided with a predetermined Integrated Circuit (IC) chip and eight contact points based on ISO7816 standards, and a flash memory COB which is electrically isolated from the smart card COB, is provided in the smart card, and is provided with a plurality of input/output terminals.
[13] Further, the flash memory is implemented using NAND-type flash memory.
[14] Further, a reader to accomplish the above object is configured to have a plurality of electrical contact points so as to exchange information with the smart card COB and the flash memory COB and is connected to a Personal Computer (PC) through a USB.
[15] Further, the reader is mounted in the PC and is configured to separate information requiring protection and information not requiring protection and to separately record or read the information depending on the manipulation of a user. When the reading of information requiring protection is necessary, the reader accesses a server of a credit card company connected thereto via the Internet and is operated in connection with an application program for inquiring whether a credit card incident has occurred and approving or denying the reading of information or in connection with an application program for receiving a password through a USB.
[16] Further, when information requiring protection is recorded by the application program, encryption based on the physical characteristics of bad blocks of the flash memory is performed, so that the information requiring protection is encrypted and is then stored.
[17] Further, the reader decrypts the stored encrypted information into the original information at the time of reading the stored, encrypted information in compliance with the instructions of the application program.
[18] Meanwhile, in order to perform Digital Rights Management (DRM) on digital content stored in the flash memory, the reader may perform the steps of examining unit area-based bad patterns of the flash memory, and determining a bad pattern extraction area; recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; and examining an area corresponding to the area code recorded in the table select code field, and configuring a bad pattern DRM table on the basis of a bad pattern table.
[19] Further, in order to perform DRM on the digital content stored in the flash memory, the reader may perform the steps of extracting physical characteristics of the flash memory; and generating an encryption key using the extracted physical characteristics.
[20] Meanwhile, at the time of recording digital content in the flash memory, the reader may perform the steps of examining unit area-based bad patterns of the flash memory, and determining a bad pattern extraction area; recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; examining an area corresponding to the area code recorded in the table select code field, and configuring a bad pattern DRM table on the basis of a bad pattern table; and recording the digital content in the flash memory by using the bad pattern DRM table as an encryption key.
[21] Further, at the time of recording digital content in the flash memory, the reader may perform the steps of extracting physical characteristics of the flash memory; generating an encryption key using the physical characteristics; and recording digital content in the flash memory using the generated encryption key.
[22] Further, at the time of recording digital content in the flash memory, the reader may perform the steps of setting an area in which addresses of bad areas of the memory used are recorded and recording the area in a header data area, in which the characteristics of a memory card are recorded, rather than a data storage space, and of recording the addresses; and extracting encryption feature values by combining the addresses of the bad areas, encrypting original content data using the encryption feature values, and recording the content data in normal areas of memory and not in the bad areas.
[23] Further, at the time of recording digital content in the flash memory, the reader may perform the steps of marking bad areas of the memory used, at defined locations of corresponding spare areas, as bad areas, and extracting encryption feature values by combining addresses of the bad areas; and encrypting original content data using the encryption feature values and recording the content data in normal areas of the memory and not in the bad areas.
[24] Further, at the time of recording digital content in the flash memory, the reader may perform the steps of marking bad areas of memory used, at defined locations of corresponding spare areas, as bad areas, and extracting encryption feature values using specific values recorded in the memory; and encrypting original content data using the encryption feature values and recording encrypted content data in normal areas of the memory and not in bad areas.
[25] Meanwhile, in the reader, a code value of the bad pattern extraction area is recorded in the table select code field of the card ID, and digital content is recorded by using a 'DRM encryption table configured on the basis of a bad pattern table by examining an area corresponding to the area code recorded in the table select code field' as an encryption key.
[26] Meanwhile, in a method of playing digital content stored in the flash memory, the reader may perform the steps of examining an area corresponding to an area code recorded in a table select code field of a card ID and configuring a bad pattern DRM table on the basis of a bad pattern table; examining whether patterns having real bad pattern addresses in the bad pattern DRM table are real bad patterns; and playing digital content by using the bad pattern DRM table as a decryption key on the basis of the results of examination.
[27] Further, according to the present invention to accomplish the above object, in a method of playing digital content stored in the flash memory, the reader may perform the steps of extracting physical characteristics of the flash memory; generating a decryption key using the extracted physical characteristics; and playing digital content using the generated decryption key.
[28] Further, the present invention to accomplish the above object provides a method of playing digital content stored in the flash memory, comprising the reader reading addresses of bad areas from a header data area, and combining the addresses of the bad areas, thus calculating encryption feature values used for encryption of content data; and the reader recovering original content data using the encryption feature values while sequentially reading content data from memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[29] Further, the present invention to accomplish the above object provides a method of playing digital content stored in the flash memory, comprising the reader examining memory, reading addresses of bad areas from the memory, and calculating encryption feature values used for encryption of content data by combining the addresses of the bad areas with each other; and the reader recovering original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform complete duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[30] Further, the present invention to accomplish the above object provides a method of playing digital content stored in the flash memory, comprising the steps of the reader examining memory, reading specific values recorded in the memory, and calculating encryption feature values used for encryption using the specific values; and the reader recovering original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining specific values recorded in the memory used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of the original memory.
[31] Meanwhile, the present invention to accomplish the above object provides a computer-readable recording medium for recording, in a DRM apparatus having a processor, a program for implementing a function of examining unit area-based bad patters of flash memory and determining a bad pattern extraction area; a function of recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; and a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on the basis of a bad pattern table.
[32] Further, the present invention provides a computer-readable recording medium for recording, in a DRM apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory; and a function of generating an encryption key using the extracted physical characteristics.
[33] Meanwhile, the present invention provides a computer-readable recording medium for recording, in a digital content recording apparatus having a processor, a program for implementing a function of examining unit area-based bad patterns of a memory device constituting flash memory and determining a bad pattern extraction area; a function of recording a code value of the determined bad pattern extraction area in a table select code field of a card ID; a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on the basis of a bad pattern table; and a function of recording content data in the flash memory by using the bad pattern DRM table as an encryption key.
[34] Further, the present invention provides a computer-readable recording medium for recording, in a digital content recording apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory; a function of generating an encryption key using the physical characteristics of the flash memory; and a function of recording digital content in the flash memory using the generated encryption key.
[35] Meanwhile, the present invention provides a computer-readable recording medium for recording, in a digital content play apparatus having a processor, a program for implementing a function of examining an area corresponding to an area code recorded in a table select code field of a card ID and configuring a bad pattern DRM table on the basis of a bad pattern table; a function of examining whether patterns having real bad pattern addresses in the bad pattern DRM table are real bad patterns; and a function of playing digital content by using the bad pattern DRM table as a decryption key on the basis of the results of examination.
[36] Further, the present invention provides a computer-readable recording medium for recording, in a digital content play apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory; a function of generating a decryption key using the extracted physical characteristics; and a function of playing digital content using the generated decryption key.
Advantageous Effects
[37] The smart card having flash memory, a reader for the smart card, and a digital rights management method using the smart card and the reader according to the present invention are advantageous in that, since flash memory is included in an existing smart card, storage space for digital information, as well as the function of the smart card itself, are provided, and, in addition, information requiring protection is encrypted using the unique information of the smart card and the encrypted information is stored therein, so that smart card and memory card functions for information protection can be provided through a single card, and further in that, since various types of programs and data for banks and persons are stored in the card, a banking function and an entertainment function can be provided, and further in that, since a wireless or mobile c ommunication means is included in the reader, a new personalized financial device function can be implemented simultaneously with the above functions. Brief Description of the Drawings
[38] FIG. 1 is a diagram showing an example of a conventional smart card;
[39] FIG. 2 is a diagram showing an example of a smart card having flash memory according to an embodiment of the present invention;
[40] FIG. 3 is a diagram showing the construction of a reader for the smart card having flash memory of FIG. 2;
