WO2009064131A2 - Smart card with flash memory and memory reader of smart card and drm method using the reader - Google Patents

Smart card with flash memory and memory reader of smart card and drm method using the reader Download PDF

Info

Publication number
WO2009064131A2
WO2009064131A2 PCT/KR2008/006722 KR2008006722W WO2009064131A2 WO 2009064131 A2 WO2009064131 A2 WO 2009064131A2 KR 2008006722 W KR2008006722 W KR 2008006722W WO 2009064131 A2 WO2009064131 A2 WO 2009064131A2
Authority
WO
WIPO (PCT)
Prior art keywords
bad
flash memory
smart card
reader
area
Prior art date
Application number
PCT/KR2008/006722
Other languages
French (fr)
Other versions
WO2009064131A3 (en
Inventor
One Hyoung Seo
Young Sun Cho
Jun Won Jang
Original Assignee
Slimdisc Corp.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020070116795A external-priority patent/KR20080107970A/en
Application filed by Slimdisc Corp. filed Critical Slimdisc Corp.
Publication of WO2009064131A2 publication Critical patent/WO2009064131A2/en
Publication of WO2009064131A3 publication Critical patent/WO2009064131A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/0723Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips the record carrier comprising an arrangement for non-contact communication, e.g. wireless communication circuits on transponder cards, non-contact smart cards or RFIDs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]