[41] FIG. 4 is a diagram showing the connection of a communication network for inquiry about the occurrence of an incident concerning the smart card of FIG. 2;
[42] FIG. 5 is a diagram showing an example of the construction of flash memory used in the present invention;
[43] FIG. 6 is a diagram showing an example of the card ID of FIG. 1 ;
[44] FIG. 7 is a diagram showing an example of a bad pattern extraction area when all the blocks of flash memory are divided by 2048 blocks, according to an embodiment of the present invention; [45] FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention;
[46] FIG. 9 is a diagram showing an example of a 256-byte bad block DRM table generated in the bad block table of area 1 having more than 128 bad blocks according to an embodiment of the present invention;
[47] FIG. 10 is a diagram showing an example of the bad block table of area 2 having less than 128 bad blocks according to the present invention;
[48] FIG. 11 is a diagram showing another example of a 256-byte bad block DRM table generated by attaching padding data to the bad block table of area 2 of FIG. 10 having 128 or less bad blocks according to an embodiment the present invention;
[49] FIG. 12 is a flowchart showing an example of a digital content recording method according to an embodiment of the present invention;
[50] FIG. 13 is a flowchart showing an example of an authentication process for digital content play according to an embodiment of the present invention;
[51] FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention;
[52] FIG. 15 is a diagram showing an example of a digital content recording apparatus according to an embodiment of the present invention;
[53] FIG. 16 is a diagram showing an example of a digital content play apparatus according to an embodiment of the present invention; and
[54] FIG. 17 is a diagram showing an example of a key generation apparatus for an asymmetric encryption system to which the present invention is applied. Best Mode for Carrying Out the Invention
[55] Hereinafter, embodiments of the present invention will be described in detail with reference to the attached drawings. Prior to description, the terms and words used in the present specification and claims should not be interpreted as being limited to their typical meanings based on the typical or dictionary definitions thereof, but should be interpreted as having meanings and concepts corresponding to the technical spirit of the present invention on the basis of the principle by which the inventor can suitably define the implications of terms in the way which best describes the invention.
[56] Therefore, the construction described in the present specification and shown in the drawings is only a preferred embodiment of the present invention, and is not intended to represent all the technical spirit of the present invention. Accordingly, it should be understood that various equivalents and modifications capable of replacing the above embodiments may exist at the time at which the present invention is filed. [57] FIG. 1 is a diagram showing an example of a conventional smart card. As shown in the drawing, a smart card Chip On Board (COB) is provided in the smart card.
[58] FIG. 2 is a diagram showing a structure in which a flash memory COB is mounted in a space other than the space in which the smart card COB is mounted, in the conventional smart card of FIG. 1.
[59] The structure of FIG. 2 is described in detail. The smart card having flash memory according to the present invention is implemented such that a smart card COB (IC card COB) functioning as a credit card or a transportation card, and a flash memory COB for storing digital information are mounted in a single card.
[60] In this case, the smart card COB (IC card COB) is not electrically connected to the flash memory COB.
[61] That is, when the smart card having flash memory of FIG. 2 according to the present invention is used as a credit card or a transportation card, it is used in the same way as that of an existing smart card. Further, when information is recorded in the flash memory, or when recorded information is read, the smart card can be used to connect to or be inserted into a dedicated reader according to the present invention. That is, the smart card includes the smart card COB, which is provided therein and is provided with a predetermined IC chip and eight contact points based on ISO7816 standards, and a flash memory COB, which is electrically isolated from the smart card COB, is provided in the smart card and is provided with a plurality of input/output terminals. According to ISO7816 standards, the size of a credit card is 85.5 mm x 54 mm, a region of the credit card ranging from the bottom to a position 24 mm above the bottom is defined as an area in which a card number, the term of validity and a name are embossed, and a region of the credit card ranging from the top to a position 15.3 mm below the top is defined as an allowable region of 3-track magnetic encoding. Accordingly, since the smart card COB is located 9 mm far away from a left end in the space between the above regions, a space for accommodating the flash memory COB is only the right space, since 3-tracks of magnetic stripes, a signature panel region, and an embossed region are located on the back of the credit card, and an RF antenna region for a transportation card must be excluded, a space for mounting 1 G-byte or higher flash memory is limited to the right portion of the space between the allowable embossed region and the allowable 3-track encoding region. Since the height of the flash memory COB must not be higher than that of the smart card COB, there is a difficulty in that the flash memory COB must be manufactured within a thickness of 0.6 mm in consideration of a card thickness of 0.8mm. Flash memory is provided in such a way that the area thereof is divided into a bank area and a user area. The bank area contains a certificate, a One Time Password (OTP) generation program, and an electronic bankbook, and is not accessible by a user. The user area is composed of folders for music, movie, pictures, documents, an address book, and other folders, and is then allowed to be deleted, added or edited by a dedicated reader or computer. According to the present invention, the certificate is included in the credit card, so that Internet banking and electronic commerce can be performed regardless of place. Further, the OTP generation program is included in the credit card, so that a password required for Internet banking can be found using an arbitrary reader, and thus Internet banking can also be performed regardless of place. Details data of account transactions and details data of use of a credit card are recorded in the form of an electronic bankbook to replace a paper bankbook, and are provided to be updated with the latest data, as needed or automatically, through a relevant bank web site accessed by computer or via an ATM. The information of the user area is automatically backed up by forming relevant folders in a computer and a connector computer, so that, when a credit card is lost, damage such as the loss of personal information is prevented. For a method of connecting the flash memory COB, the size of a wafer or the like must be considered, but a NAND flash memory interface, a USB, Secure Digital (SD), a MMC, a micro SD, a T-flash method, etc. may be applied. The flash memory COB is provided in such a way that an Ultra-thin Land Grid Array (ULGA) among semiconductor packages is provided within a thickness of 0.6 mm. Since this ULGA is provided in the form of a Chip Scale Package (CSP) board, the pad surface of the board is formed through the enablement of a specific design to be able to come into contact with a reader connector, and is then provided.
[62] Referring to FIG. 3, since the dedicated reader may include a socket including a plurality of connection terminals capable of simultaneously connecting both to the smart card COB (IC card COB) and to the flash memory COB, the reader can be configured to exchange information with the smart card COB and the flash memory COB.
[63] Meanwhile, the reader may generate an encryption table in which the location and number of bad blocks which are physical characteristics of flash memory are used as unique factors. Information requiring protection is encrypted using this encryption table, and the encrypted information can be decrypted thereby.
[64] Further, an operation of recording and reading information through the reader is performed by the following two flows depending on whether relevant information r equires protection.
[65] In the first flow, that is, when relevant information does not require protection, the reader may connect the flash memory to the personal computer of FIG. 4 through a USB, thus enabling the flash memory to be used as a typical large-capacity storage unit. In this case, the reader may record or read information in or from the flash memory through the application program included in the present invention, or a general-purpose search program (for example, Windows Explorer).
[66] In the second flow, that is, in the case opposite the above case and where relevant information requiring protection is intended to be recorded, the reader must record the information using the application program included in the present invention.
[67] Hereinafter, the operation flow of the reader related to the second case will be described in detail with reference to FIGS. 3 to 4.
[68] First, the application program reads the unique information of a given smart card itself from the smart card COB (IC card COB) on the smart card (IC card). In this case, the unique information may be the serial number of a given credit card, but is not necessarily limited to such a serial number in the present invention, and it is also possible to replace the unique information with any type of unique information distinguishable from other cards in addition to the serial number of the credit card.
[69] Next, the application program accesses a service server (for example, a credit card company server), capable of determining whether an incident has occurred, using the read unique information over the Internet in a wired or wireless manner, exchanges information about the occurrence of an incident with the service server, and transmits relevant information to the reader when a given card is a card for which an incident has not been reported. The reader encrypts the relevant information using the encryption table which is generated using the characteristics of the bad blocks of the flash memory mounted in the smart card, and records the encrypted information.
[70] Further, when the reader reads protected information from the flash memory, the application program accesses a server, capable of determining whether an incident has occurred, over the Internet in a wired or wireless manner, and exchanges information about the occurrence of an incident with the server, similar to the case where information requiring protection is recorded. When a given card is a card for which an incident has not been reported, the application program receives a command for permitting the reading of relevant information, generates a decryption table, decrypts the encrypted information, and transmits the decrypted information to the PC.
[71] In this case, the reader may be implemented such that, when a card for which an incident was reported is inquired about, the stored encrypted information cannot be read, but the encrypted information can be read again after the situation of the incident has been terminated through the recovery of a lost card or the like. Further, the reader may be implemented such that, depending on the type of incident report (for example, loss, a theft, disposal, etc.), relevant information is completely deleted, or the current Internet access address (for example, IP address) or the like can be immediately and automatically reported.
[72] According to the above construction, in addition to the credit card or the transportation card functionality, a typical USB disc function may be added to the smart card through the provision of the dedicated reader. Further, the functioning of the smart card as a security disc, enabling only a user to record/read the relevant information, can also be predicted.
[73] Typically, the credit card or the transportation card should not be easily lent to other persons regardless of time or place, and a user must pay great attention to preventing the occurrence of loss or theft, like money, by personally carrying the credit card or the transportation card. That is, information stored in the flash memory included in the smart card (credit card or transportation card), must be primarily secured by the user him or herself. In general, when the loss or theft of the card occurs, this must be immediately reported to a card company, thus preventing damage from occurring.
[74] Therefore, according to the present invention, there is an advantage in that important data or expensive digital information, which requires security and which must not be read by persons other than the user him or herself, is blocked in real time using the information about the reported card, so that there are advantages in that additional loss attributable to the exposure of relevant data and the risks of an incident may be greatly reduced, as well as affording the protection of the relevant data.
[75] Further, there are advantages in that, since the flash memory COB and the smart card
COB (IC card COB) provided in the smart card do not form a complete electrical or magnetic connection to each other unless the dedicated reader is used, no influence is exerted on various situations, such as inquiry/payment transactions using an existing IC card reader. Accordingly, the present invention may be free of the problem of compatibility with a credit card or transportation card service terminal that may occur in the commercialization stage of the present invention.
[76] Further, when a wireless (Bluetooth, wireless LAN, etc.) and mobile communication means (mobile communication, Wibro, etc.) are included in the reader, the reader is first configured to purchase a product on the basis of product purchase information displayed on the screen of the reader, and to select one of a credit card, a certificate, and an OTP creator which are provided therein, thus paying for the product. Second, the reader is configured to receive through a separate means information about a store and an amount of money used and to transmit approval information to the payment device of the store through the wireless or mobile communication means of the reader without the taking out of the credit card. Further, when the location tracking function of the mobile communication means is used, a bank may process and provide information about purchase or convenient facilities suitable for the location of the user, thus allowing the user to become a client providing a higher royalty to the bank.
[77] Hereinafter, an embodiment of the present invention in which the reader generates an encryption table by using the location and number of bad blocks the physical characteristics of flash memory) as unique factors will be described with reference to FIGS. 5 to 17.
[78] The flash memory is a memory device enabling data to be continuously stored therein even when power is removed, and is capable of freely storing/erasing data. Such flash memory is classified into a NOR type and a NAND type according to the internal structure thereof. The NOR flash memory has a structure in which cells are connected in parallel, and the NAND flash memory has a structure in which cells are connected in series.
[79] Therefore, the NAND flash memory is mainly used for an SD card or a memory stick among various memory cards, and the NOR flash memory is mainly used for an MMC card or compact flash memory.
[80] Such flash memory has characteristics that power consumption is low, and stored information is retained without being lost even when power is turned off. Further, flash memory is non- volatile memory to which power is continuously supplied, and is not only capable of retaining the stored information in an unchanged state even when power is shut off, unlike Dynamic Random Access Memory (DRAM), but also is capable of freely inputting or outputting information. Accordingly, flash memory is widely used in digital Televisions (TV), digital camcorders, mobile phones, digital cameras, Personal Digital Assistants (PDA), game playing devices, MP3 players, etc.
[81] However, recently, with the realization of ultra high speed Internet infrastructures, the improvement of the performance of PCs, and the large-capacity of storage units, a great number of illegally duplicated audio and video sources, and digital content, such as educational content, are exposed to typical users without being appropriately paid for, and are then illegally shared and used therebetween. Due thereto, an idea that digital content is provided for free has become fixedly lodged in the mind of typical users, thus resulting in the withering of markets for recorded musical, video, and educational media.
[82] Although the problem of the protection of digital content rights has arisen due to the spreading of the illegal use, it is almost impossible in actual situations to inhibit users who have experienced the use of free content and know the methods for using content for free from spreading and using illegally duplicated digital content, and to induce them to pay costs suitable for the rights to the content and to use the content.
[83] According to the present invention, since bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of a memory device, such as the flash memory provided in the smart card (for example, NAND flash memory or the like) are used as an encryption key, the rights of digital content stored in the flash memory can be protected, and thus the above problem of the content rights can be solved.
[84] Here, the physical characteristics of the flash memory may be the bad blocks, bad pages or bad bits. In the present invention, it is apparent that the encryption table can be generated by using the location and number of bad pages or bad bits, as well as the bad blocks, as unique factors.
[85] In the embodiment of the present invention, for convenience of description, a specified file system suitable for a read only storage medium, rather than a public file system such as a File Allocation Table (FAT) 16 or FAT32, is described by way of example together with the fundamental structure of NAND flash memory. However, it should be noted that the present invention is not limited to this example.
[86] The construction of the file system, as described later, is also characterized in that digital content is encrypted using a bad pattern DRM table (DRM encryption table) at the time of recording the digital content. That is, in the structure of the file system, the entire area, excepting a minimum region required to detect the bad pattern DRM table (DRM encryption table), is encrypted through relevant Digital Rights Management (DRM), and thus typical access to the area is blocked.
[87] Generally, the physical block number '0' of the flash memory (hereinafter referred to as a 'zero block') is used by the manufacturing company thereof to guarantee that the block is not a bad block. Therefore, in the zero block, format-related information of a storage medium, a medium ID (card ID), etc. are stored.
[88] Hereinafter, a block in which bad bits are present according to bad bit information is described by way of example.
[89] However, it should be noted that the present invention can also be equally applied to a page (that is, a bad page) in which bad bits are present according to bad bit information. Therefore, in the case of bad blocks, a bad block DRM table may be used as a DRM encryption table, and in the case of bad pages, a bad page DRM table may be used as a DRM encryption table. The bad block DRM table and the bad page DRM table may be collectively called a 'bad pattern DRM table (DRM encryption table)'.
[90] With reference to FIG. 5, the construction of the zero block of flash memory is described. In a Master Boot Recorder (MBR) corresponding to 'page number 0 of the zero block', information about the construction of the flash memory and the file system is recorded.
[91] Further, in 'page numbers 1 to 5 of the zero block', bad block marking information is recorded. In particular, in 'page number 9 of the zero block', a card ID corresponding to a medium ID is stored. Such a card ID is composed of pieces of specific information (for example, card version, a DRM table select code, an area code, a manufacturing company code, a copyright holder ID [writer ID], and card serial number information) of a digital content storage medium (memory card) implemented as flash memory, as shown in FIG. 6.
[92] In particular, in the DRM table select code field of FIG. 6 in the card ID (page number 9 of zero block), information about the code of an area (area code), in which bad patterns (bad blocks, bad pages, bad bits, etc.) desired to be used for a DRM encryption table (bad block DRM table) are present (that is, an area having more than a threshold number of bad blocks or an area having a maximum number of bad blocks), is recorded when DRM using bad patterns (bad blocks, bad pages, bad bits, etc.) which are the physical characteristics of the flash memory is implemented.
[93] At this time, the bad pattern extraction area of the flash memory may be either an entire block area of the flash memory or only a specific area. Further, the DRM encryption table (bad block DRM table) using the extracted bad patterns may be configured to have various sizes, such as 128 bytes, 256 bytes, or 512 bytes.
[94] However, for convenience of description, in the present embodiment, an example will be described on the assumption that the DRM encryption table has a size of 256 bytes and the bad pattern extraction area required for the configuration of the DRM encryption table is a specific area of the flash memory, rather than the entire area. However, it should be noted that the present invention is not limited to this example.
[95] In the above description, the term 'specific area' means that, for example, all the blocks of the flash memory can be divided by 2048 blocks and can be processed thereby. That is, as shown in FIG. 7, the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table) is determined in such a way that respective areas are set based on multiples of 2048 blocks in all the blocks of the flash memory, and an area meeting a specific criterion, among the areas, is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
[96] Here, the term 'specific criterion' means a criterion required to determine whether a relevant area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, when an area including more than a threshold number of (for example, 128) bad blocks is present, the relevant area is determined to be the bad pattern extraction area. However, when an area including more than 128 bad blocks is not present, an area including a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
[97] The bad pattern extraction area is determined on the basis of a bad block table generated while a memory card is formatted at the time of manufacturing a digital content storage medium (memory card). The area code of the relevant area determined at that time is recorded in the DRM table select code field of the card ID of FIG. 6.
[98] FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention. The flowchart shows a procedure for examining an area corresponding to the area code recorded in the DRM table select code field of the card ID, and configuring a bad block DRM table (DRM encryption table).