Definitions

  • the present invention relates, in general, to a smart card having flash memory, a reader for the smart card, and a Digital Rights Management (DRM) method using the reader, and, more particularly, to a smart card having flash memory, a reader capable of either recording digital information in flash memory included in the smart card, or reading recorded information from the flash memory, and a DRM method using an application program that is executed in a terminal functioning to record or read information while mutually exchanging information with the reader depending on the manipulation of a user.
  • DRM Digital Rights Management
  • the present invention relates to a method in which flash memory is provided in a typically used smart card, so that a smart card can function both as a single credit card and as a medium capable of storing digital information, and so that digital information stored in the flash memory is protected using the unique information of the smart card.
  • a smart card stores therein information about authentication, a credit card, a payment account, etc., thus being used as a transportation card, a credit card, etc.
  • a smart card may be used for banking operations such as account inquiry, account transfer, and bank withdrawals.
  • MP3 player has gradually been becoming diversified and increasing, and the storage capacity of portable devices has also increased to enable the storage of various types of content. For example, when a video capturing function is performed using a digital camera, a larger storage capacity is required to capture video, compared to the capturing of still images.
  • PMP Portable Multimedia Player
  • a structure in which a large-capacity storage space required for such an additional functionality is included in all portable devices may cause problems in that it not only becomes a cause of increasing the costs of devices, but also forces a user who does not need such an additional functionality to purchase the devices after paying unnecessary costs.
  • manufacturing companies which manufacture portable devices such as an MP3 player, a PMP, and a digital camera intend to fix the size of memory provided in each device to a predetermined size, to mount a separate memory card in the device, and to extend the size of the memory at the request of a user.
  • an object of the present invention is to provide a smart card having flash memory in which flash memory is included in an existing smart card and which is configured to provide storage space for digital information as well as the function of the smart card itself, to encrypt information to be protected using the unique authentication information of the smart card (for example, a card serial number), and to store the encrypted information, so that both a smart card function and a memory card function for information protection can be implemented together in a single card, and to provide a reader for the smart card and a digital rights management method using the reader.
  • the present invention provides a smart card having flash memory, comprising a smart card Chip On Board (COB) having a plurality of input/output terminals; and a flash memory COB having a plurality of input/output terminals.
  • COB Chip On Board
  • COB may be terminals connected to a reader for recording or reading information in or from the smart card COB or the flash memory COB.
  • the smart card COB and the flash memory COB may be provided to be electrically isolated from each other, or electrically connected to each other.
  • the flash memory COB may be divided into a security area and a normal area.
  • the recording or reading when recording or reading is performed on the security area of the flash memory COB of the smart card by the reader, the recording or reading may be performed after Digital Rights Management (DRM) authentication has been performed by an Application Specific Integrated Circuit (ASIC) of the reader.
  • DRM Digital Rights Management
  • ASIC Application Specific Integrated Circuit
  • the DRM authentication by the ASIC of the reader may be performed based on physical characteristics of flash memory constituting the flash memory COB of the smart card.
  • the physical characteristics may indicate information about unit area- based bad patterns of the flash memory.
  • the information about the bad patterns may be information about one of bad blocks, bad pages and bad bits.
  • the DRM authentication by the ASIC of the reader may be performed based on both the physical characteristics of the flash memory of the flash memory COB and unique authentication information stored in the smart card COB.
  • the present invention provides a reader for a smart card having flash memory, wherein the reader exchanges information with the smart card through connection terminals connected to respective terminals of the smart card COB and the flash memory COB in a wired or wireless manner, and records or reads information in or from the flash memory COB.
  • the reader may be connected to an external terminal in a wired or wireless manner, and may perform a record operation of recording digital content data stored in the terminal in the flash memory COB, or a read operation of reading digital content data recorded in the flash memory COB and transmitting the read digital content data to the terminal.
  • the reader may be operated in connection with an application program of the terminal, which performs control such that, in a case where a request for protection of the digital content data is received, the operation of recording and reading the digital content data is performed differently from that of a case where a request for protection of the digital content data is not received.
  • the application program of the terminal may access an external smart card server, and inquire whether an incident concerning the smart card has been reported when the request for protection of the digital content data is received, and may transmit the protection-requested digital content data to the reader when the smart card is a smart card for which an incident has not been reported, and the reader may perform Digital Rights Management (DRM) by generating an encryption table using bad patterns of flash memory constituting the flash memory COB, encrypting the protection-requested digital content data using the encryption table, and recording the encrypted digital content data in the flash memory COB when it is determined by the application program of the terminal that the smart card is a smart card for which an incident has not been reported.
  • DRM Digital Rights Management
  • the reader may be connected to the smart card server either in a wired manner through the terminal or in a wireless manner through a separately provided wireless port.
  • the application program of the terminal may access the external smart card server, and inquire whether an incident concerning the smart card has been reported, using unique authentication information of the smart card COB, read by the reader when the request for protection of digital content data is received.
  • the reader may be operated such that, if it is determined by the application program of the terminal that the smart card is a smart card for which an incident has not been reported, the reader receives a read permission command for the digital content data from the application program of the terminal, performs a read operation of generating a decryption table for the digital content data, which is encrypted and stored in the flash memory COB, and decrypting the encrypted digital content data using the decryption table, and transmits the decrypted digital content data to the terminal.
  • the reader may be operated such that, if it is determined by the application program of the terminal that the smart card is a smart card for which an incident was reported, the reader receives a read denial command for the digital content data from the application program of the terminal, and does not perform an operation of decrypting the digital content data, which is encrypted and stored in the flash memory COB.
  • the reader may further comprise an additional connection terminal connected to a second IC card, and may be configured such that, when the reader is connected to a relevant server, which uses unique authentication information of the smart card COB or the second IC card, the reader transmits the unique authentication information of the smart card COB or the second IC card to the relevant server, thus enabling electronic commerce to be conducted in the relevant server.
  • the reader may be connected to the relevant server either in a wired manner through the terminal or in a wireless manner through a separately provided wireless port.
  • the reader may enable the electronic commerce to be conducted in the relevant server using either or both of a certificate stored in the flash memory COB of the smart card and the unique authentication information of the second IC card.
  • the reader may enable the electronic commerce to be conducted in the relevant server using either or both of a certificate stored in the flash memory COB of the smart card and the unique authentication information of the smart card COB.
  • the security area in a memory area of the flash memory COB may be divided into a banking area for use of banking and a personal area for use of data storage, which are separately provided, and the reader may prohibit information stored in the banking area from being accessed when the information of the banking area is requested by the terminal, but prohibition of access to the information of the banking area may be released when input authentication information received from the terminal is identical to the unique authentication information stored in the smart card COB.
  • the banking area may include a One Time Password (OTP) generation area in which an OTP can be generated
  • the reader further comprises a display unit for displaying information about the OTP generated in the OTP generation area when a request for generation of the OTP is received from the terminal.
  • OTP One Time Password
  • the reader may transmit data stored in the personal area to memory of the terminal at a same time that the reader is connected to the terminal.
  • the reader may receive details of an electronic bankbook corresponding to the unique authentication information of the smart card COB from the smart card server, and transmit the details of the electronic bankbook to the banking area of the flash memory COB, thus enabling the details of the electronic bankbook to be stored in the banking area.
  • the reader may receive update information about the smart card from the smart card server while accessing an external smart card server, and transmit the update information to the banking area of the flash memory COB, thus updating information of the banking area.
  • the present invention provides a
  • Digital Rights Management (DRM) method using the reader for a smart card having flash memory comprising the steps of examining unit area-based bad patterns of flash memory constituting a flash memory COB of the smart card connected to the reader and determining a bad pattern extraction area; recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; and examining an area corresponding to the area code recorded in the table select code field, thus configuring a bad pattern DRM table on a basis of a bad pattern table.
  • DRM Digital Rights Management
  • the bad pattern table may be generated at a time of formatting the flash memory, and is configured such that address values of unit area-based bad patterns, which are possible physical characteristics of a memory device, are recorded in the bad pattern table.
  • the bad pattern DRM table may be configured using only the bad pattern table.
  • the bad pattern DRM table may be configured using a card serial number field of the card ID, and is configured by padding values that are generated by sequentially performing an XOR operation on values of the bad pattern table and a value of a card serial number.
  • the bad patterns may be bad blocks, bad pages or bad bits.
  • the bad pattern extraction area may be one of an area including all blocks of the memory, an area including more than a threshold number of bad patterns, and an area including a maximum number of bad patterns.
  • the unit areas may be areas set based on multiples of 2048 blocks.
  • the threshold number may be 128, which is the number of bad blocks.
  • the bad pattern DRM table may have a size of 256 bytes.
  • the flash memory may be NAND flash memory.
  • the present invention provides a Digital signal
  • Rights Management (DRM) method using the reader for a smart card having flash memory, comprising the steps of extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; and generating an encryption key using the extracted physical characteristics of the flash memory.
  • DRM Rights Management
  • the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of examining unit area-based pad patterns of a flash memory device constituting a flash memory COB of the smart card connected to the reader and determining a bad pattern extraction area; recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; examining an area corresponding to the area code recorded in the table select code field, thus configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table; and recording digital content data in the flash memory using the bad pattern DRM table as an encryption key.
  • DRM Digital Rights Management
  • the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; generating an encryption key using the extracted physical characteristics of the flash memory; and recording digital content data in the flash memory using the generated encryption key.
  • the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of setting an area, in which addresses of bad areas of memory used are recorded, in a header data area, which is an area for storing characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader, rather than a data storage space, and recording the addresses in the set area; and extracting encryption feature values by combining the addresses of the bad areas, encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
  • the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of marking bad areas of memory used in flash memory, constituting a flash memory COB of the smart card connected to the reader, at defined locations of corresponding spare areas as bad areas, and extracting encryption feature value by combining addresses of the bad areas; and encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
  • the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of marking bad areas of memory used in flash memory, constituting a flash memory COB of the smart card connected to the reader, at defined locations of corresponding spare areas as bad areas, and extracting encryption feature values using specific values recorded in the memory; and encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
  • the specific values may be serial numbers.
  • the present invention provides a digital content storage medium using the reader, wherein an area code, which is a code value of a bad pattern extraction area in flash memory constituting a flash memory COB of a smart card connected to the reader, is recorded in a table select code field of a card ID, and wherein digital content data is recorded using a DRM encryption table, which is configured based on a bad pattern table by examining an area corresponding to the area code recorded in the table select code field, as an encryption key.
  • an area code which is a code value of a bad pattern extraction area in flash memory constituting a flash memory COB of a smart card connected to the reader
  • a table select code field of a card ID wherein digital content data is recorded using a DRM encryption table, which is configured based on a bad pattern table by examining an area corresponding to the area code recorded in the table select code field, as an encryption key.
  • the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of examining an area corresponding to an area code recorded in a table select code field of a card ID of flash memory constituting a flash memory COB of the smart card, thus configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table when the flash memory COB of the smart card is connected to the reader; examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns; and reading digital content data using the bad pattern DRM table as a decryption key on a basis of results of the examination.
  • DRM Digital Rights Management
  • the step of examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns may be performed by disabling a Write Protect (WP) pin and writing 0xAA55 and 0x55AA in corresponding pages of real bad patterns, thus examining whether the patterns are real bad patterns.
  • WP Write Protect
  • the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; generating a decryption key using the extracted physical characteristics of the flash memory; and reading digital content data using the generated decryption key.
  • the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of reading addresses of bad areas from a header data area, which is an area for storing characteristics of flash memory constituting a flash memory COB of the smart card, and calculating encryption feature values used to encrypt the digital content data by combining the addresses of the bad areas when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the digital content data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
  • the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of examining flash memory constituting a flash memory COB of the smart card, reading addresses of bad areas, and calculating encryption feature values used to encrypt digital content data by combining the addresses of the bad areas when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
  • the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of examining flash memory constituting a flash memory COB of the smart card, reading specific values recorded in the memory, and calculating encryption feature values used as the specific values when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining the specific values recorded in the memory used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
  • the present invention provides a computer- readable recording medium for storing, in a Digital Rights Management (DRM) apparatus having a processor, a program for implementing a function of examining unit area-based bad patterns of flash memory constituting a flash memory COB of a smart card connected to the reader, and determining a bad pattern extraction area; a function of recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; and a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on a basis of a bad pattern table.
  • DRM Digital Rights Management
  • the present invention provides a computer- readable recording medium for storing, in a Digital Rights Management (DRM) apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader; and a function of generating an encryption key using the extracted physical characteristics of the flash memory.
  • DRM Digital Rights Management
  • the present invention provides a computer- readable recording medium for storing, in a digital content recording apparatus having a processor, a program for implementing a function of examining unit area-based bad patterns of flash memory constituting a flash memory COB of a smart card connected to the reader, and determining a bad pattern extraction area; a function of recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on a basis of a bad pattern table; and a function of recording data in the flash memory using the bad pattern DRM table as an encryption key.
  • the present invention provides a computer- readable recording medium for storing, in a digital content recording apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader; a function of generating an encryption key using the extracted physical characteristics of the flash memory; and a function of recording digital content data in the flash memory using the generated encryption key.
  • the present invention provides a computer- readable recording medium for storing, in a digital content reading apparatus having a processor, a program for implementing a function of examining an area corresponding to an area code, recorded in a table select code field of a card ID, and configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table when flash memory constituting a flash memory COB of a smart card connected to the reader is inserted; a function of examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns; and a function of reading digital content data using the bad pattern DRM table as a decryption key on a basis of results of the examination.
  • DRM Digital Rights Management
  • the present invention provides a computer- readable recording medium for storing, in a digital content reading apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader; a function of generating a decryption key using the extracted physical characteristics of the flash memory; and a function of reading digital content data using the generated decryption key.
  • FIG. 1 is a diagram showing an example of a conventional smart card
  • FIG. 2 is a diagram showing an example of a smart card having flash memory according to an embodiment of the present invention
  • FIG. 3 is a diagram showing the construction of a reader for the smart card having flash memory of FIG. 2
  • FIG. 4 is a diagram showing the connection of a communication network for inquiry about the occurrence of an incident concerning the smart card of FIG. 2
  • FIG. 5 is a diagram showing an example of the construction of flash memory used in the present invention
  • FIG. 6 is a diagram showing an example of the card ID of FIG. 5;
  • FIG. 7 is a diagram showing an example of a bad pattern extraction area when all the blocks of flash memory are divided by 2048 blocks, according to an embodiment of the present invention
  • FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention
  • FIG. 9 is a diagram showing an example of a 256-byte bad block DRM table generated in the bad block table of area 1 having more than 128 bad blocks according to an embodiment of the present invention
  • FIG. 10 is a diagram showing an example of the bad block table of area 2 having less than 128 bad blocks according to the present invention
  • FIG. 11 is a diagram showing another example of a 256-byte bad block DRM table generated by attaching padding data to the bad block table of area 2 of FIG. 6 having
  • FIG. 12 is a flowchart showing an example of a digital content recording method according to an embodiment of the present invention.
  • FIG. 13 is a flowchart showing an example of an authentication process for digital content play according to an embodiment of the present invention;
  • FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention;
  • FIG. 15 is a diagram showing an example of a digital content recording apparatus according to an embodiment of the present invention;
  • FIG. 16 is a diagram showing an example of a digital content play apparatus according to an embodiment of the present invention; and
  • FIG. 17 is a diagram showing an example of a key generation apparatus for an asymmetric encryption system to which the present invention is applied. Best Mode for Carrying out the Invention
  • FIG. 1 is a diagram showing an example of a conventional smart card. As shown in the drawing, a smart card Chip On Board (COB) 2 is provided in a smart card 1.
  • COB Chip On Board
  • FIG. 2 is a diagram showing a structure in which a flash memory COB 12 is additionally mounted in a space other than the region, in which the smart card COB 2 is mounted, in the conventional smart card 1 of FIG. 1.
  • a smart card 10 having the flash memory of FIG. 2 includes a smart card COB (or IC card COB) for functioning as a credit card or a transportation card, and a flash memory COB 12 for functioning to store data, such as digital content data.
  • a smart card COB or IC card COB
  • COB 12 for functioning to store data, such as digital content data.
  • the flash memory COB 12 is provided to be electrically isolated from the smart card COB 11, or to be electrically connected to the smart card COB 11.
  • the smart card COB 11 and flash memory COB 12 each include a plurality of input/ output terminals.
  • the input/output terminals denote terminals connected to the dedicated reader 20 of FIG. 3 which records or reads digital content data.
  • the flash memory COB 12 may be divided into a security area and a normal area.
  • the security area is an area in which data requiring security is stored, and the normal area is an area opposite the security area and a space in or from which data can be freely recorded or read.
  • COB 12 of the smart card 10 by the reader 20 recording or reading is preferably performed after Digital Rights Management (DRM) authentication has been performed by the Application- Specific Integrated Circuit (ASIC) of the reader 20.
  • DRM Digital Rights Management
  • ASIC Application- Specific Integrated Circuit
  • the DRM authentication by the ASIC of the reader 20 may be performed on the basis of the physical characteristics of flash memory, constituting the flash memory COB 12 of the smart card 10.
  • the term "physical characteristics" means information about unit area-based bad patterns of the flash memory.
  • the information about the bad patterns may be information about one of bad blocks, bad pages and bad bits.
  • the DRM authentication by the ASIC of the reader 20 may be implemented on the basis of the physical characteristics of the flash memory of the flash memory COB 12 and unique authentication information (for example, a credit card serial number, the personal information of a credit card holder, etc.) stored in the smart card COB 11.
  • unique authentication information for example, a credit card serial number, the personal information of a credit card holder, etc.
  • the above-described smart card 10 having flash memory according to the present invention when used as a credit card or a transportation card, it can be used according to the same method as that of an existing smart card.
  • information digital content data or the like
  • recorded information digital content data or the like
  • recording or reading is possible by allowing the smart card 10 to be connected to the terminal 30 in such a way that the smart card 10 is connected to or inserted into the dedicated reader 20.
  • the terminal 30 may be one of a Personal Computer (PC), a notebook computer, a mobile phone, a Personal Digital Assistant (PDA), etc.
  • PC Personal Computer
  • PDA Personal Digital Assistant
  • such a dedicated reader 20 exchanges information with the smart card COB 11 and the flash memory COB 12 through connection terminals 21 and 22 connected to the respective terminals of the smart card COB 11 and the flash memory COB 12.
  • a reader 20 is a component for recording or reading information in or from the flash memory COB.
  • connection terminals 21 and 22 may be divided into a smart card contact point 21 connected to the smart card COB 11 in a wired/wireless manner and a flash memory contact point 22 connected to the flash memory COB 12 in a wired/wireless manner.
  • the reader 20 may be coupled or connected to the terminal 30, as shown in FIG. 3, while the smart card 10 is connected to or inserted into the reader 20.
  • the reader 20 may be connected to the external terminal 30 in a wired or wireless manner. At this time, both a record operation of recording digital content data, stored in the terminal 30, in the flash memory COB 12, and a read operation of reading digital content data, recorded in the flash memory COB 12, and transmitting the digital content data to the terminal 30 can be performed.
  • the reader 20 can perform both a record operation of encrypting the digital content data, stored in the terminal 30, and storing the encrypted digital content data in the flash memory COB 12, and a read operation of decrypting the digital content data, encrypted and stored in the flash memory COB 12, and providing the decrypted digital content data to the terminal 30.
  • connection terminals 21, 22 and 23 of the reader 20 which is connection means to be connected to the terminal 30, may be implemented using one selected from among Secure Digital (SD), a Multimedia Card (MMC), a Universal Serial Bus (USB), micro SD, and a S-flash means.
  • SD Secure Digital
  • MMC Multimedia Card
  • USB Universal Serial Bus
  • S-flash means S-flash means
  • Such a reader 20 can be connected to the application program of the terminal 30 through the above-described connection means, and thus can be operated.
  • the reader 20 can be controlled so that an operation of recording and reading digital content data in and from the flash memory COB 12 using the reader 20 can be performed differently depending on whether an information protection request for the digital content data has been received from the user.
  • the reader 20 is connected to and operated by the application program of the terminal 30 which performs control such that, in the case where an information protection request for the digital content data is received from the terminal 30, the record and read operation for the digital content data is performed differently from that of the case where the information protection request is not received.
  • the application program connects the reader 20 and the flash memory COB 12 to the terminal 30, thus enabling the flash memory COB 12 to be used as a typical large-capacity storage device.
  • the reader 20 may freely record or read relevant digital content data in or from the flash memory COB 12 through the application program included in the present invention, or a general-purpose search program (for example, Windows Explorer).
  • a general-purpose search program for example, Windows Explorer
  • the application program when the fact that the protection of digital content data is required is received from the user, the application program allows the reader 20 to perform a record operation under the control of the application program using the following method.
  • the reader 20 may generate an encryption table in which the location and number of bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of the flash memory constituting the flash memory COB 12 are used as unique factors. Information requiring protection can be encrypted and the encrypted information can be decrypted using the encryption table.
  • bad patterns bad blocks, bad pages, bad bits, etc.
  • the application program of the terminal 30 accesses an external smart card server 40 and inquires whether an incident concerning the smart card 10 has been reported.
  • the application program of the terminal 30 may access the external smart card server 40, inquire whether an incident concerning the smart card 10 has been reported using the unique authentication information stored in the smart card COB 11 read by the reader 20, and perform an operation of reading digital content data from the flash memory COB 12 differently depending on whether the incident has been reported.
  • the application program reads the unique authentication information (for example, a credit card serial number, the personal information of a credit card holder, etc.) of only a relevant smart card 10 from the smart card COB 11 through the reader 20, and accesses the smart card server 40 (for example, the server of a credit card company), capable of determining using the read unique authentication information whether an incident concerning the smart card 10 has occurred, in a wired/wireless manner.
  • the unique authentication information for example, a credit card serial number, the personal information of a credit card holder, etc.
  • the reader 20 may access the smart card server 40 in a wired manner by accessing the Internet through the terminal 30, but may access the smart card server 40 in a wireless manner using a wireless port 24 separately provided on the reader 20 without requiring the terminal 30.
  • the protection-requested digital content data is transmitted to the reader 20 so that the digital content data can be stored in the flash memory COB 12.
  • the reader 20 generates an encryption table using the bad patterns (bad blocks, bad pages, bad bits, etc.) of the flash memory constituting the flash memory COB 12, encrypts the protection-requested digital content data using the encryption table, and records the encrypted digital content data in the flash memory COB 12, thus performing DRM for the digital content data.
  • the reader 20 can perform a read operation as well as the record operation, as described below.
  • the reader 20 receives a read permission command for the digital content data from the application program of the terminal 30, performs a read operation of generating a decryption table for the digital content data which is encrypted and stored in the flash memory COB 12, decrypting the encrypted digital content data using the decryption table, and transmits the decrypted digital content data to the terminal 30.
  • the reader 30 accesses the smart card server 40 in a wired or wireless manner and determines using the unique authentication information of the smart card COB 11 whether an incident concerning the smart card has been reported, on the basis of the same principle as that of the case where information requiring protection is recorded. If it is determined that the relevant card is a smart card 10 for which an incident has not been reported, the reader 30 receives a read permission command for the digital content data, generates a decryption table, decrypts the encrypted information, and provides the decrypted information to the terminal 30.
  • the reader 20 receives a read denial command for the digital content data from the application program of the terminal 30, and does not perform decryption (read operation) of the digital content data which is encrypted and stored in the flash memory COB 12, thus preventing the terminal 30 from using the digital content data.
  • the present invention may be constructed such that the encrypted information can be read again after the situation of the incident has been terminated through the recovery of the lost smart card 10 and the lost smart card 10 is returned to the smart card 10 for which an incident has not been reported.
  • the present invention may be constructed such that, depending on the type of incident report (for example, loss, a theft, disposal, etc.), relevant information can be completely deleted, or the current Internet access address (for example, IP address) of the flash memory COB 12 or the like can be immediately and automatically reported to the smart card server 40.
  • relevant information for example, loss, a theft, disposal, etc.
  • relevant information can be completely deleted, or the current Internet access address (for example, IP address) of the flash memory COB 12 or the like can be immediately and automatically reported to the smart card server 40.
  • a typical storage disc function may be added to the smart card 10 through the provision of the dedicated reader 20. Further, the functioning of the smart card as a security disc, enabling only a user to record or read relevant information, can also be predicted.
  • the credit card or the transportation card should not be lent to other persons regardless of time or place, and a user must pay great attention to preventing the occurrence of loss or theft, as they would with cash, by personally carrying the credit card or the transportation card. That is, information stored in the flash memory COB 12, included in the smart card 10 (credit card or transportation card), must be primarily secured by the user him or herself. In general, when the loss or theft of the card occurs, this must be immediately reported to the smart card server (a card company), thus preventing damage from occurring.
  • the smart card server a card company
  • the flash memory COB 12 and the smart card COB 11 provided in the smart card 10 do not form a complete electrical or magnetic connection to each other unless the dedicated reader is used, they have no effect on various other electronic transactions, such as inquiry/payment transactions using an existing IC card reader. Accordingly, the present invention may be free of the problem of compatibility with a credit card or transportation card service terminal that may occur in the commercialization stage of the present invention.