[99] As described above, the procedure for configuring the bad block DRM table (DRM encryption table) is described below. In all the blocks of the flash memory, respective areas are set based on multiples of the number of blocks (for example, based on multiples of 2048 blocks). Among the areas, a bad pattern extraction area meeting a specific criterion (for example, an area having more than a threshold number of [for example, 128] bad blocks, or an area having a maximum number of bad blocks), is determined on the basis of the bad block table. The code value of the relevant area (area code) is recorded in the DRM table select code field of the card ID.
[100] Thereafter, the area corresponding to the determined bad pattern extraction area (that is, the area corresponding to the area code) is examined at step 401, so that the bad block DRM table (DRM encryption table) can be configured, as shown in FIG. 9 or 11, at steps 402 to 406. Here, FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table), generated on the basis of the bad block table of area 1 (block 0 ~ block 2047) having more than 128 bad blocks, and FIG. 11 illustrates a 256-byte bad block DRM table (DRM encryption table), generated by attaching padding data to the bad block table (refer to FIG. 10) of area 2 (block 2048 ~ block 4095), having 128 or less bad blocks.
[101] This is described in detail. When an examination target area (area corresponding to the area code) has more than 128 sufficient bad blocks so as to configure a 256-byte bad block DRM table (DRM encryption table) at step 402, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is generated on the basis of the bad block table of an area having more than 128 (256 byte) bad blocks (for example, area 1 having blocks 0 to 2047) at step 403.
[102] FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table) generated on the basis of the bad block table corresponding to area 1 (block 0 ~ block 2047) having more than 128 bad blocks. That is, more than 128 real bad blocks are present in the area 1, so that the 256-byte bad block DRM table (DRM encryption table) is configured using only the addresses of the bad blocks. In this case, the padding operation of FIG. 11 is not required.
[103] Meanwhile, when a relevant area (examination target area, that is, the area corresponding to the area code) does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 402, a padding operation is performed using an appropriate method, as described later, at steps 404 and 405, thus configuring the 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] at step 406. In this case, the bad block DRM table (DRM encryption table) is composed of 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data.
[104] Here, as a padding method, various methods may exist, but, in the present embodiment, the bad block DRM table (DRM encryption table) is configured using the card serial number field (16 byte) of the card ID. For example, the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values obtained by sequentially performing an XOR operation on existing real bad block table values and a card serial number value.
[105] That is, in the bad block table of area 2 having 128 or less bad blocks of FIG. 10, an XOR operation is sequentially performed on the real bad block table values and the card serial number value, so that a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated by attaching padding data (that is, values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) to the bad block table (that is, the bad block table having 18 [36 byte] real bad block addresses in FIG. 10) of area 2 (block 2048 to block 4095) having 128 or less bad blocks. In this case, the bad block DRM table (DRM encryption table) is composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...).
[106] FIG. 10 illustrates a bad block table generated on the basis of 128 or less bad blocks (for example, 18 [36 bytes] real bad blocks) in area 2 (block 2048 ~ block 4095). That is, when only 18 bad blocks (36 byte) from 0x0812 to OxOCFE are present in area 2, the bad block table corresponding thereto is exemplified.
[107] In order to generate a 256-byte bad block DRM table (DRM encryption table) on the basis of the bad block table composed of 18 (36 byte) real bad block addresses of FIG. 10, a padding operation must be performed. If the card serial number is assumed to be "0x01020304050607080900010203040506", padding values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value are given as '0x09', 'OxIO', 1OxOB', '0x17', ....
[108] Therefore, the padding data (values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) is attached to the bad block table (refer to FIG. 10) composed of 18 (36 byte) real bad block addresses, and thus the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11.
[109] The bad block DRM table (DRM encryption table) formed using the above-described method is a unique factor that is determined according to the physical characteristic, which a given storage medium (memory card implemented as a memory device) can have, and that is unique in all probability.
[110] FIG. 12 is a flowchart showing an example of a method of recording digital content in the flash memory according to an embodiment of the present invention. [111] First, the flash memory (for example, NAND flash memory) is formatted to a low level at step 801, so that bit-based bad pages (pages including bad bits) or bit-based bad blocks (blocks including bad bits) are examined by writing 0xAA55, and the pages or blocks including bad bits are marked as bad pages or bad blocks at step 802. That is, blocks having bad bits according to bad bit information detected at the time of initialization (formatting) are marked as bad blocks, and pages having bad bits according to bad bits detected at the time of initialization are marked as bad pages.
[112] Thereafter, the bad blocks are recorded in a bad block table at step 803. At this time, the bad block table may be provided for each of areas into which all the blocks of the flash memory are divided by 2048 blocks.
[113] Next, after the flash memory has been formatted to a low level, an area satisfying a specific condition (criterion) is determined with reference to the recorded bad block table, and then the area code value of the relevant area is recorded in the DRM table select code field of the Card ID (page number 9 of the zero block) at step 804. For example, all the blocks of the flash memory are divided by 2048 blocks, and then respective areas are set. Among the areas, an area satisfying the specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table), and thereafter the area code of the determined area is recorded in the DRM table select code field of the card ID.
[114] Here, the term 'specific condition (criterion)' means a criterion required to determine whether a given area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, an area having more than a threshold number of bad blocks, or an area having a maximum number of (for example, 128) bad blocks may be determined to be a bad pattern extraction area. At this time, the determination of the bad pattern extraction area may be performed to assign priority for the determination of an area in such a way that whether an area having more than a threshold number of (for example, 128) bad blocks is present is determined, and an area having a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is determined to be the bad pattern extraction area if it is determined that the area is not present.
[115] The area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6 at step 804.
[116] Thereafter, if the examination target area (area corresponding to the area code) has more than 128 bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 805, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9], composed of 128 real bad block addresses, is generated on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks at step 806. This means that, since more than 128 (256 byte) real bad blocks are present in, for example, area 1 (block 0 ~ block 2047), the 256-byte bad block DRM table (DRM encryption table) can be configured using only the addresses of the real bad blocks.
[117] Meanwhile, when the relevant area (examination target area [area corresponding to the area code]) does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 805, a padding operation is performed, so that the 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated at step 807. That is, the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11, using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
[118] For example, in the bad block table of area 2 having 128 or less bad blocks of FIG. 10, an XOR operation is sequentially performed on the real bad block table values and the card serial number value, thus generating a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11], in which padding data (values generated by sequentially performing an XOR operation on the bad block table values and the card serial number value [for example, '0x01020304050607080900010203040506']) is attached to the bad block table of area 2 (block 2048 ~ block 4095) (that is, in FIG. 10, a bad block table having 18 (36 byte) real bad block addresses]). As a result, the bad block DRM table (DRM encryption table) composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17,...) is configured.
[119] Next, after the bad block table, extracted and recorded in the zero block, is deleted while the flash memory is formatted to a low level at step 808, digital content is recorded in the NAND flash memory by using the generated bad block DRM table (DRM encryption table) as an encryption key at step 809.
[120] It is apparent that the term 'flash memory' described in the present invention may mean the flash memory COB itself shown in FIG. 2.
[121] FIG. 13 is a flowchart showing an example of an authentication process for digital content play according to an embodiment of the present invention.
[122] That is, according to the present invention, digital content may be played by merely reading data from flash memory provided in the smart card using a reader.
[123] First, when the reader connected to the flash memory is inserted into or connected to a digital content provision apparatus (a media player, a computer, etc.) at step 901, the digital content provision apparatus (a media player, a computer, etc.) reads the information of the card ID (page number 9 of zero block), and starts an authentication process at step 902. At this time, in the DRM table select code field of the card ID, information about the code of an area (area having more than a threshold number of bad blocks, or an area having a maximum number of bad blocks), in which bad patterns (bad blocks, bad pages, bad bits, etc.) desired to be used for a DRM decryption table (bad block DRM table) are present, is recorded, and thus the information of the card ID is determined at the time of playing media.
[124] Therefore, an area corresponding to the DRM table select code of the card ID is exa mined at step 903, so that the bad block DRM table (DRM decryption table) is configured at step 904.
[125] For example, when the area corresponding to an area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks.
[126] However, when the area corresponding to the area code recorded in the DRM table select code field does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM decryption table), a padding operation is performed, and thus a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 11] is configured. That is, through the use of padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value, the 256-byte bad block DRM table (DRM decryption table) of FIG. 11 is configured.