  • the reader 20 may be further provided with the additional connection terminal 23 connected to some other IC card (not shown) in a wired or wireless manner, in addition to the connection terminals 21 and 22 connected to the smart card COB 11 and the flash memory COB 12 in a wired or wireless manner.
  • unique authentication information may be at least one of a unique card number, personal information, and a separate certificate, or combinations thereof.
  • relevant server may be a financial institution, such as a bank, or another shopping mall site, in which electronic commerce is conducted using the unique information on the other IC card.
  • the reader 20 may be configured to be connected to the relevant server (not shown) either in a wired manner through the terminal 30 or in a wireless manner through the separately provided wireless port 24.
  • the reader 20 enables electronic commerce to be conducted in the relevant server (not shown) using either or both of a certificate previously stored in the flash memory COB 12 and the unique authentication information of the other IC card.
  • a certificate previously stored in the flash memory COB 12 and the unique authentication information of the other IC card When both are used in this way, the error or risk of the electronic commerce can be reduced, and the reliability of the use of the electronic commerce can be improved.
  • the reader 20 may be connected to the terminal 30 while being connected to the smart card 10, so that, even when the reader 20 is connected to the relevant server for conducting electronic commerce using the unique authentication information of the smart card COB 11, the reader 20 can enable the above-described electronic commerce to be conducted by transmitting the unique authentication information of the smart card COB 11 to the server.
  • the reader 20 may enable electronic commerce to be conducted in the relevant server (not shown) using either or both of the certificate previously stored in the flash memory COB 12 and the unique authentication information of the smart card COB 11.
  • the security area in the memory area of the flash memory COB 12 may be divided into a banking area for the use of banking and a personal area for the use of data storage, which may be separately provided.
  • the reader 20 blocks the provision of the information stored in the banking area by prohibiting the user from accessing the banking area, thus protecting the information stored in the banking area.
  • the reader 20 may be configured such that, when authentication has been completed through a separate verification procedure (for example, user authentication corresponding to the case where authentication information received from the terminal 30 and the unique authentication information stored in the smart card COB 11 are identical to each other) at the time of prohibiting the user from accessing the banking area, the stored information can be provided by releasing the prohibition of access to the information of the banking area.
  • the information stored in the personal area for example, music, movie, pictures, files, other data folders, etc.
  • This operation is required in order to allow the user to freely use and manage the information in his or her PC.
  • the banking area in the flash memory COB 12 may include an OTP generation area in which a signal is received from a satellite and a One Time Password (OTP) can be generated.
  • the reader 20 may further include a display unit (not shown) for receiving and displaying information about the OTP generated in the OTP generation area when a request for the generation of the OTP is received from the terminal 30.
  • the reader 20 may be configured to transmit information stored in the personal area to the memory of the terminal 30 at the same time that the reader 20 is c onnected to the terminal 30.
  • This configuration is very useful because information that has been previously transmitted to and stored in the computer 30 can be used even if the smart card 10 is lost in the future.
  • this configuration may also include a component for automatically displaying and indicating a popup window so that the information stored in the personal area is transmitted to the memory of the terminal 30 at the same time that the reader 20 is connected to the terminal 30.
  • the reader 20 when the reader 20 is connected to the terminal 30 and then accesses the smart card server 40, the reader 20 receives the details of an electronic bankbook corresponding to the unique authentication information of the smart card COB 11 from the smart card server 40, and automatically transmits the details to the banking area of the flash memory COB 12 to enable the details of the electronic bankbook to be stored in the banking area, thus enabling the smart card to replace the function of a typical paper bankbook.
  • the reader 20 while the reader 20 is connected to the terminal 30 to communicate with the external smart card server 40, the reader 20 receives update information about a relevant smart card from the smart card server 40, and transmits the update information to the banking area of the flash memory COB 12, thus enabling the information stored in the banking area to be automatically updated.
  • the update information may be update information about a certificate, personal information, an electronic bankbook, etc.
  • the flash memory is a memory device enabling data to be continuously stored therein even when power is removed, and is capable of freely storing/erasing data.
  • Such flash memory is classified into a NOR type and a NAND type according to the internal structure thereof.
  • the NOR flash memory has a structure in which cells are connected in parallel
  • the NAND flash memory has a structure in which cells are connected in series.
  • the NAND flash memory is mainly used for an SD card or a memory stick among various memory cards, and the NOR flash memory is mainly used for an MMC card or compact flash memory.
  • flash memory has characteristics that power consumption is low, and stored information is retained without being lost even when power is turned off. Further, flash memory is non- volatile memory to which power is continuously supplied, and is not only capable of retaining the stored information in an unchanged state even when power is shut off, unlike Dynamic Random Access Memory (DRAM), but also is capable of freely inputting or outputting information. Accordingly, flash memory is widely used in digital Televisions (TV), digital camcorders, mobile phones, digital cameras, Personal Digital Assistants (PDA), game playing devices, MP3 players, etc.
  • TV digital Televisions
  • PDA Personal Digital Assistants
  • bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of a memory device, such as the flash memory of the flash memory COB 12 provided in the smart card (for example, NAND flash memory or the like) are used as an encryption key
  • the rights of digital content stored in the flash memory can be protected, and thus the above problem of the content rights can be solved.
  • the physical characteristics of the flash memory may be the bad blocks, bad pages or bad bits.
  • the encryption table can be generated by using the location and number of bad pages or bad bits, as well as the bad blocks, as unique factors.
  • the construction of the file system is also characterized in that digital content data is encrypted using a bad pattern DRM table (DRM encryption table) at the time of recording the digital content. That is, in the structure of the file system, the entire area, excepting a minimum region required to detect the bad pattern DRM table (DRM encryption table), is encrypted through relevant Digital Rights Management (DRM), and thus typical access to the area is blocked.
  • DRM Digital Rights Management
  • the physical block number '0' of the flash memory (hereinafter referred to as a 'zero block') is used by the manufacturing company thereof to guarantee that the block is not a bad block. Therefore, in the zero block, format-related information of the flash memory, a medium ID (card ID), etc. are stored.
  • a bad block DRM table may be used as a DRM encryption table
  • a bad page DRM table may be used as a DRM encryption table
  • the bad block DRM table and the bad page DRM table may be collectively called a 'bad pattern DRM table (DRM encryption table)'.
  • a Master Boot Recorder corresponding to 'page number 0 of the zero block'
  • information about the construction of the flash memory and the file system is recorded.
  • bad block marking information is recorded.
  • a card ID corresponding to a medium ID is stored.
  • Such a card ID is composed of pieces of specific information (for example, memory card version, a DRM table select code, an area code, a manufacturing company code, a copyright holder ID [writer ID], and card serial number information) of the flash memory, as shown in FIG. 6.
  • the bad pattern extraction area of the flash memory may be either an entire block area of the flash memory or only a specific area.
  • the DRM encryption table (bad block DRM table) using the extracted bad patterns may be configured to have various sizes, such as 128 bytes, 256 bytes, or 512 bytes.
  • the term 'specific area' means that, for example, all the blocks of the flash memory can be divided by 2048 blocks and can be processed thereby. That is, as shown in FIG. 7, the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table) is determined in such a way that respective areas are set based on multiples of 2048 blocks in all the blocks of the flash memory, and an area meeting a specific criterion, among the areas, is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
  • the term 'specific criterion' means a criterion required to determine whether a relevant area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, when an area including more than a threshold number of (for example, 128) bad blocks is present, the relevant area is determined to be the bad pattern extraction area. However, when an area including more than 128 bad blocks is not present, an area including a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
  • the bad pattern extraction area is determined on the basis of a bad block table generated while a memory card is formatted at the time of manufacturing the flash memory constituting the flash memory COB 12.
  • the area code of the relevant area determined at that time is recorded in the DRM table select code field of the card ID of FIG. 6.
  • FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention.
  • the flowchart shows a procedure for examining an area corresponding to the area code recorded in the DRM table select code field of the card ID, and configuring a bad block DRM table (DRM encryption table).
  • the procedure for configuring the bad block DRM table (DRM encryption table) is described below.
  • respective areas are set based on multiples of the number of blocks (for example, based on multiples of 2048 blocks).
  • a bad pattern extraction area meeting a specific criterion for example, an area having more than a threshold number of [for example, 128] bad blocks, or an area having a maximum number of bad blocks, is determined on the basis of the bad block table.
  • the code value of the relevant area (area code) is recorded in the DRM table select code field of the card ID.
  • FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table), generated on the basis of the bad block table of area 1 (block 0 ⁇ block 2047) having more than 128 bad blocks
  • FIG. 11 illustrates a 256-byte bad block DRM table (DRM encryption table), generated by attaching padding data to the bad block table (refer to FIG. 10) of area 2 (block 2048 ⁇ block 4095), having 128 or less bad blocks.
  • FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table) generated on the basis of the bad block table corresponding to area 1 (block 0 ⁇ block 2047) having more than 128 bad blocks. That is, more than 128 real bad blocks are present in the area 1, so that the 256-byte bad block DRM table (DRM encryption table) is configured using only the addresses of the bad blocks. In this case, the padding operation of FIG. 11 is not required.
  • the bad block DRM table (DRM encryption table) is composed of 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data.
  • the bad block DRM table (DRM encryption table) is configured using the card serial number field (16 byte) of the card ID.
  • the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values obtained by sequentially performing an XOR operation on existing real bad block table values and a card serial number value.
  • the bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated by attaching padding data (that is, values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) to the bad block table (that is, the bad block table having 18 [36 byte] real bad block addresses in FIG. 10) of area 2 (block 2048 to block 4095) having 128 or less bad blocks.
  • the bad block DRM table (DRM encryption table) is composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ).
  • FIG. 10 illustrates a bad block table generated on the basis of 128 or less bad blocks (for example, 18 [36 bytes] real bad blocks) in area 2 (block 2048 ⁇ block 4095). That is, when only 18 bad blocks (36 byte) from 0x0812 to OxOCFE are present in area 2, the bad block table corresponding thereto is exemplified.
  • the padding data (values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) is attached to the bad block table (refer to FIG. 10) composed of 18 (36 byte) real bad block addresses, and thus the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11.
  • the bad block DRM table (DRM encryption table) formed using the above-described method is a unique factor that is determined according to the physical characteristic, which a given storage medium (that is, the flash memory) can have, and that is unique in all probability.
  • FIG. 12 is a flowchart showing an example of a method of recording digital content data in the flash memory according to an embodiment of the present invention.
  • the flash memory (for example, NAND flash memory) is formatted to a low level at step 801, so that bit-based bad pages (pages including bad bits) or bit-based bad blocks (blocks including bad bits) are examined by writing 0xAA55, and the pages or blocks including bad bits are marked as bad pages or bad blocks at step 802. That is, blocks having bad bits according to bad bit information detected at the time of initialization (formatting) are marked as bad blocks, and pages having bad bits according to bad bits detected at the time of initialization are marked as bad pages.
  • the bad blocks are recorded in a bad block table at step 803.
  • the bad block table may be provided for each of areas into which all the blocks of the flash memory are divided by 2048 blocks.
  • an area satisfying a specific condition is determined with reference to the recorded bad block table, and then the area code value of the relevant area is recorded in the DRM table select code field of the Card ID (page number 9 of the zero block) at step 804.
  • a specific condition for example, all the blocks of the flash memory are divided by 2048 blocks, and then respective areas are set.
  • an area satisfying the specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table), and thereafter the area code of the determined area is recorded in the DRM table select code field of the card ID.
  • the term 'specific condition (criterion)' means a criterion required to determine whether a given area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, an area having more than a threshold number of bad blocks, or an area having a maximum number of (for example, 128) bad blocks may be determined to be a bad pattern extraction area.
  • the determination of the bad pattern extraction area may be performed to assign priority for the determination of an area in such a way that whether an area having more than a threshold number of (for example, 128) bad blocks is present is determined, and an area having a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is determined to be the bad pattern extraction area if it is determined that the area is not present.
  • a threshold number of for example, 128) bad blocks is present
  • the area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6 at step 804.
  • a 256-byte bad block DRM table [refer to FIG. 9], composed of 128 real bad block addresses, is generated on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks at step 806.
  • the 256-byte bad block DRM table (DRM encryption table) can be configured using only the addresses of the real bad blocks.
  • the relevant area (examination target area [area corresponding to the area code]) does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 805
  • a padding operation is performed, so that the 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated at step 807. That is, the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11, using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
  • flash memory' described in the present invention may mean the flash memory COB 12 itself shown in FIG. 2.
  • FIG. 13 is a flowchart showing an example of an authentication process for reading digital content according to an embodiment of the present invention, in which a procedure for reading digital content is depicted.
  • the reader 20 reads the information of the card ID (page number 9 of zero block), and starts an authentication process at step 902.
  • the DRM table select code field of the card ID information about the code of an area (area having more than a threshold number of bad blocks, or an area having a maximum number of bad blocks), in which bad patterns (bad blocks, bad pages, bad bits, etc.) desired to be used for a DRM decryption table (bad block DRM table) are present, is recorded, and thus the information of the card ID is determined at the time of reading the digital content data.
  • a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks.
  • step 905. whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), is determined.
  • a procedure for determining whether blocks are real bad blocks is described below. For example, about 10 bad blocks are randomly selected from the real bad block table, and whether the selected bad blocks are real bad blocks is examined at step 906. At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block, and thus whether the bad blocks are real bad blocks is determined at step 907.
  • WP Write Protect
  • step 907 If it is determined at step 907 that bad blocks are real bad blocks, a predetermined number of (about 10) real bad blocks are additionally examined using the same method at step 906. Similarly, for the additionally selected bad blocks, a procedure for disabling a WP pin and writing 0xAA55 and 0x55AA in the corresponding page of each real bad block is performed at step 907.
  • the bad block table of FIG. 10 is a bad block table having 18 (36 byte) real bad block addresses
  • the last bad block address is 'OxFE'
  • the determination of real bad blocks is performed by examining bad blocks corresponding to a multiple of 14. If the number of bad blocks which are examination targets does not exceed 5, bad blocks from a first bad block are additionally included in the sequential examination targets, and thus the total number of examination target bad blocks is maintained at at least 5. [210] Similar to this, a description will be made on the basis of the above conditions.
  • the encryption of digital content data is also performed on blocks having block addresses corresponding to a multiple of 14. Decryption thereof is also performed on the basis of the same criterion and condition as those of encryption.
  • the above-described method using the reader 20 of the present invention can be applied to various fields in consideration of the entire performance and other conditions of the system to which DRM is applied.
  • the method can be applied to an asymmetric encryption system.
  • a bad pattern DRM table (DRM encryption table) is generated using bad patterns.
  • a seed key is generated using a Hash function that uses the bad pattern DRM table (DRM encryption table) as a transform parameter.
  • a public key and a private key are generated through a Public Key Infrastructure (PKI) algorithm (Rivest-Shamir-Adleman [RSA], Elliptic Curve Cryptography [ECC], etc.), and they can be applied to PKI solutions that have been used in various existing fields.
  • PKI Public Key Infrastructure
  • a client may download digital content data, encrypted by a server using the public key, and may decrypt the encrypted content data using the private key extracted from the digital content data.
  • the present invention can sufficiently protect the digital content data of a copyright holder, unlike existing storage media, such as a CD or a DVD, having contradiction indicating that the existing storage media become media capable of providing profit to the copyright holder of digital content data, and, simultaneously, they become media through which the copyright holder's digital content data is infinitely duplicated because they are infinitely exposed to illegal duplication by typical users.
  • other examples of methods of preventing the copying and illegal duplication of the entirety of the flash memory may include an encryption/decryption me thod using different bad areas (blocks, pages, sub-pages, or locations) for respective flash memory devices.
  • an area in which the addresses of bad areas of memory used (blocks, pages, sub-pages, or locations) are recorded, is set in a header data area in which the characteristics of the flash memory are recorded, rather than a data storage space, and the set area is recorded.
  • the addresses of the bad areas are combined with each other to extract encryption feature values (for example, encryption feature values based on a bad block DRM table [DRM encryption table]).
  • encryption feature values for example, encryption feature values based on a bad block DRM table [DRM encryption table]
  • original digital content data is encrypted using such encryption feature values, and thus the encrypted digital content data is recorded in the normal areas of the memory and not in the bad areas of the memory.
  • the reader 20 reads the addresses of the bad areas from the header data area, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used for the encryption of content data by combining the addresses of the bad areas with each other, and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas.
  • the encryption feature values are calculated through a combination of unique values, such as the addresses of different bad areas for respective memory devices used, so that perfect duplication is physically impossible unless the bad areas of the memory used for duplication and bad areas of the original memory are entirely identical to each other.
  • the reader 20 marks bad areas (blocks, pages, sub-pages or locations) of memory used at defined locations of spare areas corresponding thereto as bad areas, and extracts encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) by combining the addresses of the bad areas. Thereafter, the reader 20 encrypts original digital content data using the encryption feature values, and records the encrypted digital content data in the normal areas of the memory and not in the bad areas of the memory.
  • encryption feature values for example, encryption feature values based on the bad block DRM table [DRM encryption table]
  • the reader reads the addresses of bad areas by examining the flash memory, calculates encryption feature values used for the encryption of content data by combining the addresses of the bad areas (for example, encryption feature values based on the bad block DRM table [DRM encryption table]), and recovers original digital content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas.
  • encryption feature values are calculated by combining unique values, such as the addresses of different bad areas for respective memory devices, perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are entirely identical to each other.
  • the reader 20 marks the bad areas (blocks, pages, sub-pages, and locations) of flash memory used at defined locations of spare areas corresponding thereto as bad areas, and extracts encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) using specific values (for example, a serial number, etc.) recorded in the memory. Thereafter, the reader 20 encrypts original digital content data using the encryption feature values, and records the encrypted digital content data in normal areas of the memory and not in the bad areas of the memory.
  • encryption feature values for example, encryption feature values based on the bad block DRM table [DRM encryption table]
  • specific values for example, a serial number, etc.
  • the reader 20 reads the specific values recorded in the memory, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used as specific values, and recovers original digital content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas.
  • encryption feature values are calculated through a combination of specific values recorded in the memory used, so that perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are completely identical to each other.
  • the reader 20 determines whether bad areas of the flash memory are physically formed or are merely marked for duplication through a procedure of recording/reading data in/from the bad areas when the flash memory COB 12 is connected to the reader 20. If it is determined that the bad areas are merely marked, the play apparatus classifies the memory card as an 'illegally duplicated memory card', and does not play recorded digital content data. As described above, the present invention determines the authenticity of bad areas, thus identifying an illegally duplicated memory card.
  • FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention, in which the bad pattern DRM table configuration apparatus may be included in the reader 20.
  • the bad pattern DRM table configuration apparatus may be included in the reader 20.
  • DRM encryption table DRM encryption table
  • a bad pattern detection unit 101 sets areas based on multiples of the number of blocks (/bad pages) (for example, based on multiples of 2048 blocks) in all the blocks of the flash memory, and detects bad blocks (/bad pages) in each of the areas.
  • a real bad pattern examination unit 102 determines a bad pattern extraction area meeting a specific criterion (for example, an area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), and records the code value (area code) of the relevant area in the DRM table select code field of the card ID.
  • a specific criterion for example, an area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]
  • the specific condition is, for example, a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table). According to such a specific condition, an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages), can be determined to be the bad pattern extraction area.
  • a threshold number of for example, 128) bad blocks (/bad pages
  • an area having a maximum number of bad blocks (/bad pages) can be determined to be the bad pattern extraction area.
  • a bad pattern table configuration unit 103 records the addresses of bad blocks (/bad pages) of the area corresponding to the area code, recorded in the DRM table select code field of the card ID, in the bad block (/bad page) table.
  • a bad pattern DRM table calculation unit 104 examines the area corresponding to the area code recorded in the DRM table select code field of the card ID. That is, whether the area corresponding to the area code has bad blocks (/bad pages) sufficient to configure a bad block (/bad page) DRM table (DRM encryption table) is examined.
  • a bad pattern DRM table generation unit 105 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID.
  • a 256-byte bad block DRM table [refer to 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ⁇ block 2047) having more than 128 (256 byte) bad blocks.
  • a 256-byte bad block DRM table [refer to FIG. 11] is generated by performing a padding operation.
  • the bad block DRM table (DRM encryption table) of FIG. 11 is configured using 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data.
  • a 256-byte bad block DRM table (DRM encryption table) can be configured, as shown in FIG. 11, using padding values, generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
  • FIG. 15 is a diagram showing an example of the construction of a digital content recording apparatus according to an embodiment of the present invention, in which the digital content recording apparatus may be included in the reader 20.
  • a bad pattern examination and marking unit 111 formats the flash memory (for example, NAND flash memory) of a storage medium (the flash memory COB 12 as a memory card implemented using a memory device) to a low level, examines bit-based bad pages (pages having bad bits) or bit-based bad blocks (blocks having bad bits) by writing 0xAA55, and marks pages or blocks having bad bits as bad pages or bad blocks.
  • the flash memory for example, NAND flash memory
  • the flash memory COB 12 as a memory card implemented using a memory device
  • a bad pattern area selection unit 112 formats the flash memory to a low level, and determines an area meeting a specific condition (criterion) with reference to a recorded bad block (/bad page) table.
  • a media information recording unit 113 records the area code of the area in the DRM table select code field of the card ID (page number 9 of zero block).
  • all the blocks of the flash memory are divided by 2048 blocks, and thus respective areas are set.
  • an area meeting a specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of a bad block (/bad page) DRM table (DRM encryption table).
  • DRM encryption table DRM table select code field of the card ID.
  • the term 'specific condition (criterion)' means a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table).
  • an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages) can be determined to be a bad pattern extraction area.
  • the determination of the bad pattern extraction area may be performed by determining whether an area having more than a threshold number of (for example, 128) bad blocks (/bad pages) is present, and by determining an area, having a maximum number of bad blocks (/bad pages) among the plurality of areas (areas set based on multiples of 2048 blocks), to be the bad pattern extraction area if it is determined that the relevant area is not present.
  • the area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6.
  • a bad pattern DRM table generation unit 114 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID. For example, when the area corresponding to the area code has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ⁇ block 2047) having more than 128 (256 bytes) bad blocks.
  • DRM encryption table composed of 128 real bad block addresses
  • a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation.
  • a content encryption recording unit 115 records digital content data in the memory device (for example, NAND flash memory) by utilizing the bad pattern DRM table (DRM encryption table), generated by the bad pattern DRM table generation unit 114, as an encryption key.
  • DRM table DRM encryption table
  • FIG. 16 is a diagram showing an example of the construction of a digital content reading (reading, play, etc.) apparatus according to an embodiment of the present invention, in which the digital content reading apparatus may be included in the reader 20.
  • a media information collection unit 121 reads information about a card ID (page number 9 of zero block).
  • a card ID page number 9 of zero block.
  • the area code information of the area having bad patterns (bad blocks, bad pages, bad bits, etc.) (area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), desired to be used for a bad pattern DRM table (DRM decryption table) is recorded, and thus information of the card ID is collected at the time of reading digital content data.
  • a bad pattern DRM table generation unit 122 configures a bad block (/bad page) DRM table (DRM decryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code field of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks.
  • the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) by performing a padding operation (refer to FIG. 11). That is, the 256-byte bad block DRM table (DRM decryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
  • a media authentication unit 123 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block(/bad page) DRM table (DRM decryption table) generated by the bad pattern DRM table generation unit 122, are real bad blocks (/bad pages). For example, the media authentication unit 123 determines whether blocks having real bad block addresses in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), are real bad blocks.
  • a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined.
  • WP Write Protect
  • a suitable number of real bad blocks (/bad pages) are additionally examined using the same method.
  • a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the additionally selected blocks are real bad blocks (/bad pages) is determined.
  • a content decryption and play unit 124 permits the use of digital content data (play or read) on the basis of the results of the authentication performed by the media authentication unit 123. That is, when the authentication of the use of the data has succeeded, the content decryption and play unit 124 transmits digital content data to a user while decrypting the digital content data using the generated bad block (/bad page) DRM table (DRM decryption table). Further, when the authentication of the use of the data has failed, the content decryption and play unit 124 notifies the user of the failure of the authentication, thus requesting the user to check the digital content storage medium.
  • DRM table bad block
  • FIG. 17 is a diagram showing an example of the construction of a key generation apparatus for an asymmetric encryption system to which the present invention is applied, in which the key generation apparatus may be included in the reader 20.
  • a bad pattern detection unit 131 sets areas based on multiples of the number of blocks (/pages) (for example, based on multiples of 2048 blocks) in all the blocks (/bad pages) of the flash memory, and detects bad blocks (/bad pages) from each of the areas.
  • a bad pattern DRM table generation unit 132 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks.
  • DRM encryption table composed of 128 real bad block addresses
  • a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation. That is, the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
  • a media authentication unit 133 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block (/bad page) DRM table (DRM encryption table) generated by the bad pattern DRM table generation unit 132, are real bad blocks (/bad pages). For example, the media authentication unit 133 determines whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM encryption table) of FIG. 11 composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ).
  • a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined.
  • WP Write Protect
  • a suitable number for example, about 10
  • WP Write Protect
  • a seed key generation unit 134 generates a seed key through a Hash function which uses a bad pattern DRM table (DRM encryption table) as a transform factor.
  • DRM table DRM encryption table
  • An asymmetric encryption key generation unit 135 generates a public key and a private key through a PKI algorithm (RSA, ECC, etc.) using the seed key generated by the seed key generation unit 134.
  • the public key may be used to encrypt digital content data, and the private key may be used to decrypt digital content data.
  • FIGS. 14 to 17 The above-described construction of FIGS. 14 to 17 is included in the reader 20, and is configured to perform the encryption and decryption of digital content data.
  • the above-described method of the present invention may be implemented in the form of a program and may be stored in recording media (Compact Disc (CD)-Read Only Memory (ROM), Random Access Memory (RAM), ROM, a floppy disc, a hard disc, a magneto-optical disc, etc.) in a computer-readable form.
  • recording media Compact Disc (CD)-Read Only Memory (ROM), Random Access Memory (RAM), ROM, a floppy disc, a hard disc, a magneto-optical disc, etc.

Abstract

The present invention provides a smart card having flash memory, a reader for the smart card, and a Digital Rights Management (DRM) method using the reader. The smart card having flash memory according to the present invention includes a smart card Chip On Board (COB) (11) having a plurality of input/output terminals, and a flash memory COB (12) having a plurality of input/output terminals.

Description

Description
SMART CARD WITH FLASH MEMORY AND MEMORY READER OF SMART CARD AND DRM METHOD USING THE
READER
Technical Field
[1] The present invention relates, in general, to a smart card having flash memory, a reader for the smart card, and a Digital Rights Management (DRM) method using the reader, and, more particularly, to a smart card having flash memory, a reader capable of either recording digital information in flash memory included in the smart card, or reading recorded information from the flash memory, and a DRM method using an application program that is executed in a terminal functioning to record or read information while mutually exchanging information with the reader depending on the manipulation of a user.
[2] That is, the present invention relates to a method in which flash memory is provided in a typically used smart card, so that a smart card can function both as a single credit card and as a medium capable of storing digital information, and so that digital information stored in the flash memory is protected using the unique information of the smart card. Background Art
[3] Generally, a smart card stores therein information about authentication, a credit card, a payment account, etc., thus being used as a transportation card, a credit card, etc. In addition, a smart card may be used for banking operations such as account inquiry, account transfer, and bank withdrawals.
[4] Meanwhile, the functionality of portable devices, such as an MPEG Audio Layer-3
(MP3) player, a Portable Multimedia Player (PMP), and a digital camera, has gradually been becoming diversified and increasing, and the storage capacity of portable devices has also increased to enable the storage of various types of content. For example, when a video capturing function is performed using a digital camera, a larger storage capacity is required to capture video, compared to the capturing of still images.
[5] A structure in which a large-capacity storage space required for such an additional functionality is included in all portable devices may cause problems in that it not only becomes a cause of increasing the costs of devices, but also forces a user who does not need such an additional functionality to purchase the devices after paying unnecessary costs.
[6] In order to solve these problems, manufacturing companies which manufacture portable devices such as an MP3 player, a PMP, and a digital camera intend to fix the size of memory provided in each device to a predetermined size, to mount a separate memory card in the device, and to extend the size of the memory at the request of a user.
[7] However, as portable devices get diversified and various types of memory cards are applied to the portable devices, a user having various portable devices undergoes inconvenience in that he or she must individually prepare various types of memory cards (for example, a Secure Digital [SD] memory card, a Smart Media Card [SMC], a Multimedia Card [MMC], a memory stick, a Universal Serial Bus [USB] disc, etc.).
[8] Further, there are problems in that, when such a memory card is lost or stolen, information contained in the memory card is exposed to the person who has acquired the memory card, so that important personal or secret information may be easily exposed, thus resulting in considerable secondary damage, and allowing content, purchased by paying the costs, to be easily used by the person who acquired the memory card without paying the costs.
[9] In addition, there is a problem in that, since personal information is not recorded in a memory card unless it is specially recorded in the memory card, the person who has acquired the memory card cannot easily return the memory card to the owner who lost the memory card even if the person intends to return the memory card. Disclosure of Invention
Technical Problem
[10] Accordingly, the present invention has been made keeping in mind the above problems occurring in the prior art, and an object of the present invention is to provide a smart card having flash memory in which flash memory is included in an existing smart card and which is configured to provide storage space for digital information as well as the function of the smart card itself, to encrypt information to be protected using the unique authentication information of the smart card (for example, a card serial number), and to store the encrypted information, so that both a smart card function and a memory card function for information protection can be implemented together in a single card, and to provide a reader for the smart card and a digital rights management method using the reader. Technical Solution
[11] In order to accomplish the above object, the present invention provides a smart card having flash memory, comprising a smart card Chip On Board (COB) having a plurality of input/output terminals; and a flash memory COB having a plurality of input/output terminals.
[12] In this case, the respective terminals of the smart card COB and the flash memory
COB may be terminals connected to a reader for recording or reading information in or from the smart card COB or the flash memory COB.
[13] Meanwhile, the smart card COB and the flash memory COB may be provided to be electrically isolated from each other, or electrically connected to each other.
[14] Further, the flash memory COB may be divided into a security area and a normal area.
[15] In this case, when recording or reading is performed on the security area of the flash memory COB of the smart card by the reader, the recording or reading may be performed after Digital Rights Management (DRM) authentication has been performed by an Application Specific Integrated Circuit (ASIC) of the reader.
[16] Further, the DRM authentication by the ASIC of the reader may be performed based on physical characteristics of flash memory constituting the flash memory COB of the smart card.
[17] In this case, the physical characteristics may indicate information about unit area- based bad patterns of the flash memory.
[18] Further, the information about the bad patterns may be information about one of bad blocks, bad pages and bad bits.
[19] Further, the DRM authentication by the ASIC of the reader may be performed based on both the physical characteristics of the flash memory of the flash memory COB and unique authentication information stored in the smart card COB.
[20] Further, in order to accomplish the above object, the present invention provides a reader for a smart card having flash memory, wherein the reader exchanges information with the smart card through connection terminals connected to respective terminals of the smart card COB and the flash memory COB in a wired or wireless manner, and records or reads information in or from the flash memory COB.
[21] In this case, the reader may be connected to an external terminal in a wired or wireless manner, and may perform a record operation of recording digital content data stored in the terminal in the flash memory COB, or a read operation of reading digital content data recorded in the flash memory COB and transmitting the read digital content data to the terminal.
[22] Further, the reader may be operated in connection with an application program of the terminal, which performs control such that, in a case where a request for protection of the digital content data is received, the operation of recording and reading the digital content data is performed differently from that of a case where a request for protection of the digital content data is not received.
[23] Further, the application program of the terminal may access an external smart card server, and inquire whether an incident concerning the smart card has been reported when the request for protection of the digital content data is received, and may transmit the protection-requested digital content data to the reader when the smart card is a smart card for which an incident has not been reported, and the reader may perform Digital Rights Management (DRM) by generating an encryption table using bad patterns of flash memory constituting the flash memory COB, encrypting the protection-requested digital content data using the encryption table, and recording the encrypted digital content data in the flash memory COB when it is determined by the application program of the terminal that the smart card is a smart card for which an incident has not been reported.
[24] Further, the reader may be connected to the smart card server either in a wired manner through the terminal or in a wireless manner through a separately provided wireless port.
[25] Meanwhile, the application program of the terminal may access the external smart card server, and inquire whether an incident concerning the smart card has been reported, using unique authentication information of the smart card COB, read by the reader when the request for protection of digital content data is received.
[26] Further, the reader may be operated such that, if it is determined by the application program of the terminal that the smart card is a smart card for which an incident has not been reported, the reader receives a read permission command for the digital content data from the application program of the terminal, performs a read operation of generating a decryption table for the digital content data, which is encrypted and stored in the flash memory COB, and decrypting the encrypted digital content data using the decryption table, and transmits the decrypted digital content data to the terminal.
[27] Further, the reader may be operated such that, if it is determined by the application program of the terminal that the smart card is a smart card for which an incident was reported, the reader receives a read denial command for the digital content data from the application program of the terminal, and does not perform an operation of decrypting the digital content data, which is encrypted and stored in the flash memory COB.
[28] Further, the reader may further comprise an additional connection terminal connected to a second IC card, and may be configured such that, when the reader is connected to a relevant server, which uses unique authentication information of the smart card COB or the second IC card, the reader transmits the unique authentication information of the smart card COB or the second IC card to the relevant server, thus enabling electronic commerce to be conducted in the relevant server.
[29] In this case, the reader may be connected to the relevant server either in a wired manner through the terminal or in a wireless manner through a separately provided wireless port.
[30] Further, the reader may enable the electronic commerce to be conducted in the relevant server using either or both of a certificate stored in the flash memory COB of the smart card and the unique authentication information of the second IC card.
[31] Further, the reader may enable the electronic commerce to be conducted in the relevant server using either or both of a certificate stored in the flash memory COB of the smart card and the unique authentication information of the smart card COB.
[32] Further, the security area in a memory area of the flash memory COB may be divided into a banking area for use of banking and a personal area for use of data storage, which are separately provided, and the reader may prohibit information stored in the banking area from being accessed when the information of the banking area is requested by the terminal, but prohibition of access to the information of the banking area may be released when input authentication information received from the terminal is identical to the unique authentication information stored in the smart card COB.
[33] Meanwhile, the banking area may include a One Time Password (OTP) generation area in which an OTP can be generated, and the reader further comprises a display unit for displaying information about the OTP generated in the OTP generation area when a request for generation of the OTP is received from the terminal.
[34] Further, the reader may transmit data stored in the personal area to memory of the terminal at a same time that the reader is connected to the terminal.
[35] Further, when the reader accesses an external smart card server, the reader may receive details of an electronic bankbook corresponding to the unique authentication information of the smart card COB from the smart card server, and transmit the details of the electronic bankbook to the banking area of the flash memory COB, thus enabling the details of the electronic bankbook to be stored in the banking area.
[36] Further, the reader may receive update information about the smart card from the smart card server while accessing an external smart card server, and transmit the update information to the banking area of the flash memory COB, thus updating information of the banking area.
[37] Meanwhile, in order to accomplish the above object, the present invention provides a
Digital Rights Management (DRM) method using the reader for a smart card having flash memory, comprising the steps of examining unit area-based bad patterns of flash memory constituting a flash memory COB of the smart card connected to the reader and determining a bad pattern extraction area; recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; and examining an area corresponding to the area code recorded in the table select code field, thus configuring a bad pattern DRM table on a basis of a bad pattern table.
[38] In this case, the bad pattern table may be generated at a time of formatting the flash memory, and is configured such that address values of unit area-based bad patterns, which are possible physical characteristics of a memory device, are recorded in the bad pattern table.
[39] Further, the bad pattern DRM table may be configured using only the bad pattern table.
[40] Further, the bad pattern DRM table may be configured using a card serial number field of the card ID, and is configured by padding values that are generated by sequentially performing an XOR operation on values of the bad pattern table and a value of a card serial number.
[41] Further, the bad patterns may be bad blocks, bad pages or bad bits.
[42] Further, the bad pattern extraction area may be one of an area including all blocks of the memory, an area including more than a threshold number of bad patterns, and an area including a maximum number of bad patterns.
[43] Further, the unit areas may be areas set based on multiples of 2048 blocks.
[44] Further, the threshold number may be 128, which is the number of bad blocks.
[45] Further, the bad pattern DRM table may have a size of 256 bytes.
[46] Further, the flash memory may be NAND flash memory.
[47] In order to accomplish the above object, the present invention provides a Digital
Rights Management (DRM) method using the reader for a smart card having flash memory, comprising the steps of extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; and generating an encryption key using the extracted physical characteristics of the flash memory.
[48] In order to accomplish the above object, the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of examining unit area-based pad patterns of a flash memory device constituting a flash memory COB of the smart card connected to the reader and determining a bad pattern extraction area; recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; examining an area corresponding to the area code recorded in the table select code field, thus configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table; and recording digital content data in the flash memory using the bad pattern DRM table as an encryption key.
[49] In order to accomplish the above object, the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; generating an encryption key using the extracted physical characteristics of the flash memory; and recording digital content data in the flash memory using the generated encryption key.
[50] In order to accomplish the above object, the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of setting an area, in which addresses of bad areas of memory used are recorded, in a header data area, which is an area for storing characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader, rather than a data storage space, and recording the addresses in the set area; and extracting encryption feature values by combining the addresses of the bad areas, encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
[51] In order to accomplish the above object, the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of marking bad areas of memory used in flash memory, constituting a flash memory COB of the smart card connected to the reader, at defined locations of corresponding spare areas as bad areas, and extracting encryption feature value by combining addresses of the bad areas; and encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
[52] In order to accomplish the above object, the present invention provides a method of recording digital content using the reader for a smart card having flash memory, comprising the steps of marking bad areas of memory used in flash memory, constituting a flash memory COB of the smart card connected to the reader, at defined locations of corresponding spare areas as bad areas, and extracting encryption feature values using specific values recorded in the memory; and encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
[53] In this case, the specific values may be serial numbers.
[54] In order to accomplish the above object, the present invention provides a digital content storage medium using the reader, wherein an area code, which is a code value of a bad pattern extraction area in flash memory constituting a flash memory COB of a smart card connected to the reader, is recorded in a table select code field of a card ID, and wherein digital content data is recorded using a DRM encryption table, which is configured based on a bad pattern table by examining an area corresponding to the area code recorded in the table select code field, as an encryption key.
[55] In order to accomplish the above object, the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of examining an area corresponding to an area code recorded in a table select code field of a card ID of flash memory constituting a flash memory COB of the smart card, thus configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table when the flash memory COB of the smart card is connected to the reader; examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns; and reading digital content data using the bad pattern DRM table as a decryption key on a basis of results of the examination.
[56] In this case, the step of examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns may be performed by disabling a Write Protect (WP) pin and writing 0xAA55 and 0x55AA in corresponding pages of real bad patterns, thus examining whether the patterns are real bad patterns.
[57] In order to accomplish the above object, the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; generating a decryption key using the extracted physical characteristics of the flash memory; and reading digital content data using the generated decryption key.
[58] In order to accomplish the above object, the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of reading addresses of bad areas from a header data area, which is an area for storing characteristics of flash memory constituting a flash memory COB of the smart card, and calculating encryption feature values used to encrypt the digital content data by combining the addresses of the bad areas when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the digital content data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[59] In order to accomplish the above object, the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of examining flash memory constituting a flash memory COB of the smart card, reading addresses of bad areas, and calculating encryption feature values used to encrypt digital content data by combining the addresses of the bad areas when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[60] In order to accomplish the above object, the present invention provides a method of reading digital content using the reader for a smart card having flash memory, comprising the steps of examining flash memory constituting a flash memory COB of the smart card, reading specific values recorded in the memory, and calculating encryption feature values used as the specific values when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining the specific values recorded in the memory used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[61] In this case, when the flash memory COB is connected to the reader, whether the bad areas are physically formed, or are simply marked for duplication may be determined through a procedure for recording/reading data in/from the bad areas.
[62] In order to accomplish the above object, the present invention provides a computer- readable recording medium for storing, in a Digital Rights Management (DRM) apparatus having a processor, a program for implementing a function of examining unit area-based bad patterns of flash memory constituting a flash memory COB of a smart card connected to the reader, and determining a bad pattern extraction area; a function of recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; and a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on a basis of a bad pattern table.
[63] In order to accomplish the above object, the present invention provides a computer- readable recording medium for storing, in a Digital Rights Management (DRM) apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader; and a function of generating an encryption key using the extracted physical characteristics of the flash memory.
[64] In order to accomplish the above object, the present invention provides a computer- readable recording medium for storing, in a digital content recording apparatus having a processor, a program for implementing a function of examining unit area-based bad patterns of flash memory constituting a flash memory COB of a smart card connected to the reader, and determining a bad pattern extraction area; a function of recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on a basis of a bad pattern table; and a function of recording data in the flash memory using the bad pattern DRM table as an encryption key.
[65] In order to accomplish the above object, the present invention provides a computer- readable recording medium for storing, in a digital content recording apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader; a function of generating an encryption key using the extracted physical characteristics of the flash memory; and a function of recording digital content data in the flash memory using the generated encryption key.
[66] In order to accomplish the above object, the present invention provides a computer- readable recording medium for storing, in a digital content reading apparatus having a processor, a program for implementing a function of examining an area corresponding to an area code, recorded in a table select code field of a card ID, and configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table when flash memory constituting a flash memory COB of a smart card connected to the reader is inserted; a function of examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns; and a function of reading digital content data using the bad pattern DRM table as a decryption key on a basis of results of the examination.
[67] In order to accomplish the above object, the present invention provides a computer- readable recording medium for storing, in a digital content reading apparatus having a processor, a program for implementing a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader; a function of generating a decryption key using the extracted physical characteristics of the flash memory; and a function of reading digital content data using the generated decryption key.
Advantageous Effects
[68] The smart card having flash memory, a reader for the smart card, and a digital rights management method using the reader according to the present invention are advantageous in that, since flash memory is included in an existing smart card, storage space for digital information, as well as the function of the smart card itself, are provided, and, in addition, information requiring protection is encrypted using the unique authentication information of the smart card and the encrypted information is stored therein, so that a smart card function and a memory card function for information protection can be simultaneously provided through a single card. Brief Description of Drawings [69] FIG. 1 is a diagram showing an example of a conventional smart card;