[127] Thereafter, in the bad block DRM table (DRM decryption table) configured in this way, whether blocks corresponding to the real bad block table values, rather than the padding values, are real bad blocks is determined at step 905. For example, whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), is determined.
[128] A procedure for determining whether blocks are real bad blocks is described below. For example, about 10 bad blocks are randomly selected from the real bad block table, and whether the selected bad blocks are real bad blocks is examined at step 906. At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block, and thus whether the bad blocks are real bad blocks is determined at step 907.
[129] If it is determined at step 907 that bad blocks are real bad blocks, a predetermined number of (about 10) real bad blocks are additionally examined using the same method at step 906. Similarly, for the additionally selected bad blocks, a procedure for disabling a WP pin and writing 0xAA55 and 0x55AA in the corresponding page of each real bad block is performed at step 907.
[130] In this way, when the additionally performed examination on the real bad blocks has succeeded (that is, when the authentication of the use of media has succeeded), the use of digital content media (play or read) is permitted at step 908.
[131] Therefore, when the authentication of the use of media has succeeded, digital content data is provided to the user while being decrypted using the bad block DRM table (DRM decryption table) at step 909.
[132] However, when the authentication of the use of media has failed, notification of the failure of authentication is provided to the user, thus requesting the user to check the flash memory at step 910.
[133] In the above procedure for determining whether bad blocks are real bad blocks, several conditions may be given in relation to the determination of which is the number of real bad blocks that are examination targets, the determination of whether encryption and decryption are to be applied to the entire digital content in the encryption and decryption of digital content by using the generated bad block DRM table (DRM encryption/decryption table), or the determination of whether encryption and decryption are to be applied only to a specific area. However, in the present embodiment, the case where application is performed on the basis of values corresponding to the lower 4 bits of the last bad block address of the real bad block table is described by way of example.
[134] For example, when the bad block table is given as shown in FIG. 10 (that is, the bad block table of FIG. 10 is a bad block table having 18 (36 byte) real bad block addresses), the last bad block address is 'OxFE', and the lower 4 bits thereof are 'OxOE (= a decimal number of 14)', and thus the above conditions are determined on the basis of the 'decimal number of 14'.
[135] That is, the determination of real bad blocks is performed by examining bad blocks corresponding to a multiple of 14. If the number of bad blocks which are examination targets does not exceed 5, bad blocks from a first bad block are additionally included in the sequential examination targets, and thus the total number of examination target bad blocks is maintained at at least 5.
[136] Similar to this, a description will be made on the basis of the above conditions. The encryption of digital content data is also performed on blocks having block addresses corresponding to a multiple of 14. Decryption thereof is also performed on the basis of the same criterion and condition as those of encryption.
[137] The above-described method of the present invention can be applied to various fields in consideration of the entire performance and other conditions of the system to which DRM is applied. For example, the method can be applied to an asymmetric encryption system.
[138] An example of the application is described below. As described above, a bad pattern DRM table (DRM encryption table) is generated using bad patterns. A seed key is generated using a Hash function that uses the bad pattern DRM table (DRM encryption table) as a transform parameter. From the seed key, a public key and a private key are generated through a Public Key Infrastructure (PKI) algorithm (Rivest-Shamir-Adleman [RSA], Elliptic Curve Cryptography [ECC], etc.), and they can be applied to PKI solutions that have been used in various existing fields. This shows that the bad patterns of each of digital content storage media are factors causing the generation of a private key, and the content of the private key does not need to be logically recorded using any method, thus further strengthening the security of an asymmetric encryption system using the above example.
[139] That is, a client may download content data, encrypted by a server using the public key, and may decrypt the encrypted content data using the private key extracted from the digital content data.
[140] As described above, when the physical characteristics (bad blocks, bad pages, bad bits, etc.) of the flash memory in which respective pieces of digital content are recorded, are used as an encryption key, respective digital content storage media have different bad block DRM tables (DRM encryption tables). Because of this, a disadvantage in that existing DRM using a specific physical algorithm or an encryption table loses its value as DRM, as the specific algorithm or the encryption table of the existing DRM is open to the public, can be overcome.
[141] Even if a memory device constituting a digital content storage medium (for example, NAND flash memory) is digitally duplicated using any of the methods used for the purpose of illegal duplication, or even if a digital content storage medium identical to the original is duplicated using a memory dump method in a physical manner, the duplicated digital content storage medium is not effective. The reason for this is that, even if a digital content storage medium physically identical to the original is duplicated, the bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of a memory device (for example, NAND flash memory) constituting the storage medium are not duplicated.
[142] That is, although even marking of bad blocks or bad pages is duplicated in the spare area of flash memory block, such marking cannot physically correlate to real bad blocks or bad pages. As a result, a duplicated digital content storage medium (even bad patterns are not duplicated) fails in authentication in the real bad block examination procedure of a digital content media authentication process when the storage medium is used (played). Accordingly, the duplicated digital content storage medium is then determined to be an ineffective storage medium.
[143] For that reason, the present invention can sufficiently protect the digital content of a copyright holder, unlike existing storage media, such as a CD or a DVD, having contradiction indicating that the existing storage media become media capable of providing profit to the copyright holder of digital content, and, simultaneously, they become media through which the copyright holder's digital content is infinitely duplicated because they are infinitely exposed to illegal duplication by typical users.
[144] Meanwhile, other examples of methods of preventing the copying and illegal duplication of the entirety of the flash memory may include an encryption/decryption method using different bad areas (blocks, pages, sub-pages, or locations) for respective flash memory devices.
[145] For example, an area in which the addresses of bad areas of memory used (blocks, pages, sub-pages, or locations) are recorded, is set in a header data area in which the characteristics of a memory card (digital content storage medium) are recorded, rather than a data storage space, and the set area is recorded. The addresses of the bad areas are combined with each other to extract encryption feature values (for example, encryption feature values based on a bad block DRM table [DRM encryption table]). Thereafter, original content data is encrypted using such encryption feature values, and thus the encrypted content data is recorded in the normal areas of the memory and not in the bad areas of the memory.
[146] Thereafter, when such a memory card is inserted, a play apparatus reads the add resses of the bad areas from the header data area, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used for the encryption of content data by combining the addresses of the bad areas with each other, and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas. At this time, the encryption feature values are calculated through a combination of unique values, such as the addresses of different bad areas for respective memory devices used, so that perfect duplication is physically impossible unless the bad areas of the memory used for duplication and bad areas of the original memory are entirely identical to each other.
[147] As another example, bad areas (blocks, pages, sub-pages or locations) of memory used are marked on defined locations of spare areas corresponding thereto as bad areas, and encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) are extracted by combining the addresses of the bad areas. Thereafter, original content data is encrypted using the encryption feature values, and the encrypted content data is recorded in the normal areas of the memory and not in the bad areas of the memory.
[148] Thereafter, when such a memory card is inserted, the play apparatus reads the addresses of bad areas by examining the memory, calculates encryption feature values used for the encryption of content data by combining the addresses of the bad areas (for example, encryption feature values based on the bad block DRM table [DRM encryption table]), and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas. At this time, since the encryption feature values are calculated by combining unique values, such as the addresses of different bad areas for respective memory devices, perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are entirely identical to each other.
[149] As a further example, the bad areas (blocks, pages, sub-pages, and locations) of memory used are marked at defined locations of spare areas corresponding thereto as bad areas, and encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) are extracted using specific values (for example, a serial number, etc.) recorded in the memory. Thereafter, original content data is encrypted using the encryption feature values, and encrypted content data is recorded in normal areas of the memory and not in the bad areas of the memory.
[150] Thereafter, when such a memory card is inserted, the play apparatus reads the specific values recorded in the memory, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used as specific values, and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas. At this time, the encryption feature values are calculated through a combination of specific values recorded in the memory used, so that perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are completely identical to each other.
[151] In the above description, in order to prevent duplication from being performed in such a way that the bad areas of a memory card, intellectual property rights of which are guaranteed, are read, the normal areas of the memory card desired to be duplicated are equally marked as bad areas, and identical encryption feature values are generated so as to duplicate the memory card, the play apparatus determines whether bad areas are physically formed or are merely marked for duplication through a procedure of writing/reading data in/from the bad areas when the memory card is inserted. If it is determined that the bad areas are merely marked, the play apparatus classifies the memory card as an 'illegally duplicated memory card', and does not play recorded digital content data. As described above, the present invention determines the authenticity of bad areas, thus identifying an illegally duplicated memory card.
[152] FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention. For convenience of description, a description will be made on the basis of the operation of the apparatus for generating a bad block DRM table (DRM encryption table). [153] A bad pattern detection unit 101 sets areas based on multiples of the number of blocks (/bad pages) (for example, based on multiples of 2048 blocks) in all the blocks of the flash memory, and detects bad blocks (/bad pages) in each of the areas.
[154] A real bad pattern examination unit 102 determines a bad pattern extraction area meeting a specific criterion (for example, an area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), and records the code value (area code) of the relevant area in the DRM table select code field of the card ID. At this time, the area code value, recorded in the DRM table select code field of the card ID, is the area code of the bad pattern extraction area meeting the specific condition among the areas obtained by dividing all the blocks of the flash memory by 2048 blocks. The specific condition is, for example, a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table). According to such a specific condition, an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages), can be determined to be the bad pattern extraction area.
[155] A bad pattern table configuration unit 103 records the addresses of bad blocks (/bad pages) of the area corresponding to the area code, recorded in the DRM table select code field of the card ID, in the bad block (/bad page) table.
[156] A bad pattern DRM table calculation unit 104 examines the area corresponding to the area code recorded in the DRM table select code field of the card ID. That is, whether the area corresponding to the area code has bad blocks (/bad pages) sufficient to configure a bad block (/bad page) DRM table (DRM encryption table) is examined.
[157] A bad pattern DRM table generation unit 105 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID.
[158] For example, when the area corresponding to the area code has more than 128 bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ~ block 2047) having more than 128 (256 byte) bad blocks.
[159] Further, when the area corresponding to the area code does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated by performing a padding operation. For example, the bad block DRM table (DRM encryption table) of FIG. 11 is configured using 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data. At this time, as an example of a padding method, a 256-byte bad block DRM table (DRM encryption table) can be configured, as shown in FIG. 11, using padding values, generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
[160] FIG. 15 is a diagram showing an example of the construction of a digital content recording apparatus according to an embodiment of the present invention.
[161] A bad pattern examination and marking unit 111 formats the flash memory (for example, NAND flash memory) of a storage medium (memory card implemented using a memory device) to a low level, examines bit-based bad pages (pages having bad bits) or bit-based bad blocks (blocks having bad bits) by writing 0xAA55, and marks pages or blocks having bad bits as bad pages or bad blocks.
[162] A bad pattern area selection unit 112 formats the flash memory to a low level, and determines an area meeting a specific condition (criterion) with reference to a recorded bad block (/bad page) table. A media information recording unit 113 records the area code of the area in the DRM table select code field of the card ID (page number 9 of zero block).
[163] For example, all the blocks of the flash memory are divided by 2048 blocks, and thus respective areas are set. Among the areas, an area meeting a specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of a bad block (/bad page) DRM table (DRM encryption table). Thereafter, the area code of the determined area is recorded in the DRM table select code field of the card ID. The term 'specific condition (criterion)' means a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table). For example, an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages) can be determined to be a bad pattern extraction area. The determination of the bad pattern extraction area may be performed by determining whether an area having more than a threshold number of (for example, 128) bad blocks (/bad pages) is present, and by determining an area, having a maximum number of bad blocks (/bad pages) among the plurality of areas (areas set based on multiples of 2048 blocks), to be the bad pattern extraction area if it is determined that the relevant area is not present. In this way, the area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6.
[164] A bad pattern DRM table generation unit 114 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID. For example, when the area corresponding to the area code has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ~ block 2047) having more than 128 (256 bytes) bad blocks. When the area corresponding to the area code does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation.
[165] A content encryption recording unit 115 records digital content in the memory device (for example, NAND flash memory) by utilizing the bad pattern DRM table (DRM encryption table), generated by the bad pattern DRM table generation unit 114, as an encryption key.
[166] FIG. 16 is a diagram showing an example of the construction of a digital content play apparatus according to an embodiment of the present invention.
[167] When a memory device (for example, NAND flash memory) is inserted into or connected to a digital content provision apparatus (media player) through the reader, a media information collection unit 121 reads information about a card ID (page number 9 of zero block). In this case, in the DRM table select code field of the card ID, the area code information of the area having bad patterns (bad blocks, bad pages, bad bits, etc.) (area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), desired to be used for a bad pattern DRM table (DRM decryption table) is recorded, and thus information of the card ID is collected at the time of playing media.
[168] A bad pattern DRM table generation unit 122 configures a bad block (/bad page) DRM table (DRM decryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code field of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks. When the area corresponding to the area code recorded in the DRM table select code field does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM decryption table), the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) by performing a padding operation (refer to FIG. 11). That is, the 256-byte bad block DRM table (DRM decryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
[169] A media authentication unit 123 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block(/bad page) DRM table (DRM decryption table) generated by the bad pattern DRM table generation unit 122, are real bad blocks (/bad pages). For example, the media authentication unit 123 determines whether blocks having real bad block addresses in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), are real bad blocks.
[170] In this case, in order to determine whether blocks are real bad blocks (/bad pages), about 10 bad blocks (/bad pages) are randomly selected from the real bad block (/bad page) table, and whether the selected bad blocks are real bad blocks (/bad pages) is examined.
[171] At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined. At this time, if it is determined that the blocks are real bad blocks (/bad pages), a suitable number of real bad blocks (/bad pages) are additionally examined using the same method. Even on the additionally selected bad blocks (/bad pages), a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the additionally selected blocks are real bad blocks (/bad pages) is determined.
[172] A content decryption and play unit 124 permits the use of digital content media (play or read) on the basis of the results of the authentication performed by the media authentication unit 123. That is, when the authentication of the use of media has succeeded, the content decryption and play unit 124 transmits digital content data to a user while decrypting the digital content data using the generated bad block (/bad page) DRM table (DRM decryption table). Further, when the authentication of the use of the media has failed, the content decryption and play unit 124 notifies the user of the failure of the authentication, thus requesting the user to check the digital content storage medium.
[173] FIG. 17 is a diagram showing an example of the construction of a key generation apparatus for an asymmetric encryption system to which the present invention is applied.
[174] A bad pattern detection unit 131 sets areas based on multiples of the number of blocks (/pages) (for example, based on multiples of 2048 blocks) in all the blocks (/bad pages) of the flash memory, and detects bad blocks (/bad pages) from each of the areas. [175] A bad pattern DRM table generation unit 132 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks. When the area corresponding to the area code recorded in the DRM table select code field does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation. That is, the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
[176] A media authentication unit 133 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block (/bad page) DRM table (DRM encryption table) generated by the bad pattern DRM table generation unit 132, are real bad blocks (/bad pages). For example, the media authentication unit 133 determines whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM encryption table) of FIG. 11 composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...).
[177] Here, in order to determine whether the blocks are real bad blocks (/bad pages), for example, about 10 bad blocks (/bad pages) are randomly selected from the real bad block (/bad page) table, and whether the selected bad blocks are real bad blocks (/bad pages) is examined.
[178] At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined. At this time, if it is determined that the blocks are real bad blocks (/bad pages), a suitable number (for example, about 10) of real bad blocks (/bad pages) are additionally examined using the same method. Even on the additionally selected bad blocks (/bad pages), a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the additionally selected blocks are real bad blocks (/bad pages) is determined.
[179] A seed key generation unit 134 generates a seed key through a Hash function which uses a bad pattern DRM table (DRM encryption table) as a transform factor. [180] An asymmetric encryption key generation unit 135 generates a public key and a private key through a PKI algorithm (RSA, ECC, etc.) using the seed key generated by the seed key generation unit 134.
[181] The public key may be used to encrypt digital content data, and the private key may be used to decrypt digital content data.
[182] The above-described method of the present invention may be implemented in the form of a program and may be stored in recording media (Compact Disc (CD)-Read Only Memory (ROM), Random Access Memory (RAM), ROM, a floppy disc, a hard disc, a magneto-optical disc, etc.) in a computer-readable form. Such a process may be implemented by those skilled in the art of the present invention, and thus a detailed description thereof is omitted.
[183] Although the present invention has been described according to limited embodiments and drawings, those skilled in the art will appreciate that various changes and modifications are possible, without departing from the technical spirit of the invention and the accompanying claims and equivalent ranges thereof.