[70] FIG. 2 is a diagram showing an example of a smart card having flash memory according to an embodiment of the present invention; [71] FIG. 3 is a diagram showing the construction of a reader for the smart card having flash memory of FIG. 2; [72] FIG. 4 is a diagram showing the connection of a communication network for inquiry about the occurrence of an incident concerning the smart card of FIG. 2; [73] FIG. 5 is a diagram showing an example of the construction of flash memory used in the present invention;
[74] FIG. 6 is a diagram showing an example of the card ID of FIG. 5;
[75] FIG. 7 is a diagram showing an example of a bad pattern extraction area when all the blocks of flash memory are divided by 2048 blocks, according to an embodiment of the present invention; [76] FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention; [77] FIG. 9 is a diagram showing an example of a 256-byte bad block DRM table generated in the bad block table of area 1 having more than 128 bad blocks according to an embodiment of the present invention; [78] FIG. 10 is a diagram showing an example of the bad block table of area 2 having less than 128 bad blocks according to the present invention; [79] FIG. 11 is a diagram showing another example of a 256-byte bad block DRM table generated by attaching padding data to the bad block table of area 2 of FIG. 6 having
128 or less bad blocks according to an embodiment the present invention; [80] FIG. 12 is a flowchart showing an example of a digital content recording method according to an embodiment of the present invention; [81] FIG. 13 is a flowchart showing an example of an authentication process for digital content play according to an embodiment of the present invention; [82] FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention; [83] FIG. 15 is a diagram showing an example of a digital content recording apparatus according to an embodiment of the present invention; [84] FIG. 16 is a diagram showing an example of a digital content play apparatus according to an embodiment of the present invention; and [85] FIG. 17 is a diagram showing an example of a key generation apparatus for an asymmetric encryption system to which the present invention is applied. Best Mode for Carrying out the Invention
[86] Hereinafter, embodiments of the present invention will be described in detail with reference to the attached drawings. Prior to description, the terms and words used in the present specification and claims should not be interpreted as being limited to their typical meanings based on the typical or dictionary definitions thereof, but should be interpreted as having meanings and concepts corresponding to the technical spirit of the present invention on the basis of the principle by which the inventor can suitably define the implications of terms in the way which best describes the invention.
[87] Therefore, the construction described in the present specification and shown in the drawings is only a preferred embodiment of the present invention, and is not intended to represent all the technical spirit of the present invention. Accordingly, it should be understood that various equivalents and modifications capable of replacing the above embodiments may exist at the time at which the present invention is filed.
[88] FIG. 1 is a diagram showing an example of a conventional smart card. As shown in the drawing, a smart card Chip On Board (COB) 2 is provided in a smart card 1.
[89] FIG. 2 is a diagram showing a structure in which a flash memory COB 12 is additionally mounted in a space other than the region, in which the smart card COB 2 is mounted, in the conventional smart card 1 of FIG. 1.
[90] In detail, a smart card 10 having the flash memory of FIG. 2 according to the present invention includes a smart card COB (or IC card COB) for functioning as a credit card or a transportation card, and a flash memory COB 12 for functioning to store data, such as digital content data.
[91] Here, the flash memory COB 12 is provided to be electrically isolated from the smart card COB 11, or to be electrically connected to the smart card COB 11.
[92] The smart card COB 11 and flash memory COB 12 each include a plurality of input/ output terminals. The input/output terminals denote terminals connected to the dedicated reader 20 of FIG. 3 which records or reads digital content data.
[93] The flash memory COB 12 may be divided into a security area and a normal area.
[94] The security area is an area in which data requiring security is stored, and the normal area is an area opposite the security area and a space in or from which data can be freely recorded or read.
[95] When recording or reading is performed on the security area of the flash memory
COB 12 of the smart card 10 by the reader 20, recording or reading is preferably performed after Digital Rights Management (DRM) authentication has been performed by the Application- Specific Integrated Circuit (ASIC) of the reader 20.
[96] The DRM authentication by the ASIC of the reader 20 may be performed on the basis of the physical characteristics of flash memory, constituting the flash memory COB 12 of the smart card 10.
[97] The term "physical characteristics" means information about unit area-based bad patterns of the flash memory. The information about the bad patterns may be information about one of bad blocks, bad pages and bad bits.
[98] Meanwhile, the DRM authentication by the ASIC of the reader 20 may be implemented on the basis of the physical characteristics of the flash memory of the flash memory COB 12 and unique authentication information (for example, a credit card serial number, the personal information of a credit card holder, etc.) stored in the smart card COB 11. In this case, there is an advantage in that security authentication can be more stringently or reliably performed compared to the case where authentication is implemented on the basis of the physical characteristics.
[99] Of course, when the above-described smart card 10 having flash memory according to the present invention is used as a credit card or a transportation card, it can be used according to the same method as that of an existing smart card. When information (digital content data or the like) is intended to be recorded in the flash memory COB 12, or when recorded information (digital content data or the like) is intended to be read from the flash memory COB 12, recording or reading is possible by allowing the smart card 10 to be connected to the terminal 30 in such a way that the smart card 10 is connected to or inserted into the dedicated reader 20.
[100] Here, it is apparent that the terminal 30 may be one of a Personal Computer (PC), a notebook computer, a mobile phone, a Personal Digital Assistant (PDA), etc.
[101] Referring to FIG. 3, such a dedicated reader 20 exchanges information with the smart card COB 11 and the flash memory COB 12 through connection terminals 21 and 22 connected to the respective terminals of the smart card COB 11 and the flash memory COB 12. As described above, such a reader 20 is a component for recording or reading information in or from the flash memory COB.
[102] As shown in FIG. 3, it is apparent that the connection terminals 21 and 22 may be divided into a smart card contact point 21 connected to the smart card COB 11 in a wired/wireless manner and a flash memory contact point 22 connected to the flash memory COB 12 in a wired/wireless manner.
[103] That is, since such a reader 20 is provided with a socket including the plurality of connection terminals 21 and 22 capable of simultaneously connecting to the smart card COB 11 and the flash memory COB 12, the reader 20 can be manufactured in a structure capable of exchanging COB information about each of the smart card COB 11 and the flash memory COB 12.
[104] The reader 20 may be coupled or connected to the terminal 30, as shown in FIG. 3, while the smart card 10 is connected to or inserted into the reader 20.
[105] That is, the reader 20 may be connected to the external terminal 30 in a wired or wireless manner. At this time, both a record operation of recording digital content data, stored in the terminal 30, in the flash memory COB 12, and a read operation of reading digital content data, recorded in the flash memory COB 12, and transmitting the digital content data to the terminal 30 can be performed.
[106] In more detail, the reader 20 can perform both a record operation of encrypting the digital content data, stored in the terminal 30, and storing the encrypted digital content data in the flash memory COB 12, and a read operation of decrypting the digital content data, encrypted and stored in the flash memory COB 12, and providing the decrypted digital content data to the terminal 30.
[107] Here, it is apparent that each of the connection terminals 21, 22 and 23 of the reader 20, which is connection means to be connected to the terminal 30, may be implemented using one selected from among Secure Digital (SD), a Multimedia Card (MMC), a Universal Serial Bus (USB), micro SD, and a S-flash means.
[108] Such a reader 20 can be connected to the application program of the terminal 30 through the above-described connection means, and thus can be operated.
[109] According to the above-described application program, the reader 20 can be controlled so that an operation of recording and reading digital content data in and from the flash memory COB 12 using the reader 20 can be performed differently depending on whether an information protection request for the digital content data has been received from the user.
[110] That is, the reader 20 is connected to and operated by the application program of the terminal 30 which performs control such that, in the case where an information protection request for the digital content data is received from the terminal 30, the record and read operation for the digital content data is performed differently from that of the case where the information protection request is not received.
[I l l] An operation of recording and reading information using the reader 20 can be performed by the following two flows depending on whether relevant digital content data requires protection.
[112] In the first flow, when the fact that the protection of digital content data is not required is received from the user, the application program connects the reader 20 and the flash memory COB 12 to the terminal 30, thus enabling the flash memory COB 12 to be used as a typical large-capacity storage device.
[113] In this case, the reader 20 may freely record or read relevant digital content data in or from the flash memory COB 12 through the application program included in the present invention, or a general-purpose search program (for example, Windows Explorer).
[114] In the second flow, when the fact that the protection of digital content data is required is received from the user, the application program allows the reader 20 to perform a record operation under the control of the application program using the following method.
[115] That is, the reader 20 may generate an encryption table in which the location and number of bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of the flash memory constituting the flash memory COB 12 are used as unique factors. Information requiring protection can be encrypted and the encrypted information can be decrypted using the encryption table.
[116] Hereinafter, the read operation of the reader 20 related to the second flow is described in detail with reference to FIGS. 3 to 4.
[117] When a request for the protection of digital content data is received from the user, the application program of the terminal 30 accesses an external smart card server 40 and inquires whether an incident concerning the smart card 10 has been reported.
[118] In more detail, the application program of the terminal 30 may access the external smart card server 40, inquire whether an incident concerning the smart card 10 has been reported using the unique authentication information stored in the smart card COB 11 read by the reader 20, and perform an operation of reading digital content data from the flash memory COB 12 differently depending on whether the incident has been reported.
[119] That is, the application program reads the unique authentication information (for example, a credit card serial number, the personal information of a credit card holder, etc.) of only a relevant smart card 10 from the smart card COB 11 through the reader 20, and accesses the smart card server 40 (for example, the server of a credit card company), capable of determining using the read unique authentication information whether an incident concerning the smart card 10 has occurred, in a wired/wireless manner.
[120] It is apparent that the unique authentication information required for the determination of the occurrence of an incident may be replaced with any type of unique authentication information distinguishable from other cards, in addition to the credit card serial number.
[121] The reader 20 may access the smart card server 40 in a wired manner by accessing the Internet through the terminal 30, but may access the smart card server 40 in a wireless manner using a wireless port 24 separately provided on the reader 20 without requiring the terminal 30.
[122] In this case, if, as a result of the comparison of unique authentication information, it is determined that the relevant card is a smart card 10 for which an incident has not been reported, the protection-requested digital content data is transmitted to the reader 20 so that the digital content data can be stored in the flash memory COB 12.
[123] At this time, the reader 20 generates an encryption table using the bad patterns (bad blocks, bad pages, bad bits, etc.) of the flash memory constituting the flash memory COB 12, encrypts the protection-requested digital content data using the encryption table, and records the encrypted digital content data in the flash memory COB 12, thus performing DRM for the digital content data.
[124] Of course, as described above, in the case of a smart card for which an incident has not been reported, the reader 20 can perform a read operation as well as the record operation, as described below.
[125] If it is determined that a relevant card is a smart card 10, for which an incident has not been reported, the reader 20 receives a read permission command for the digital content data from the application program of the terminal 30, performs a read operation of generating a decryption table for the digital content data which is encrypted and stored in the flash memory COB 12, decrypting the encrypted digital content data using the decryption table, and transmits the decrypted digital content data to the terminal 30.
[126] That is, when the reader 20 reads the protected (encrypted) digital content data from the flash memory COB 12, the reader 30 accesses the smart card server 40 in a wired or wireless manner and determines using the unique authentication information of the smart card COB 11 whether an incident concerning the smart card has been reported, on the basis of the same principle as that of the case where information requiring protection is recorded. If it is determined that the relevant card is a smart card 10 for which an incident has not been reported, the reader 30 receives a read permission command for the digital content data, generates a decryption table, decrypts the encrypted information, and provides the decrypted information to the terminal 30.
[127] Second, if, as a result of the comparison of the unique authentication information, it is determined by the application program that a relevant card is a smart card 10 for which an incident was reported, the reader 20 receives a read denial command for the digital content data from the application program of the terminal 30, and does not perform decryption (read operation) of the digital content data which is encrypted and stored in the flash memory COB 12, thus preventing the terminal 30 from using the digital content data.
[128] Of course, if, as a result of the comparison of the unique authentication information, it is determined that the relevant card is a smart card 10 for which an incident was reported, an operation of recording (storing) desired digital content data in the flash memory COB 12 of the reported smart card 10 may not be performed, either.
[129] Meanwhile, in the case of the smart card 10 for which an incident was reported, the stored encrypted information cannot be read, but the present invention may be constructed such that the encrypted information can be read again after the situation of the incident has been terminated through the recovery of the lost smart card 10 and the lost smart card 10 is returned to the smart card 10 for which an incident has not been reported.
[130] Meanwhile, the present invention may be constructed such that, depending on the type of incident report (for example, loss, a theft, disposal, etc.), relevant information can be completely deleted, or the current Internet access address (for example, IP address) of the flash memory COB 12 or the like can be immediately and automatically reported to the smart card server 40.
[131] According to the above construction of the present invention, in addition to the functionality of a credit card or a transportation card, a typical storage disc function may be added to the smart card 10 through the provision of the dedicated reader 20. Further, the functioning of the smart card as a security disc, enabling only a user to record or read relevant information, can also be predicted.
[132] Typically, the credit card or the transportation card should not be lent to other persons regardless of time or place, and a user must pay great attention to preventing the occurrence of loss or theft, as they would with cash, by personally carrying the credit card or the transportation card. That is, information stored in the flash memory COB 12, included in the smart card 10 (credit card or transportation card), must be primarily secured by the user him or herself. In general, when the loss or theft of the card occurs, this must be immediately reported to the smart card server (a card company), thus preventing damage from occurring.
[133] Therefore, according to the present invention, important data or expensive digital information, which requires security and which must not be read by persons other than the user him or herself, is blocked in real time using the unique authentication information of the reported smart card COB 11, so that there are advantages in that additional loss attributable to the exposure of relevant data and the risks of an incident may be greatly reduced, as well as affording the protection of the relevant data.
[134] Further, there are advantages in that, since the flash memory COB 12 and the smart card COB 11 provided in the smart card 10 do not form a complete electrical or magnetic connection to each other unless the dedicated reader is used, they have no effect on various other electronic transactions, such as inquiry/payment transactions using an existing IC card reader. Accordingly, the present invention may be free of the problem of compatibility with a credit card or transportation card service terminal that may occur in the commercialization stage of the present invention.
[135] Meanwhile, the reader 20 may be further provided with the additional connection terminal 23 connected to some other IC card (not shown) in a wired or wireless manner, in addition to the connection terminals 21 and 22 connected to the smart card COB 11 and the flash memory COB 12 in a wired or wireless manner.
[136] At this time, when the reader 20, to which the other IC card is connected in a wired or wireless manner, is connected to a relevant server (not shown), which uses the unique authentication information of the other IC card, through the connection to the terminal 30, the unique authentication information of the other IC card is transmitted to the relevant server (not shown), thus enabling electronic commerce, such as Internet banking, electronic payment, account transfer, account inquiry, and bank withdrawals, to be conducted through the server (not shown).
[137] Here, the term "unique authentication information" may be at least one of a unique card number, personal information, and a separate certificate, or combinations thereof.
[138] Further, the term "relevant server (not shown)" may be a financial institution, such as a bank, or another shopping mall site, in which electronic commerce is conducted using the unique information on the other IC card.
[139] Further, the reader 20 may be configured to be connected to the relevant server (not shown) either in a wired manner through the terminal 30 or in a wireless manner through the separately provided wireless port 24.
[140] Meanwhile, the reader 20 enables electronic commerce to be conducted in the relevant server (not shown) using either or both of a certificate previously stored in the flash memory COB 12 and the unique authentication information of the other IC card. When both are used in this way, the error or risk of the electronic commerce can be reduced, and the reliability of the use of the electronic commerce can be improved.
[141] Of course, in the present invention, the reader 20 may be connected to the terminal 30 while being connected to the smart card 10, so that, even when the reader 20 is connected to the relevant server for conducting electronic commerce using the unique authentication information of the smart card COB 11, the reader 20 can enable the above-described electronic commerce to be conducted by transmitting the unique authentication information of the smart card COB 11 to the server.
[142] In this case, the reader 20 may enable electronic commerce to be conducted in the relevant server (not shown) using either or both of the certificate previously stored in the flash memory COB 12 and the unique authentication information of the smart card COB 11.
[143] Meanwhile, the security area in the memory area of the flash memory COB 12 may be divided into a banking area for the use of banking and a personal area for the use of data storage, which may be separately provided.
[144] At this time, when information stored in the banking area (information required for banking management, such as a certificate, One Time Password [OTP] generation information, and an electronic bankbook) is requested by the user of the terminal 30, the reader 20 blocks the provision of the information stored in the banking area by prohibiting the user from accessing the banking area, thus protecting the information stored in the banking area. Of course, the reader 20 may be configured such that, when authentication has been completed through a separate verification procedure (for example, user authentication corresponding to the case where authentication information received from the terminal 30 and the unique authentication information stored in the smart card COB 11 are identical to each other) at the time of prohibiting the user from accessing the banking area, the stored information can be provided by releasing the prohibition of access to the information of the banking area.
[145] Meanwhile, when information stored in the personal area is requested by the user, the information stored in the personal area (for example, music, movie, pictures, files, other data folders, etc.) may be provided to the terminal 30. This operation is required in order to allow the user to freely use and manage the information in his or her PC.
[146] Meanwhile, the banking area in the flash memory COB 12 may include an OTP generation area in which a signal is received from a satellite and a One Time Password (OTP) can be generated. In this case, the reader 20 may further include a display unit (not shown) for receiving and displaying information about the OTP generated in the OTP generation area when a request for the generation of the OTP is received from the terminal 30.
[147] That is, electronic commerce, such as Internet banking, bank inquiry, electronic payment, and bank withdrawals, can be safely performed by inputting the OTP information, displayed on the display unit (not shown) of the reader 20, to the terminal 30.
[148] Meanwhile, the reader 20 may be configured to transmit information stored in the personal area to the memory of the terminal 30 at the same time that the reader 20 is c onnected to the terminal 30. This configuration is very useful because information that has been previously transmitted to and stored in the computer 30 can be used even if the smart card 10 is lost in the future. Of course, this configuration may also include a component for automatically displaying and indicating a popup window so that the information stored in the personal area is transmitted to the memory of the terminal 30 at the same time that the reader 20 is connected to the terminal 30.