Claims

Claims
[1] A credit card, wherein a smart card Chip On Board (COB) (IC card COB) for functioning as a credit card or a transportation card and a flash memory COB for storing digital information are separated and mounted in a single card.
[2] A credit card, wherein a smart card COB (IC card COB) for functioning as a credit card or a transportation card and a flash memory wafer for storing digital information are combined with each other and are mounted in a single card.
[3] The credit card according to claim 1, wherein: the smart card COB has therein a predetermined IC chip and eight contact points based on ISO 7816 standards; and the flash memory COB is electrically isolated from the smart card COB, and is provided with a plurality of input/output terminals.
[4] The credit card according to claim 1 or 2, wherein the credit card is configured such that based on the ISO 7816 standards, the credit card has a size of 85.5mm x 54mm, has a region in which a card number, a period of expiration and a name are embossed in an area ranging from a bottom of the credit card to a position 24mm above the bottom, and has an allowable region of 3 -track magnetic encoding in an area ranging from a top to a position 15.3 mm below the top, so that the smart card COB is located 9 mm far way from a left end in a space between the embossed region and the allowable encoding region, and the flash memory COB is located in a right space of the smart card COB in the space between the embossed region and the allowable encoding region.
[5] The credit card according to claim 2, wherein a wafer for the smart card and the flash memory wafer are implemented in a single wafer, and thus the smart card COB is configured.
[6] The credit card according to claim 2, wherein a wafer for the smart card and the flash memory wafer are implemented as two independent wafers, and thus the two wafers are placed on a COB to configure a package.
[7] The credit card according to claim 1 or 2, wherein: an area of the flash memory is divided into a bank area and a user area and they are separately provided, the bank area is a space in which a certificate, a One-Time Password generation program, and an electronic bankbook are stored, and which is not accessible by a user, and the use area is implemented using folders for music, movie, pictures, documents and an address book and other folders, and is allowed to be deleted, added and edited through a dedicated reader or a computer.
[8] The credit card according to claim 7, wherein the flash memory area of the credit card includes therein a certificate for financial transactions, thus enabling Internet banking and electronic commerce to be performed.
[9] The credit card according to claim 7, wherein the credit card includes therein an
OPT generation program, thus enabling a password required for Internet banking to be read through a reader for executing the OTP generation program.
[10] The credit card according to claim 7, wherein the credit card stores details data of account transactions and details data of use of the credit card in a form of an electronic bankbook, so that a user accesses an Internet site of a desired bank through a computer or an Automated Teller Machine (ATM), thus enabling existing details data to be updated with latest details data at a request of the user or automatically.
[11] The credit card according to claim 7, wherein information of the user area is automatically backed up by forming folders in a computer at a time of connecting to the computer.
[12] The credit card according to claim 1 or 2, wherein connection of the flash memory COB is performed by selectively applying one of a NAND flash memory interface, a Universal Serial Bus (USB), Secure Digital (SD), a Multimedia Card (MMC), micro SD, and a T-flash method.
[13] The credit card according to claim 1 or 2, wherein the flash memory COB is provided in such a way that an Ultra thin Land Grid Array (ULGA) among semiconductor packages is provided within a thickness of 0.6 mm and is provided in a form of a Chip Scale Package (CSP) board, so that a pad surface of the board is formed to be able to come into contact with a connector of the reader through enablement of a specific design and is then provided.
[14] A reader for a credit card, comprising: a socket including a plurality of connection terminals for enabling only a flash memory COB to be connected thereto or both a smart card COB (IC card COB) and a flash memory COB to be simultaneously connected thereto, wherein the reader is configured to read respective pieces of information from both the smart card COB and the flash memory COB.
[15] The reader according to claim 14, wherein the reader generates an encryption table that uses a location and number of bad blocks, which are physical characteristics of the flash memory, as unique factors, encrypts information requiring protection using the encryption table, and decrypts the encrypted information.
[16] The reader according to claim 14, wherein an operation of recording and reading information using the reader is performed depending on whether relevant information is information requiring protection, and the reader is operated such that, when the relevant information does not require protection, the reader uses the flash memory as a typical large-capacity storage unit by connecting the flash memory to a personal computer through a Universal Serial Bus (USB), thus enabling information to be recorded in or read from the flash memory through a general-purpose search program.
[17] The reader according to claim 14, wherein an operation of writing and reading information using the reader is performed depending on whether the relevant information is information requiring protection, and the reader records or reads the relevant information using a dedicated application program when relevant information requiring protection is intended to be recorded.
[18] The reader according to claim 17, wherein the application program of the reader reads unique information of the credit card from the smart card COB (IC card COB) of the credit card.
[19] The reader according to claim 17, wherein the application program of the reader reads unique information of the credit card from the smart card COB (IC card COB) of the credit card, the application program accesses a service server, capable of determining whether an incident has occurred, using the read unique information in a wired/ wireless manner, and determines information about occurrence of an incident, when the credit card is a card for which an incident has not been reported, relevant information is transmitted to the reader, and the reader encrypts the relevant information using an encryption table, generated using characteristics of bad blocks of the flash memory mounted in the credit card, and records the encrypted information.
[20] The reader according to claim 17, wherein: the application program of the reader accesses in a wired/wireless manner a server capable of determining whether an incident has occurred and determines information about occurrence of an incident through the server at a time of reading protected information from the flash memory, similar to a case where information requiring protection is recorded, and when the credit card is a card for which an incident has not been reported, the reader receives a read permission command for the relevant information, generates a decryption table, decrypts encrypted information, and transmits the decrypted information to a personal computer.
[21] The reader according to claim 19 or 20, wherein the application program of the reader is configured such that, at a time of inquiring about a card for which an incident was reported, stored encrypted information cannot be read, such that, after a situation of the incident has been terminated, the information can be read again, and such that the relevant information is completely deleted or an Internet access address is immediately automatically reported according to a type of incident report.
[22] An electronic commerce service method, wherein: the reader according to any one of claims 14 to 21 accesses Internet through a computer or through separate wireless communication means or mobile communication means, so that purchase is performed on a basis of electronic commerce information, such as product purchase information displayed on a screen of the reader, and payment is performed by selecting one from among unique information, a certificate and a One-Time-Password (OTP) generator of the credit card which is as set forth in any one of claims 1 to 13 and is inserted into the reader.
[23] An electronic commerce method, wherein: when payment is performed using a credit card, the reader according to any one of claims 14 to 21 accesses Internet through a computer or through separate wireless communication means or mobile communication means, the reader receives information about a store and an amount of money used through separate input means, and transmits approval information to a payment device of the store through the wireless or mobile communication means, and the credit card according to any one of claims 1 to 13 is inserted into in the reader, and thus the reader selects one from among unique information, a certificate and an OTP generator of the credit card, and authenticates the selected one.
[24] A location-based customer service provision method, wherein: the reader according to any one of claims 14 to 21 is provided with wireless communication means or mobile communication means, so that a location of a user is tracked through location tracking of the reader, thus providing information about shop facilities or convenience facilities around the location of the user to the user.
[25] A financial service method, wherein: when the reader according to any one of claims 14 or 21 accesses Internet through a computer or through separate wireless communication means or mobile communication means, and then Internet banking, stock exchange, or Internet electronic commerce is performed, the reader is configured such that, since the credit card according to any one of claims 1 to 13 is inserted into the reader, the reader reads unique information of a smart card COB of the credit card, authenticates the unique information, and thus enables Internet banking, stock exchange or Internet electronic commerce to be performed.
[26] An Automated Teller Machine (ATM), comprising: a socket including a plurality of connection terminals for enabling the credit card according to any one of claims 1 to 13 to be inserted into the socket and enabling a smart card COB (IC card COB) and a flash memory COB to be simultaneously connected to the socket.
[27] The ATM according to claim 26, wherein paid content is selected, purchased or downloaded through the ATM.
[28] The ATM according to claim 27, wherein, when the paid content is selected, purchased or downloaded through the ATM, payment is performed using the credit card, or service points of the credit card.
[29] A service method, wherein: when the credit card according to claim 7 is inserted into the ATM according to claim 26, or when the reader into which the credit card according to claim 7 is inserted is connected to the ATM in a wired/wireless manner, information of a bank area of flash memory of the credit card is connected to a website of a specific financial institution, and is thus automatically updated, and information of a user area of the flash memory of the credit card is automatically backed up in a storage space provided by the website of the financial institution.
PCT/KR2008/005989 2007-10-11 2008-10-10 Smart card with flash memory and memory reader of smart card and drm method using that WO2009048304A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020070102383A KR20090037022A (en) 2007-10-11 2007-10-11 Smart card with flash memory and memory reader of smart card and drm method using that
KR10-2007-0102383 2007-10-11