[149] Further, when the reader 20 is connected to the terminal 30 and then accesses the smart card server 40, the reader 20 receives the details of an electronic bankbook corresponding to the unique authentication information of the smart card COB 11 from the smart card server 40, and automatically transmits the details to the banking area of the flash memory COB 12 to enable the details of the electronic bankbook to be stored in the banking area, thus enabling the smart card to replace the function of a typical paper bankbook.
[150] Further, while the reader 20 is connected to the terminal 30 to communicate with the external smart card server 40, the reader 20 receives update information about a relevant smart card from the smart card server 40, and transmits the update information to the banking area of the flash memory COB 12, thus enabling the information stored in the banking area to be automatically updated. Here, the update information may be update information about a certificate, personal information, an electronic bankbook, etc.
[151] Hereinafter, embodiments of the present invention, in which the reader 20 generates an encryption table in which the physical characteristics of the flash memory constituting the flash memory COB 12, in detail, the location and number of bad blocks corresponding to the physical characteristics, are used as unique factors, will be described with reference to FIGS. 5 to 17.
[152] The flash memory is a memory device enabling data to be continuously stored therein even when power is removed, and is capable of freely storing/erasing data. Such flash memory is classified into a NOR type and a NAND type according to the internal structure thereof. The NOR flash memory has a structure in which cells are connected in parallel, and the NAND flash memory has a structure in which cells are connected in series.
[153] Therefore, the NAND flash memory is mainly used for an SD card or a memory stick among various memory cards, and the NOR flash memory is mainly used for an MMC card or compact flash memory.
[154] Such flash memory has characteristics that power consumption is low, and stored information is retained without being lost even when power is turned off. Further, flash memory is non- volatile memory to which power is continuously supplied, and is not only capable of retaining the stored information in an unchanged state even when power is shut off, unlike Dynamic Random Access Memory (DRAM), but also is capable of freely inputting or outputting information. Accordingly, flash memory is widely used in digital Televisions (TV), digital camcorders, mobile phones, digital cameras, Personal Digital Assistants (PDA), game playing devices, MP3 players, etc.
[155] However, recently, with the realization of ultra high speed Internet infrastructures, the improvement of the performance of terminals, and the large-capacity of storage units, a great number of illegally duplicated data, sound and video sources, and digital content data, such as educational content, are exposed to typical users without being appropriately paid for, and are then illegally shared and used therebetween. Due thereto, an idea that digital content is provided for free has become fixedly lodged in the mind of typical users, thus resulting in the withering of markets for files, recorded musical, video, and educational media, the copyrights of which are to be protected.
[156] Although the problem of the protection of digital content rights has arisen due to the spreading of the illegal use, it is almost impossible in actual situations to inhibit users who have experienced the use of free content and know the methods for using content for free from spreading and using illegally duplicated digital content, and to induce them to pay costs suitable for the rights to the content and to use the content.
[157] According to the present invention, since bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of a memory device, such as the flash memory of the flash memory COB 12 provided in the smart card (for example, NAND flash memory or the like) are used as an encryption key, the rights of digital content stored in the flash memory can be protected, and thus the above problem of the content rights can be solved.
[158] Here, the physical characteristics of the flash memory may be the bad blocks, bad pages or bad bits. In the present invention, it is apparent that the encryption table can be generated by using the location and number of bad pages or bad bits, as well as the bad blocks, as unique factors.
[159] In the embodiment of the present invention, for convenience of description, a specified file system suitable for a read only storage medium, rather than a public file system such as a File Allocation Table (FAT) 16 or FAT32, is described by way of example together with the fundamental structure of NAND flash memory. However, it should be noted that the present invention is not limited to this example.
[160] The construction of the file system, as described later, is also characterized in that digital content data is encrypted using a bad pattern DRM table (DRM encryption table) at the time of recording the digital content. That is, in the structure of the file system, the entire area, excepting a minimum region required to detect the bad pattern DRM table (DRM encryption table), is encrypted through relevant Digital Rights Management (DRM), and thus typical access to the area is blocked.
[161] Generally, the physical block number '0' of the flash memory (hereinafter referred to as a 'zero block') is used by the manufacturing company thereof to guarantee that the block is not a bad block. Therefore, in the zero block, format-related information of the flash memory, a medium ID (card ID), etc. are stored.
[162] Hereinafter, a block in which bad bits are present according to bad bit information is described by way of example.
[163] However, it should be noted that the present invention can also be equally applied to a page (that is, a bad page) in which bad bits are present according to bad bit information. Therefore, in the case of bad blocks, a bad block DRM table may be used as a DRM encryption table, and in the case of bad pages, a bad page DRM table may be used as a DRM encryption table. The bad block DRM table and the bad page DRM table may be collectively called a 'bad pattern DRM table (DRM encryption table)'.
[164] With reference to FIG. 5, the construction of the zero block of flash memory constituting the flash memory COB 12 is described. In a Master Boot Recorder (MBR) corresponding to 'page number 0 of the zero block', information about the construction of the flash memory and the file system is recorded. [165] Further, in 'page numbers 1 to 5 of the zero block', bad block marking information is recorded. In particular, in 'page number 9 of the zero block', a card ID corresponding to a medium ID is stored. Such a card ID is composed of pieces of specific information (for example, memory card version, a DRM table select code, an area code, a manufacturing company code, a copyright holder ID [writer ID], and card serial number information) of the flash memory, as shown in FIG. 6.
[166] In particular, in the DRM table select code field (Offset 2) of FIG. 6 in the card ID (page number 9 of zero block), information about the code of an area (area code), in which bad patterns (bad blocks, bad pages, bad bits, etc.) desired to be used for a DRM encryption table (bad block DRM table) are present (that is, an area having more than a threshold number of bad blocks or an area having a maximum number of bad blocks), is recorded when DRM using bad patterns (bad blocks, bad pages, bad bits, etc.) which are the physical characteristics of the flash memory is implemented.
[167] At this time, the bad pattern extraction area of the flash memory may be either an entire block area of the flash memory or only a specific area. Further, the DRM encryption table (bad block DRM table) using the extracted bad patterns may be configured to have various sizes, such as 128 bytes, 256 bytes, or 512 bytes.
[168] However, for convenience of description, in the present embodiment, an example will be described on the assumption that the DRM encryption table has a size of 256 bytes and the bad pattern extraction area required for the configuration of the DRM encryption table is a specific area of the flash memory, rather than the entire area. However, it should be noted that the present invention is not limited to this example.
[169] In the above description, the term 'specific area' means that, for example, all the blocks of the flash memory can be divided by 2048 blocks and can be processed thereby. That is, as shown in FIG. 7, the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table) is determined in such a way that respective areas are set based on multiples of 2048 blocks in all the blocks of the flash memory, and an area meeting a specific criterion, among the areas, is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
[170] Here, the term 'specific criterion' means a criterion required to determine whether a relevant area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, when an area including more than a threshold number of (for example, 128) bad blocks is present, the relevant area is determined to be the bad pattern extraction area. However, when an area including more than 128 bad blocks is not present, an area including a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is the bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table).
[171] The bad pattern extraction area is determined on the basis of a bad block table generated while a memory card is formatted at the time of manufacturing the flash memory constituting the flash memory COB 12. The area code of the relevant area determined at that time is recorded in the DRM table select code field of the card ID of FIG. 6.
[172] FIG. 8 is a flowchart showing an example of a bad block DRM table configuration method for digital rights management according to an embodiment of the present invention. The flowchart shows a procedure for examining an area corresponding to the area code recorded in the DRM table select code field of the card ID, and configuring a bad block DRM table (DRM encryption table).
[173] As described above, the procedure for configuring the bad block DRM table (DRM encryption table) is described below. In all the blocks of the flash memory, respective areas are set based on multiples of the number of blocks (for example, based on multiples of 2048 blocks). Among the areas, a bad pattern extraction area meeting a specific criterion (for example, an area having more than a threshold number of [for example, 128] bad blocks, or an area having a maximum number of bad blocks), is determined on the basis of the bad block table. The code value of the relevant area (area code) is recorded in the DRM table select code field of the card ID.
[174] Thereafter, the area corresponding to the determined bad pattern extraction area (that is, the area corresponding to the area code) is examined at step 401, so that the bad block DRM table (DRM encryption table) can be configured, as shown in FIG. 9 or 11, at steps 402 to 406. Here, FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table), generated on the basis of the bad block table of area 1 (block 0 ~ block 2047) having more than 128 bad blocks, and FIG. 11 illustrates a 256-byte bad block DRM table (DRM encryption table), generated by attaching padding data to the bad block table (refer to FIG. 10) of area 2 (block 2048 ~ block 4095), having 128 or less bad blocks.
[175] This is described in detail. When an examination target area (area corresponding to the area code) has more than 128 sufficient bad blocks so as to configure a 256-byte bad block DRM table (DRM encryption table) at step 402, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is generated on the basis of the bad block table of an area having more than 128 (256 byte) bad blocks (for example, area 1 having blocks 0 to 2047) at step 403.
[176] FIG. 9 illustrates a 256-byte bad block DRM table (DRM encryption table) generated on the basis of the bad block table corresponding to area 1 (block 0 ~ block 2047) having more than 128 bad blocks. That is, more than 128 real bad blocks are present in the area 1, so that the 256-byte bad block DRM table (DRM encryption table) is configured using only the addresses of the bad blocks. In this case, the padding operation of FIG. 11 is not required.
[177] Meanwhile, when a relevant area (examination target area, that is, the area corresponding to the area code) does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 402, a padding operation is performed using an appropriate method, as described later, at steps 404 and 405, thus configuring the 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] at step 406. In this case, the bad block DRM table (DRM encryption table) is composed of 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data.
[178] Here, as a padding method, various methods may exist, but, in the present embodiment, the bad block DRM table (DRM encryption table) is configured using the card serial number field (16 byte) of the card ID. For example, the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values obtained by sequentially performing an XOR operation on existing real bad block table values and a card serial number value.
[179] That is, in the bad block table of area 2 having 128 or less bad blocks of FIG. 10, an XOR operation is sequentially performed on the real bad block table values and the card serial number value, so that a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated by attaching padding data (that is, values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) to the bad block table (that is, the bad block table having 18 [36 byte] real bad block addresses in FIG. 10) of area 2 (block 2048 to block 4095) having 128 or less bad blocks. In this case, the bad block DRM table (DRM encryption table) is composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...).
[180] FIG. 10 illustrates a bad block table generated on the basis of 128 or less bad blocks (for example, 18 [36 bytes] real bad blocks) in area 2 (block 2048 ~ block 4095). That is, when only 18 bad blocks (36 byte) from 0x0812 to OxOCFE are present in area 2, the bad block table corresponding thereto is exemplified.
[181] In order to generate a 256-byte bad block DRM table (DRM encryption table) on the basis of the bad block table composed of 18 (36 byte) real bad block addresses of FIG. 10, a padding operation must be performed. If the card serial number is assumed to be "0x01020304050607080900010203040506", padding values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value are given as '0x09', 'OxIO', 1OxOB', '0x17', ....
[182] Therefore, the padding data (values obtained by sequentially performing an XOR operation on the bad block table values and the card serial number value) is attached to the bad block table (refer to FIG. 10) composed of 18 (36 byte) real bad block addresses, and thus the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11.
[183] The bad block DRM table (DRM encryption table) formed using the above-described method is a unique factor that is determined according to the physical characteristic, which a given storage medium (that is, the flash memory) can have, and that is unique in all probability.
[184] FIG. 12 is a flowchart showing an example of a method of recording digital content data in the flash memory according to an embodiment of the present invention.
[185] First, the flash memory (for example, NAND flash memory) is formatted to a low level at step 801, so that bit-based bad pages (pages including bad bits) or bit-based bad blocks (blocks including bad bits) are examined by writing 0xAA55, and the pages or blocks including bad bits are marked as bad pages or bad blocks at step 802. That is, blocks having bad bits according to bad bit information detected at the time of initialization (formatting) are marked as bad blocks, and pages having bad bits according to bad bits detected at the time of initialization are marked as bad pages.
[186] Thereafter, the bad blocks are recorded in a bad block table at step 803. At this time, the bad block table may be provided for each of areas into which all the blocks of the flash memory are divided by 2048 blocks.
[187] Next, after the flash memory has been formatted to a low level, an area satisfying a specific condition (criterion) is determined with reference to the recorded bad block table, and then the area code value of the relevant area is recorded in the DRM table select code field of the Card ID (page number 9 of the zero block) at step 804. For example, all the blocks of the flash memory are divided by 2048 blocks, and then respective areas are set. Among the areas, an area satisfying the specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of the DRM encryption table (bad block DRM table), and thereafter the area code of the determined area is recorded in the DRM table select code field of the card ID.
[188] Here, the term 'specific condition (criterion)' means a criterion required to determine whether a given area is an area suitable for the configuration of a 256-byte DRM encryption table (bad block DRM table). For example, an area having more than a threshold number of bad blocks, or an area having a maximum number of (for example, 128) bad blocks may be determined to be a bad pattern extraction area. At this time, the determination of the bad pattern extraction area may be performed to assign priority for the determination of an area in such a way that whether an area having more than a threshold number of (for example, 128) bad blocks is present is determined, and an area having a maximum number of bad blocks, among the plurality of areas (areas set based on multiples of 2048 blocks), is determined to be the bad pattern extraction area if it is determined that the area is not present.
[189] The area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6 at step 804.
[190] Thereafter, if the examination target area (area corresponding to the area code) has more than 128 bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 805, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9], composed of 128 real bad block addresses, is generated on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks at step 806. This means that, since more than 128 (256 byte) real bad blocks are present in, for example, area 1 (block 0 ~ block 2047), the 256-byte bad block DRM table (DRM encryption table) can be configured using only the addresses of the real bad blocks.
[191] Meanwhile, when the relevant area (examination target area [area corresponding to the area code]) does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table) at step 805, a padding operation is performed, so that the 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated at step 807. That is, the 256-byte bad block DRM table (DRM encryption table) is configured, as shown in FIG. 11, using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
[192] For example, in the bad block table of area 2 having 128 or less bad blocks of FIG. 10, an XOR operation is sequentially performed on the real bad block table values and the card serial number value, thus generating a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11], in which padding data (values generated by sequentially performing an XOR operation on the bad block table values and the card serial number value [for example, '0x01020304050607080900010203040506']) is attached to the bad block table of area 2 (block 2048 ~ block 4095) (that is, in FIG. 10, a bad block table having 18 (36 byte) real bad block addresses]). As a result, the bad block DRM table (DRM encryption table) composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17,...) is configured.
[193] Next, after the bad block table, extracted and recorded in the zero block, is deleted while the flash memory is formatted to a low level at step 808, digital content data is recorded in the flash memory by using the generated bad block DRM table (DRM encryption table) as an encryption key at step 809.
[194] It is apparent that the term 'flash memory' described in the present invention may mean the flash memory COB 12 itself shown in FIG. 2.
[195] FIG. 13 is a flowchart showing an example of an authentication process for reading digital content according to an embodiment of the present invention, in which a procedure for reading digital content is depicted.
[196] That is, according to the present invention, the use (reading, play, etc.) of digital content data is possible by reading the digital content data stored in the flash memory COB 12 from the flash memory COB 12 using the reader 20.
[197] First, when the flash memory COB 12 of the smart card 10 is inserted into or connected to the reader 20 at step 901, the reader 20 reads the information of the card ID (page number 9 of zero block), and starts an authentication process at step 902. At this time, in the DRM table select code field of the card ID, information about the code of an area (area having more than a threshold number of bad blocks, or an area having a maximum number of bad blocks), in which bad patterns (bad blocks, bad pages, bad bits, etc.) desired to be used for a DRM decryption table (bad block DRM table) are present, is recorded, and thus the information of the card ID is determined at the time of reading the digital content data.
[198] Therefore, an area corresponding to the DRM table select code of the card ID is examined at step 903, so that the bad block DRM table (DRM decryption table) is configured at step 904.
[199] For example, when the area corresponding to an area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks.
[200] However, when the area corresponding to the area code recorded in the DRM table select code field does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM decryption table), a padding operation is performed, and thus a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 11] is configured. That is, through the use of padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value, the 256-byte bad block DRM table (DRM decryption table) of FIG. 11 is configured.
[201] Thereafter, in the bad block DRM table (DRM decryption table) configured in this way, whether blocks corresponding to the real bad block table values, rather than the padding values, are real bad blocks is determined at step 905. For example, whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), is determined.
[202] A procedure for determining whether blocks are real bad blocks is described below. For example, about 10 bad blocks are randomly selected from the real bad block table, and whether the selected bad blocks are real bad blocks is examined at step 906. At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block, and thus whether the bad blocks are real bad blocks is determined at step 907.
[203] If it is determined at step 907 that bad blocks are real bad blocks, a predetermined number of (about 10) real bad blocks are additionally examined using the same method at step 906. Similarly, for the additionally selected bad blocks, a procedure for disabling a WP pin and writing 0xAA55 and 0x55AA in the corresponding page of each real bad block is performed at step 907.
[204] In this way, when the additionally performed examination on the real bad blocks has succeeded (that is, when the authentication of the use of digital content data has succeeded), the use of digital content data (play or reading) is permitted at step 908.
[205] Therefore, when the authentication of the use of the digital content data has succeeded, digital content data is provided to the user while being decrypted using the bad block DRM table (DRM decryption table) at step 909.
[206] However, when the authentication of the use of the digital content data has failed, notification of the failure of authentication is provided to the user, thus requesting the user to check the flash memory at step 910.
[207] In the above procedure for determining whether bad blocks are real bad blocks, several conditions may be given in relation to the determination of which is the number of real bad blocks that are examination targets, the determination of whether encryption and decryption are to be applied to the entire digital content in the encryption and decryption of digital content by using the generated bad block DRM table (DRM encryption/decryption table), or the determination of whether encryption and decryption are to be applied only to a specific area. However, in the present embodiment, the case where application is performed on the basis of values corresponding to the lower 4 bits of the last bad block address of the real bad block table is described by way of example.
[208] For example, when the bad block table is given as shown in FIG. 10 (that is, the bad block table of FIG. 10 is a bad block table having 18 (36 byte) real bad block addresses), the last bad block address is 'OxFE', and the lower 4 bits thereof are 'OxOE (= a decimal number of 14)', and thus the above conditions are determined on the basis of the 'decimal number of 14'.
[209] That is, the determination of real bad blocks is performed by examining bad blocks corresponding to a multiple of 14. If the number of bad blocks which are examination targets does not exceed 5, bad blocks from a first bad block are additionally included in the sequential examination targets, and thus the total number of examination target bad blocks is maintained at at least 5. [210] Similar to this, a description will be made on the basis of the above conditions. The encryption of digital content data is also performed on blocks having block addresses corresponding to a multiple of 14. Decryption thereof is also performed on the basis of the same criterion and condition as those of encryption.
[211] The above-described method using the reader 20 of the present invention can be applied to various fields in consideration of the entire performance and other conditions of the system to which DRM is applied. For example, the method can be applied to an asymmetric encryption system.
[212] An example of the application is described below. As described above, a bad pattern DRM table (DRM encryption table) is generated using bad patterns. A seed key is generated using a Hash function that uses the bad pattern DRM table (DRM encryption table) as a transform parameter. From the seed key, a public key and a private key are generated through a Public Key Infrastructure (PKI) algorithm (Rivest-Shamir-Adleman [RSA], Elliptic Curve Cryptography [ECC], etc.), and they can be applied to PKI solutions that have been used in various existing fields. This shows that the bad patterns of each of digital content storage media (flash memory) are factors causing the generation of a private key, and the content of the private key does not need to be logically recorded using any method, thus further strengthening the security of an asymmetric encryption system using the above example.
[213] That is, a client may download digital content data, encrypted by a server using the public key, and may decrypt the encrypted content data using the private key extracted from the digital content data.
[214] As described above, when the physical characteristics (bad blocks, bad pages, bad bits, etc.) of the flash memory in which respective pieces of digital content data are recorded, are used as an encryption key, respective digital content data storage media (flash memory) have different bad block DRM tables (DRM encryption tables). Because of this, a disadvantage in that existing DRM using a specific physical algorithm or an encryption table loses its value as DRM, as the specific algorithm or the encryption table of the existing DRM is open to the public, can be overcome.
[215] Even if a flash memory device (for example, NAND flash memory) constituting a flash memory COB is digitally duplicated using any of the methods used for the purpose of illegal duplication, or even if a digital content storage medium identical to the original is duplicated using a memory dump method in a physical manner, the duplicated digital content storage medium is not effective. The reason for this is that, even if a digital content storage medium physically identical to the original is duplicated, the bad patterns (bad blocks, bad pages, bad bits, etc.) which are physical characteristics of a memory device (for example, NAND flash memory) constituting the storage medium are not duplicated. [216] That is, although even marking of bad blocks or bad pages is duplicated in the spare area of flash memory block, such marking cannot physically correlate to real bad blocks or bad pages. As a result, a duplicated digital content storage medium (even bad patterns are not duplicated) fails in authentication in the real bad block examination procedure of a digital content data authentication process when the storage medium is used (read or played). Accordingly, the duplicated digital content storage medium is then determined to be an ineffective storage medium.
[217] For that reason, the present invention can sufficiently protect the digital content data of a copyright holder, unlike existing storage media, such as a CD or a DVD, having contradiction indicating that the existing storage media become media capable of providing profit to the copyright holder of digital content data, and, simultaneously, they become media through which the copyright holder's digital content data is infinitely duplicated because they are infinitely exposed to illegal duplication by typical users.
[218] Meanwhile, other examples of methods of preventing the copying and illegal duplication of the entirety of the flash memory may include an encryption/decryption me thod using different bad areas (blocks, pages, sub-pages, or locations) for respective flash memory devices.
[219] For example, an area in which the addresses of bad areas of memory used (blocks, pages, sub-pages, or locations) are recorded, is set in a header data area in which the characteristics of the flash memory are recorded, rather than a data storage space, and the set area is recorded. The addresses of the bad areas are combined with each other to extract encryption feature values (for example, encryption feature values based on a bad block DRM table [DRM encryption table]). Thereafter, original digital content data is encrypted using such encryption feature values, and thus the encrypted digital content data is recorded in the normal areas of the memory and not in the bad areas of the memory.
[220] Thereafter, when the flash memory COB 12 of the smart card 10 is connected to the reader 20, the reader 20 reads the addresses of the bad areas from the header data area, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used for the encryption of content data by combining the addresses of the bad areas with each other, and recovers original content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas. At this time, the encryption feature values are calculated through a combination of unique values, such as the addresses of different bad areas for respective memory devices used, so that perfect duplication is physically impossible unless the bad areas of the memory used for duplication and bad areas of the original memory are entirely identical to each other. [221] As another example, the reader 20 marks bad areas (blocks, pages, sub-pages or locations) of memory used at defined locations of spare areas corresponding thereto as bad areas, and extracts encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) by combining the addresses of the bad areas. Thereafter, the reader 20 encrypts original digital content data using the encryption feature values, and records the encrypted digital content data in the normal areas of the memory and not in the bad areas of the memory.
[222] Thereafter, when the flash memory COB 12 of the smart card 10 is connected to the reader 20, the reader reads the addresses of bad areas by examining the flash memory, calculates encryption feature values used for the encryption of content data by combining the addresses of the bad areas (for example, encryption feature values based on the bad block DRM table [DRM encryption table]), and recovers original digital content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas. At this time, since the encryption feature values are calculated by combining unique values, such as the addresses of different bad areas for respective memory devices, perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are entirely identical to each other.
[223] As a further example, the reader 20 marks the bad areas (blocks, pages, sub-pages, and locations) of flash memory used at defined locations of spare areas corresponding thereto as bad areas, and extracts encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) using specific values (for example, a serial number, etc.) recorded in the memory. Thereafter, the reader 20 encrypts original digital content data using the encryption feature values, and records the encrypted digital content data in normal areas of the memory and not in the bad areas of the memory.
[224] Thereafter, when the flash memory COB 12 of the smart card 10 is connected to the reader 20, the reader 20 reads the specific values recorded in the memory, calculates encryption feature values (for example, encryption feature values based on the bad block DRM table [DRM encryption table]) used as specific values, and recovers original digital content data using the encryption feature values while sequentially reading data from the memory excepting the bad areas. At this time, the encryption feature values are calculated through a combination of specific values recorded in the memory used, so that perfect duplication is physically impossible unless the bad areas of memory used for duplication and the bad areas of original memory are completely identical to each other.
[225] In the above description, in order to prevent duplication from being performed in such a way that the bad areas of a memory card, intellectual property rights of which are guaranteed, are read, the normal areas of the memory card desired to be duplicated are equally marked as bad areas, and identical encryption feature values are generated so as to duplicate the memory card, the reader 20 determines whether bad areas of the flash memory are physically formed or are merely marked for duplication through a procedure of recording/reading data in/from the bad areas when the flash memory COB 12 is connected to the reader 20. If it is determined that the bad areas are merely marked, the play apparatus classifies the memory card as an 'illegally duplicated memory card', and does not play recorded digital content data. As described above, the present invention determines the authenticity of bad areas, thus identifying an illegally duplicated memory card.
[226] FIG. 14 is a diagram showing an example of the construction of a bad pattern DRM table configuration apparatus for digital rights management according to an embodiment of the present invention, in which the bad pattern DRM table configuration apparatus may be included in the reader 20. For convenience of description, a description will be made on the basis of the operation of the apparatus for generating a bad block DRM table (DRM encryption table), that is, the reader 20.
[227] A bad pattern detection unit 101 sets areas based on multiples of the number of blocks (/bad pages) (for example, based on multiples of 2048 blocks) in all the blocks of the flash memory, and detects bad blocks (/bad pages) in each of the areas.
[228] A real bad pattern examination unit 102 determines a bad pattern extraction area meeting a specific criterion (for example, an area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), and records the code value (area code) of the relevant area in the DRM table select code field of the card ID. At this time, the area code value, recorded in the DRM table select code field of the card ID, is the area code of the bad pattern extraction area meeting the specific condition among the areas obtained by dividing all the blocks of the flash memory by 2048 blocks. The specific condition is, for example, a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table). According to such a specific condition, an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages), can be determined to be the bad pattern extraction area.
[229] A bad pattern table configuration unit 103 records the addresses of bad blocks (/bad pages) of the area corresponding to the area code, recorded in the DRM table select code field of the card ID, in the bad block (/bad page) table.
[230] A bad pattern DRM table calculation unit 104 examines the area corresponding to the area code recorded in the DRM table select code field of the card ID. That is, whether the area corresponding to the area code has bad blocks (/bad pages) sufficient to configure a bad block (/bad page) DRM table (DRM encryption table) is examined.
[231] A bad pattern DRM table generation unit 105 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID.
[232] For example, when the area corresponding to the area code has more than 128 bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ~ block 2047) having more than 128 (256 byte) bad blocks.
[233] Further, when the area corresponding to the area code does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is generated by performing a padding operation. For example, the bad block DRM table (DRM encryption table) of FIG. 11 is configured using 18 (36 byte) real bad block addresses and 110 (220 byte) pieces of padding data. At this time, as an example of a padding method, a 256-byte bad block DRM table (DRM encryption table) can be configured, as shown in FIG. 11, using padding values, generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
[234] FIG. 15 is a diagram showing an example of the construction of a digital content recording apparatus according to an embodiment of the present invention, in which the digital content recording apparatus may be included in the reader 20.
[235] A bad pattern examination and marking unit 111 formats the flash memory (for example, NAND flash memory) of a storage medium (the flash memory COB 12 as a memory card implemented using a memory device) to a low level, examines bit-based bad pages (pages having bad bits) or bit-based bad blocks (blocks having bad bits) by writing 0xAA55, and marks pages or blocks having bad bits as bad pages or bad blocks.
[236] A bad pattern area selection unit 112 formats the flash memory to a low level, and determines an area meeting a specific condition (criterion) with reference to a recorded bad block (/bad page) table. A media information recording unit 113 records the area code of the area in the DRM table select code field of the card ID (page number 9 of zero block).
[237] For example, all the blocks of the flash memory are divided by 2048 blocks, and thus respective areas are set. Among the areas, an area meeting a specific condition (criterion) is determined to be a bad pattern extraction area required for the configuration of a bad block (/bad page) DRM table (DRM encryption table). Thereafter, the area code of the determined area is recorded in the DRM table select code field of the card ID. The term 'specific condition (criterion)' means a criterion required to determine whether a specific area is an area suitable for the configuration of a bad block (/bad page) DRM table (DRM encryption table). For example, an area having more than a threshold number of (for example, 128) bad blocks (/bad pages), or an area having a maximum number of bad blocks (/bad pages) can be determined to be a bad pattern extraction area. The determination of the bad pattern extraction area may be performed by determining whether an area having more than a threshold number of (for example, 128) bad blocks (/bad pages) is present, and by determining an area, having a maximum number of bad blocks (/bad pages) among the plurality of areas (areas set based on multiples of 2048 blocks), to be the bad pattern extraction area if it is determined that the relevant area is not present. In this way, the area code value of the area determined to be the bad pattern extraction area is recorded in the DRM table select code field of the card ID of FIG. 6.
[238] A bad pattern DRM table generation unit 114 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the area code recorded in the DRM table select code field of the card ID. For example, when the area corresponding to the area code has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area (for example, area 1 having block 0 ~ block 2047) having more than 128 (256 bytes) bad blocks. When the area corresponding to the area code does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation.
[239] A content encryption recording unit 115 records digital content data in the memory device (for example, NAND flash memory) by utilizing the bad pattern DRM table (DRM encryption table), generated by the bad pattern DRM table generation unit 114, as an encryption key.
[240] FIG. 16 is a diagram showing an example of the construction of a digital content reading (reading, play, etc.) apparatus according to an embodiment of the present invention, in which the digital content reading apparatus may be included in the reader 20.
[241] When the flash memory COB 12 of the smart card 10 is connected to the reader 20, a media information collection unit 121 reads information about a card ID (page number 9 of zero block). In this case, in the DRM table select code field of the card ID, the area code information of the area having bad patterns (bad blocks, bad pages, bad bits, etc.) (area having more than a threshold number of bad blocks [/bad pages], or an area having a maximum number of bad blocks [/bad pages]), desired to be used for a bad pattern DRM table (DRM decryption table) is recorded, and thus information of the card ID is collected at the time of reading digital content data.
[242] A bad pattern DRM table generation unit 122 configures a bad block (/bad page) DRM table (DRM decryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code field of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) [refer to FIG. 9] composed of 128 real bad block addresses on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks. When the area corresponding to the area code recorded in the DRM table select code field does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM decryption table), the bad pattern DRM table generation unit 122 configures a 256-byte bad block DRM table (DRM decryption table) by performing a padding operation (refer to FIG. 11). That is, the 256-byte bad block DRM table (DRM decryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on the real bad block table values and the card serial number value.
[243] A media authentication unit 123 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block(/bad page) DRM table (DRM decryption table) generated by the bad pattern DRM table generation unit 122, are real bad blocks (/bad pages). For example, the media authentication unit 123 determines whether blocks having real bad block addresses in the bad block DRM table (DRM decryption table) of FIG. 11, composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...), are real bad blocks.
[244] In this case, in order to determine whether blocks are real bad blocks (/bad pages), about 10 bad blocks (/bad pages) are randomly selected from the real bad block (/bad page) table, and whether the selected bad blocks are real bad blocks (/bad pages) is examined.
[245] At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined. At this time, if it is determined that the blocks are real bad blocks (/bad pages), a suitable number of real bad blocks (/bad pages) are additionally examined using the same method. Even on the additionally selected bad blocks (/bad pages), a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the additionally selected blocks are real bad blocks (/bad pages) is determined.
[246] A content decryption and play unit 124 permits the use of digital content data (play or read) on the basis of the results of the authentication performed by the media authentication unit 123. That is, when the authentication of the use of the data has succeeded, the content decryption and play unit 124 transmits digital content data to a user while decrypting the digital content data using the generated bad block (/bad page) DRM table (DRM decryption table). Further, when the authentication of the use of the data has failed, the content decryption and play unit 124 notifies the user of the failure of the authentication, thus requesting the user to check the digital content storage medium.
[247] FIG. 17 is a diagram showing an example of the construction of a key generation apparatus for an asymmetric encryption system to which the present invention is applied, in which the key generation apparatus may be included in the reader 20.
[248] A bad pattern detection unit 131 sets areas based on multiples of the number of blocks (/pages) (for example, based on multiples of 2048 blocks) in all the blocks (/bad pages) of the flash memory, and detects bad blocks (/bad pages) from each of the areas.
[249] A bad pattern DRM table generation unit 132 configures a bad block (/bad page) DRM table (DRM encryption table) on the basis of the bad pattern table (bad block table/bad page table) of the area corresponding to the DRM table select code of the card ID. For example, when the area corresponding to the area code recorded in the DRM table select code field has more than 128 sufficient bad blocks, a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 9] composed of 128 real bad block addresses is configured on the basis of the bad block table of the area having more than 128 (256 byte) bad blocks. When the area corresponding to the area code recorded in the DRM table select code field does not include bad blocks sufficient to configure a 256-byte bad block DRM table (DRM encryption table), a 256-byte bad block DRM table (DRM encryption table) [refer to FIG. 11] is configured by performing a padding operation. That is, the 256-byte bad block DRM table (DRM encryption table) of FIG. 11 is configured using padding values generated by sequentially performing an XOR operation on real bad block table values and a card serial number value.
[250] A media authentication unit 133 determines whether blocks (/pages) corresponding to the real bad block (/bad page) table values, rather than padding values, in the bad block (/bad page) DRM table (DRM encryption table) generated by the bad pattern DRM table generation unit 132, are real bad blocks (/bad pages). For example, the media authentication unit 133 determines whether blocks having real bad block addresses are real bad blocks in the bad block DRM table (DRM encryption table) of FIG. 11 composed of 36 bytes of real bad block addresses and 220 bytes of padding data (0x09, 0x10, OxOB, 0x17, ...).
[251] Here, in order to determine whether the blocks are real bad blocks (/bad pages), for example, about 10 bad blocks (/bad pages) are randomly selected from the real bad block (/bad page) table, and whether the selected bad blocks are real bad blocks (/bad pages) is examined.
[252] At this time, a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the blocks are real bad blocks (/bad pages) is determined. At this time, if it is determined that the blocks are real bad blocks (/bad pages), a suitable number (for example, about 10) of real bad blocks (/bad pages) are additionally examined using the same method. Even on the additionally selected bad blocks (/bad pages), a Write Protect (WP) pin is disabled, and 0xAA55 and 0x55AA are written in the corresponding page of each real bad block (/bad page), so that whether the additionally selected blocks are real bad blocks (/bad pages) is determined.
[253] A seed key generation unit 134 generates a seed key through a Hash function which uses a bad pattern DRM table (DRM encryption table) as a transform factor.
[254] An asymmetric encryption key generation unit 135 generates a public key and a private key through a PKI algorithm (RSA, ECC, etc.) using the seed key generated by the seed key generation unit 134.
[255] The public key may be used to encrypt digital content data, and the private key may be used to decrypt digital content data.
[256] The above-described construction of FIGS. 14 to 17 is included in the reader 20, and is configured to perform the encryption and decryption of digital content data.
[257] The above-described method of the present invention may be implemented in the form of a program and may be stored in recording media (Compact Disc (CD)-Read Only Memory (ROM), Random Access Memory (RAM), ROM, a floppy disc, a hard disc, a magneto-optical disc, etc.) in a computer-readable form. Such a process may be implemented by those skilled in the art of the present invention, and thus a detailed description thereof is omitted.
[258] Although the present invention has been described according to limited embodiments and drawings, those skilled in the art will appreciate that various changes and modifications are possible, without departing from the technical spirit of the invention and the accompanying claims and equivalent ranges thereof.