Publications (2)

Publication Number Publication Date
WO2009048304A2 true WO2009048304A2 (en) 2009-04-16
WO2009048304A3 WO2009048304A3 (en) 2009-07-16

Family

ID=40549761

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2008/005989 WO2009048304A2 (en) 2007-10-11 2008-10-10 Smart card with flash memory and memory reader of smart card and drm method using that

Country Status (2)

Country Link
KR (1) KR20090037022A (en)
WO (1) WO2009048304A2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109902035B (en) * 2019-02-03 2023-10-31 成都皮兆永存科技有限公司 composite memory

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040028104A (en) * 2002-09-28 2004-04-03 주식회사 케이티 Layout method of ic-chip-board in contact 2chip card
KR20060027544A (en) * 2004-09-23 2006-03-28 주식회사 비즈모델라인 Ic card with multi-point of contact
KR20060028354A (en) * 2004-09-25 2006-03-29 주식회사 비즈모델라인 Interface devices for usb(universal serial bus)
KR20070094108A (en) * 2006-03-16 2007-09-20 주식회사 케이티프리텔 Data security device and method and mobile terminal including the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040028104A (en) * 2002-09-28 2004-04-03 주식회사 케이티 Layout method of ic-chip-board in contact 2chip card
KR20060027544A (en) * 2004-09-23 2006-03-28 주식회사 비즈모델라인 Ic card with multi-point of contact
KR20060028354A (en) * 2004-09-25 2006-03-29 주식회사 비즈모델라인 Interface devices for usb(universal serial bus)
KR20070094108A (en) * 2006-03-16 2007-09-20 주식회사 케이티프리텔 Data security device and method and mobile terminal including the same

Also Published As

Publication number Publication date
KR20090037022A (en) 2009-04-15
WO2009048304A3 (en) 2009-07-16

Similar Documents

Publication Publication Date Title
US8458473B2 (en) Information processing apparatus, method for switching cipher and program
US7469837B2 (en) Storage device
US9436940B2 (en) Embedded secure element for authentication, storage and transaction within a mobile terminal
RU2591665C2 (en) Device and method of processing sensitive data
KR100676087B1 (en) Secure data storage apparatus with USB interface, and method thereof
US20050044377A1 (en) Method of authenticating user access to network stations
CN101578608B (en) Methods and apparatuses for accessing content based on a session ticket
JP2004199138A (en) Memory device and electronic equipment using the same
US20030228886A1 (en) Electronic value data communication method, communication system, IC card, portable terminal, and communication
CN101595488A (en) Be used for content is tied to the method and apparatus of independent storage arrangement
US20190005495A1 (en) Method for verifying transactions in chip cards
JPH10222425A (en) Device and method for accessing to security data stored in portable data carrier
US20040249993A1 (en) Method and apparatus for encrypting data to be secured and inputting/outputting the same
TW498284B (en) Card memory apparatus
US20120254630A1 (en) Method, host, storage, and machine-readable storage medium for protecting content
WO2009084881A2 (en) Card and input and output apparatus for the card
WO2009072849A2 (en) Card having flash memory and display, reader of reading the card, paying method using the reader and card, art card and dispaly using the art card
WO2009064131A2 (en) Smart card with flash memory and memory reader of smart card and drm method using the reader
WO2009048304A2 (en) Smart card with flash memory and memory reader of smart card and drm method using that
US20090285397A1 (en) Media processor and recording medium control method
WO2004081706A2 (en) Method and apparatus for controlling the provision of digital content
KR20080107970A (en) Smart card with flash memory and memory reader of smart card and drm method using that reader
CN101617318A (en) Be used for method and apparatus that content and licence are linked
KR19990083720A (en) Apparatus and Method for realtime encrypting and realtime decrypting data according to the level of user
TWM564763U (en) Improved security access module

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08836899

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC

122 Ep: pct application non-entry in european phase

Ref document number: 08836899

Country of ref document: EP

Kind code of ref document: A2