Claims

Claims
[I] A smart card having flash memory, comprising: a smart card Chip On Board (COB) having a plurality of input/output terminals; and a flash memory COB having a plurality of input/output terminals.
[2] The smart card according to claim 1, wherein the respective terminals of the smart card COB and the flash memory COB are terminals connected to a reader for recording or reading information in or from the smart card COB or the flash memory COB.
[3] The smart card according to claim 2, wherein the smart card COB and the flash memory COB are provided to be electrically isolated from each other, or electrically connected to each other.
[4] The smart card according to claim 3, wherein the flash memory COB is divided into a security area and a normal area.
[5] The smart card according to claim 4, wherein when recording or reading is performed on the security area of the flash memory COB of the smart card by the reader, the recording or reading is performed after Digital Rights Management (DRM) authentication has been performed by an Application Specific Integrated Circuit (ASIC) of the reader.
[6] The smart card according to claim 5, wherein the DRM authentication by the
ASIC of the reader is performed based on physical characteristics of flash memory constituting the flash memory COB of the smart card.
[7] The smart card according to claim 6, wherein the physical characteristics indicate information about unit area-based bad patterns of the flash memory.
[8] The smart card according to claim 7, wherein the information about the bad patterns is information about one of bad blocks, bad pages and bad bits.
[9] The smart card according to claim 8, wherein the DRM authentication by the
ASIC of the reader is performed based on both the physical characteristics of the flash memory of the flash memory COB and unique authentication information stored in the smart card COB.
[10] A reader for a smart card having flash memory, wherein the reader exchanges information with the smart card through connection terminals connected to respective terminals of the smart card COB and the flash memory COB according to claim 1 in a wired or wireless manner, and records or reads information in or from the flash memory COB.
[I I] The reader according to claim 10, wherein the reader is connected to an external terminal in a wired or wireless manner, and performs a record operation of recording digital content data stored in the terminal in the flash memory COB, or a read operation of reading digital content data recorded in the flash memory COB and transmitting the read digital content data to the terminal.
[12] The reader according to claim 11, wherein the reader is operated in connection with an application program of the terminal, which performs control such that, in a case where a request for protection of the digital content data is received, the operation of recording and reading the digital content data is performed differently from that of a case where a request for protection of the digital content data is not received.
[13] The reader according to claim 12, wherein: the application program of the terminal accesses an external smart card server, and inquires whether an incident concerning the smart card has been reported when the request for protection of the digital content data is received, and transmits the protection-requested digital content data to the reader when the smart card is a smart card for which an incident has not been reported, and the reader performs Digital Rights Management (DRM) by generating an encryption table using bad patterns of flash memory constituting the flash memory COB, encrypting the protection-requested digital content data using the encryption table, and recording the encrypted digital content data in the flash memory COB when it is determined by the application program of the terminal that the smart card is a smart card for which an incident has not been reported.
[14] The reader according to claim 13, wherein the reader is connected to the smart card server either in a wired manner through the terminal or in a wireless manner through a separately provided wireless port.
[15] The reader according to claim 13, wherein the application program of the terminal accesses the external smart card server, and inquires whether an incident concerning the smart card has been reported, using unique authentication information of the smart card COB, read by the reader when the request for protection of digital content data is received.
[16] The reader according to claim 13, wherein the reader is operated such that, if it is determined by the application program of the terminal that the smart card is a smart card for which an incident has not been reported, the reader receives a read permission command for the digital content data from the application program of the terminal, performs a read operation of generating a decryption table for the digital content data, which is encrypted and stored in the flash memory COB, and decrypting the encrypted digital content data using the decryption table, and transmits the decrypted digital content data to the terminal.
[17] The reader according to claim 13, wherein the reader is operated such that, if it is determined by the application program of the terminal that the smart card is a smart card for which an incident was reported, the reader receives a read denial command for the digital content data from the application program of the terminal, and does not perform an operation of decrypting the digital content data, which is encrypted and stored in the flash memory COB.
[18] The reader according to claim 13, wherein the reader further comprises an additional connection terminal connected to a second IC card, and is configured such that, when the reader is connected to a relevant server, which uses unique authentication information of the smart card COB or the second IC card, the reader transmits the unique authentication information of the smart card COB or the second IC card to the relevant server, thus enabling electronic commerce to be conducted in the relevant server.
[19] The reader according to claim 18, wherein the reader is connected to the relevant server either in a wired manner through the terminal or in a wireless manner through a separately provided wireless port.
[20] The reader according to claim 19, wherein the reader enables the electronic commerce to be conducted in the relevant server using either or both of a certificate stored in the flash memory COB of the smart card and the unique authentication information of the second IC card.
[21] The reader according to claim 19, wherein the reader enables the electronic commerce to be conducted in the relevant server using either or both of a certificate stored in the flash memory COB of the smart card and the unique authentication information of the smart card COB.
[22] The reader according to claim 10, wherein: the security area in a memory area of the flash memory COB is divided into a banking area for use of banking and a personal area for use of data storage, which are separately provided, and the reader prohibits information stored in the banking area from being accessed when the information of the banking area is requested by the terminal, but prohibition of access to the information of the banking area is released when input authentication information received from the terminal is identical to the unique authentication information stored in the smart card COB.
[23] The reader according to claim 22, wherein: the banking area includes a One Time Password (OTP) generation area in which an OTP can be generated, and the reader further comprises a display unit for displaying information about the OTP generated in the OTP generation area when a request for generation of the OTP is received from the terminal.
[24] The reader according to claim 22, wherein the reader transmits data stored in the personal area to memory of the terminal at a same time that the reader is connected to the terminal.
[25] The reader according to claim 22, wherein, when the reader accesses an external smart card server, the reader receives details of an electronic bankbook corresponding to the unique authentication information of the smart card COB from the smart card server, and transmits the details of the electronic bankbook to the banking area of the flash memory COB, thus enabling the details of the electronic bankbook to be stored in the banking area.
[26] The reader according to claim 22, wherein the reader receives update information about the smart card from the smart card server while accessing an external smart card server, and transmits the update information to the banking area of the flash memory COB, thus updating information of the banking area.
[27] A Digital Rights Management (DRM) method using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: examining unit area-based bad patterns of flash memory constituting a flash memory COB of the smart card connected to the reader and determining a bad pattern extraction area; recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; and examining an area corresponding to the area code recorded in the table select code field, thus configuring a bad pattern DRM table on a basis of a bad pattern table.
[28] The DRM method according to claim 27, wherein the bad pattern table is generated at a time of formatting the flash memory, and is configured such that address values of unit area-based bad patterns, which are possible physical characteristics of a memory device, are recorded in the bad pattern table.
[29] The DRM method according to claim 28, wherein the bad pattern DRM table is configured using only the bad pattern table.
[30] The DRM method according to claim 28, wherein the bad pattern DRM table is configured using a card serial number field of the card ID, and is configured by padding values that are generated by sequentially performing an XOR operation on values of the bad pattern table and a value of a card serial number.
[31] The DRM method according to any one of claims 27 to 30, wherein the bad patterns are bad blocks, bad pages or bad bits.
[32] The DRM method according to claim 31, wherein the bad pattern extraction area is one of an area including all blocks of the memory, an area including more than a threshold number of bad patterns, and an area including a maximum number of bad patterns.
[33] The DRM method according to claim 32, wherein the unit areas are areas set based on multiples of 2048 blocks.
[34] The DRM method according to claim 33, wherein the threshold number is 128, which is the number of bad blocks.
[35] The DRM method according to claim 34, wherein the bad pattern DRM table has a size of 256 bytes.
[36] The DRM method according to claim 27 or 28, wherein the flash memory is
NAND flash memory.
[37] A Digital Rights Management (DRM) method using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: extracting physical characteristics of flash memory constituting a flash memory
COB of the smart card connected to the reader; and generating an encryption key using the extracted physical characteristics of the flash memory.
[38] A method of recording digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: examining unit area-based pad patterns of a flash memory device constituting a flash memory COB of the smart card connected to the reader and determining a bad pattern extraction area; recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; examining an area corresponding to the area code recorded in the table select code field, thus configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table; and recording digital content data in the flash memory using the bad pattern DRM table as an encryption key.
[39] The method according to claim 38, wherein the bad pattern table is generated at a time of formatting the flash memory, and is configured such that address values of unit area-based bad patterns, which are possible physical characteristics of a memory device, are recorded in the bad pattern table.
[40] The method according to claim 39, wherein the bad pattern DRM table is configured using only the bad pattern table.
[41] The method according to claim 39, wherein the bad pattern DRM table is configured using a card serial number field of the card ID, and is configured by padding values that are generated by sequentially performing an XOR operation on values of the bad pattern table and a value of a card serial number.
[42] The method according to any one of claims 38 to 41, wherein the bad patterns are bad blocks, bad pages or bad bits.
[43] The method according to claim 42, wherein the bad pattern extraction area is one of an area including all blocks of the memory, an area including more than a threshold number of bad patterns, and an area including a maximum number of bad patterns.
[44] A method of recording digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; generating an encryption key using the extracted physical characteristics of the flash memory; and recording digital content data in the flash memory using the generated encryption key.
[45] A method of recording digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: setting an area, in which addresses of bad areas of memory used are recorded, in a header data area, which is an area for storing characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader, rather than a data storage space, and recording the addresses in the set area; and extracting encryption feature values by combining the addresses of the bad areas, encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
[46] A method of recording digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: marking bad areas of memory used in flash memory, constituting a flash memory COB of the smart card connected to the reader, at defined locations of corresponding spare areas as bad areas, and extracting encryption feature value by combining addresses of the bad areas; and encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
[47] A method of recording digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: marking bad areas of memory used in flash memory, constituting a flash memory COB of the smart card connected to the reader, at defined locations of corresponding spare areas as bad areas, and extracting encryption feature values using specific values recorded in the memory; and encrypting original digital content data using the encryption feature values, and recording the encrypted digital content data in a normal area of the memory and not in the bad areas.
[48] The method according to claim 47, wherein the specific values are serial numbers.
[49] A digital content storage medium using the reader according to claim 10, wherein an area code, which is a code value of a bad pattern extraction area in flash memory constituting a flash memory COB of a smart card connected to the reader, is recorded in a table select code field of a card ID, and wherein digital content data is recorded using a DRM encryption table, which is configured based on a bad pattern table by examining an area corresponding to the area code recorded in the table select code field, as an encryption key.
[50] A method of reading digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: examining an area corresponding to an area code recorded in a table select code field of a card ID of flash memory constituting a flash memory COB of the smart card, thus configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table when the flash memory COB of the smart card is connected to the reader; examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns; and reading digital content data using the bad pattern DRM table as a decryption key on a basis of results of the examination.
[51] The method according to claim 50, wherein the bad pattern table is generated at a time of formatting the flash memory, and is configured such that address values of unit area-based bad patterns, which are possible physical characteristics of a memory device, are recorded in the bad pattern table.
[52] The method according to claim 51, wherein the bad pattern DRM table is configured using only the bad pattern table.
[53] The method according to claim 51, wherein the bad pattern DRM table is configured using a card serial number field of the card ID, and is configured by padding values that are generated by sequentially performing an XOR operation on values of the bad pattern table and a value of a card serial number.
[54] The method according to any one of claims 50 to 53, wherein the bad patterns are bad blocks, bad pages or bad bits.
[55] The method according to claim 54, wherein the step of examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns is performed by disabling a Write Protect (WP) pin and writing 0xAA55 and 0x55AA in corresponding pages of real bad patterns, thus examining whether the patterns are real bad patterns.
[56] A method of reading digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: extracting physical characteristics of flash memory constituting a flash memory COB of the smart card connected to the reader; generating a decryption key using the extracted physical characteristics of the flash memory; and reading digital content data using the generated decryption key.
[57] A method of reading digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: reading addresses of bad areas from a header data area, which is an area for storing characteristics of flash memory constituting a flash memory COB of the smart card, and calculating encryption feature values used to encrypt the digital content data by combining the addresses of the bad areas when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the digital content data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[58] A method of reading digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: examining flash memory constituting a flash memory COB of the smart card, reading addresses of bad areas, and calculating encryption feature values used to encrypt digital content data by combining the addresses of the bad areas when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining unique values, such as addresses of different bad areas for respective memory devices used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[59] A method of reading digital content using the reader according to claim 10 for a smart card having flash memory, comprising the steps of: examining flash memory constituting a flash memory COB of the smart card, reading specific values recorded in the memory, and calculating encryption feature values used as the specific values when the flash memory COB of the smart card is connected to the reader; and recovering original digital content data using the encryption feature values while sequentially reading the data from the memory excepting the bad areas, wherein the encryption feature values are calculated by combining the specific values recorded in the memory used, and thus it is physically impossible to perform perfect duplication unless bad areas of memory used for duplication are entirely identical to those of original memory.
[60] The method according to claim 59, wherein when the flash memory COB is connected to the reader, whether the bad areas are physically formed, or are simply marked for duplication is determined through a procedure for recording/ reading data in/from the bad areas.
[61] A computer-readable recording medium for storing, in a Digital Rights
Management (DRM) apparatus having a processor, a program for implementing: a function of examining unit area-based bad patterns of flash memory constituting a flash memory COB of a smart card connected to the reader according to claim 10, and determining a bad pattern extraction area; a function of recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; and a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on a basis of a bad pattern table.
[62] A computer-readable recording medium for storing, in a Digital Rights
Management (DRM) apparatus having a processor, a program for implementing: a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader according to claim 10; and a function of generating an encryption key using the extracted physical characteristics of the flash memory.
[63] A computer-readable recording medium for storing, in a digital content recording apparatus having a processor, a program for implementing: a function of examining unit area-based bad patterns of flash memory constituting a flash memory COB of a smart card connected to the reader according to claim 10, and determining a bad pattern extraction area; a function of recording an area code, which is a code value of the determined bad pattern extraction area, in a table select code field of a card ID; a function of examining an area corresponding to the area code recorded in the table select code field and configuring a bad pattern DRM table on a basis of a bad pattern table; and a function of recording data in the flash memory using the bad pattern DRM table as an encryption key.
[64] A computer-readable recording medium for storing, in a digital content recording apparatus having a processor, a program for implementing: a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader according to claim 10; a function of generating an encryption key using the extracted physical characteristics of the flash memory; and a function of recording digital content data in the flash memory using the generated encryption key.
[65] A computer-readable recording medium for storing, in a digital content reading apparatus having a processor, a program for implementing: a function of examining an area corresponding to an area code, recorded in a table select code field of a card ID, and configuring a bad pattern Digital Rights Management (DRM) table on a basis of a bad pattern table when flash memory constituting a flash memory COB of a smart card connected to the reader according to claim 10 is inserted; a function of examining whether patterns having real bad pattern address values in the bad pattern DRM table are real bad patterns; and a function of reading digital content data using the bad pattern DRM table as a decryption key on a basis of results of the examination.
[66] A computer-readable recording medium for storing, in a digital content reading apparatus having a processor, a program for implementing: a function of extracting physical characteristics of flash memory constituting a flash memory COB of a smart card connected to the reader according to claim 10; a function of generating a decryption key using the extracted physical characteristics of the flash memory; and a function of reading digital content data using the generated decryption key.
PCT/KR2008/006722 2007-11-15 2008-11-14 Smart card with flash memory and memory reader of smart card and drm method using the reader WO2009064131A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2007-0116795 2007-11-15
KR1020070116795A KR20080107970A (en) 2007-06-08 2007-11-15 Smart card with flash memory and memory reader of smart card and drm method using that reader

Publications (2)

Publication Number Publication Date
WO2009064131A2 true WO2009064131A2 (en) 2009-05-22
WO2009064131A3 WO2009064131A3 (en) 2009-07-16

Family

ID=40640378

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2008/006722 WO2009064131A2 (en) 2007-11-15 2008-11-14 Smart card with flash memory and memory reader of smart card and drm method using the reader

Country Status (1)

Country Link
WO (1) WO2009064131A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2358697A1 (en) * 2011-02-03 2011-05-13 José María Martínez Marquina An anticopy system for solid memories flash type. (Machine-translation by Google Translate, not legally binding)
US10057260B2 (en) 2015-08-27 2018-08-21 International Business Machines Corporation Electronic device identification
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040028104A (en) * 2002-09-28 2004-04-03 주식회사 케이티 Layout method of ic-chip-board in contact 2chip card
KR20060027544A (en) * 2004-09-23 2006-03-28 주식회사 비즈모델라인 Ic card with multi-point of contact
KR20060028354A (en) * 2004-09-25 2006-03-29 주식회사 비즈모델라인 Interface devices for usb(universal serial bus)
KR20070094108A (en) * 2006-03-16 2007-09-20 주식회사 케이티프리텔 Data security device and method and mobile terminal including the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20040028104A (en) * 2002-09-28 2004-04-03 주식회사 케이티 Layout method of ic-chip-board in contact 2chip card
KR20060027544A (en) * 2004-09-23 2006-03-28 주식회사 비즈모델라인 Ic card with multi-point of contact
KR20060028354A (en) * 2004-09-25 2006-03-29 주식회사 비즈모델라인 Interface devices for usb(universal serial bus)
KR20070094108A (en) * 2006-03-16 2007-09-20 주식회사 케이티프리텔 Data security device and method and mobile terminal including the same

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2358697A1 (en) * 2011-02-03 2011-05-13 José María Martínez Marquina An anticopy system for solid memories flash type. (Machine-translation by Google Translate, not legally binding)
US10057260B2 (en) 2015-08-27 2018-08-21 International Business Machines Corporation Electronic device identification
US10069825B2 (en) 2015-08-27 2018-09-04 International Business Machines Corporation Electronic device identification
US10594693B2 (en) 2015-08-27 2020-03-17 International Business Machines Corporation Electronic device identification
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system

Also Published As

Publication number Publication date
WO2009064131A3 (en) 2009-07-16

Similar Documents

Publication Publication Date Title
US8761403B2 (en) Method and system of secured data storage and recovery
JP4395302B2 (en) Semiconductor memory card and control method thereof
US20050044377A1 (en) Method of authenticating user access to network stations
US8694799B2 (en) System and method for protection of content stored in a storage device
KR100676087B1 (en) Secure data storage apparatus with USB interface, and method thereof
CN101578608B (en) Methods and apparatuses for accessing content based on a session ticket
JP2004199138A (en) Memory device and electronic equipment using the same
US20210264410A1 (en) Online wallet device and method for creating and verifying same
JP2003058840A (en) Information protection management program utilizing rfid-loaded computer recording medium
US7783895B2 (en) Method and apparatus for encrypting data to be secured and inputting/outputting the same
CN101595488A (en) Be used for content is tied to the method and apparatus of independent storage arrangement
KR101468258B1 (en) Portable data storage device for protecting illegal replica
US8689011B2 (en) System and method for content protection
JPH10222425A (en) Device and method for accessing to security data stored in portable data carrier
TW498284B (en) Card memory apparatus
KR20090072717A (en) New data storage usb disc, computer interface usb device and method by flash memory's bad patten
WO2009072849A2 (en) Card having flash memory and display, reader of reading the card, paying method using the reader and card, art card and dispaly using the art card
WO2009064131A2 (en) Smart card with flash memory and memory reader of smart card and drm method using the reader
JP6857725B2 (en) Protection (anti-cloning) method and system for illegal copying
US20030053665A1 (en) Removable swipe-imaging device and method for identifying same
KR20080107970A (en) Smart card with flash memory and memory reader of smart card and drm method using that reader
WO2004081706A2 (en) Method and apparatus for controlling the provision of digital content
WO2009048304A2 (en) Smart card with flash memory and memory reader of smart card and drm method using that
CN101617318A (en) Be used for method and apparatus that content and licence are linked
CN103098064A (en) Method and apparatus for authenticating a non-volatile memory device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08850181

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 08/09/10)

122 Ep: pct application non-entry in european phase

Ref document number: 08850181

Country of ref document: EP

Kind code of ref document: A2