WO2001018807A2 - Recovery of a master key from recorded published material - Google Patents

Recovery of a master key from recorded published material Download PDF

Info

Publication number
WO2001018807A2
WO2001018807A2 PCT/EP2000/008054 EP0008054W WO0118807A2 WO 2001018807 A2 WO2001018807 A2 WO 2001018807A2 EP 0008054 W EP0008054 W EP 0008054W WO 0118807 A2 WO0118807 A2 WO 0118807A2
Authority
WO
WIPO (PCT)
Prior art keywords
key
master key
encrypted
public
recording
Prior art date
Application number
PCT/EP2000/008054
Other languages
French (fr)
Other versions
WO2001018807A3 (en
Inventor
Michael A. Epstein
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Priority to JP2001522536A priority Critical patent/JP2003509881A/en
Priority to EP00965881A priority patent/EP1145242A3/en
Publication of WO2001018807A2 publication Critical patent/WO2001018807A2/en
Publication of WO2001018807A3 publication Critical patent/WO2001018807A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/76Television signal recording
    • H04N5/91Television signal processing therefor
    • H04N5/913Television signal processing therefor for scrambling ; for copy protection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • G06F2211/008Public Key, Asymmetric Key, Asymmetric Encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2131Lost password, e.g. recovery of lost or forgotten passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N5/00Details of television systems
    • H04N5/76Television signal recording
    • H04N5/91Television signal processing therefor
    • H04N5/913Television signal processing therefor for scrambling ; for copy protection
    • H04N2005/91357Television signal processing therefor for scrambling ; for copy protection by modifying the video signal
    • H04N2005/91364Television signal processing therefor for scrambling ; for copy protection by modifying the video signal the video signal being scrambled

Definitions

  • This invention relates to the field of consumer electronics, and in particular to the recovery of published material that is recorded in an encrypted form.
  • Digital recordings have the unique property that copies of the content material have the same quality as the original. As such, the need for an effective copy protection scheme is particularly crucial for the protection of content material that is digitally recorded.
  • a number of protection schemes have been developed or proposed that record the content material in an encrypted form.
  • Other protection schemes have been developed or proposed that record an encrypted key that controls the playback, or rendering, of the content material.
  • a "smartcard" is used to decrypt the encrypted information.
  • the smartcard contains a master key that is used to encrypt and decrypt the content material or to encrypt or decrypt another key that controls the rendering of the content material.
  • the master key is contained within the recording or playback device, or within a content-access-module that is used to decrypt the content material.
  • a smartcard or content- access-module is typically preferred, so as to allow the use of alternative or replacement recording or playback devices.
  • a conventional method for alleviating the inconvenience and impact associated with the loss of a smartcard is to maintain a registry of each smartcard and its associated master key. Such a system, however, requires that the user have a means for identifying the particular smartcard after it is lost, or requires that the registry contain an identification of each user of each smartcard.
  • the content material is intended to be published for use by the general public.
  • This published material is encrypted to prevent it from being copied or used by persons other than those who have acquired the right to access the published material, and those who have acquired the right to access the material have no privacy rights or concerns regarding access to the material.
  • the encryption process inconveniences those who have acquired the right to access the published material.
  • the success of imposing the proposed encryption schemes for safeguarding copy protected published material will be highly dependent on the general public's acceptance of this inconvenience, and in particular, to any loss of value incurred due to a misplaced or defective decryption device.
  • This objective and others are achieved by including an encryption of a master key with each recording that contains encrypted published material that requires the master key for decryption and subsequent processing.
  • the master key is encrypted using a public key associated with a trusted authority. Should the smartcard be lost, or the decryption device become inoperative, any one of the recordings containing the encrypted master key is sent to the trusted authority for a retrieval of the master key.
  • the trusted authority uses the private key corresponding to the public key that was used to encrypt the master key to determine the master key.
  • the trusted authority is the vendor of the smartcard or other encryption decryption device, and provides a replacement smartcard or device containing the retrieved master key, typically for a fee, for subsequent use by the user to decrypt other recorded material in the user's collection.
  • FIG. 1 illustrates an example block diagram of a system for recording encrypted published material in accordance with this invention.
  • FIG. 2 illustrates an example flow diagram of a system for recording encrypted published material in accordance with this invention.
  • FIG. 3 illustrates an example flow diagram for the retrieval of a master key in accordance with this invention.
  • FIG. 1 illustrates an example block diagram of a system 100 for recording encrypted published material, such as audio content, audio-visual content, virtual-reality content, multi-media content, and the like, in accordance with this invention.
  • published material is used in the general sense of content material that is recorded by one party for distribution to other parties, typically the general public. That is, the encryption of the material is not to preserve the secrecy of the content material, but rather to preserve the copy and viewing rights to the published material.
  • An encryption device 110 receives the content material 101 and provides encrypted material to a recording device 130 for recording onto a medium 140.
  • the content material 101 is often communicated from a source, such as a "pay-per-view" broadcaster, in encrypted form and decrypted locally.
  • a source such as a "pay-per-view" broadcaster
  • this decryption stage is not illustrated in FIG. 1 and is not discussed further in this disclosure.
  • the encryption device 110 encrypts the content material using either a master key M 121 to produce an encryption E M (CM) 112, or a session key K to produce an encryption E (CM) 114.
  • the master key M 121 is intended to remain constant for all encryptions of the particular system 100, and is commonly provided by, for example, a smartcard, illustrated in FIG. 1 as an access device 120.
  • the access device 120 may be embodied within a separate access module, such as a set-top-box or other device.
  • the session key K may change for each particular content material, or each content material classification, and may contain, for example, a ticket or other item that identifies the display or copy rights to the content material.
  • the access device 120 that provides the master key M 121 also provides a public key P 122 that is associated with a trusted authority, such as the vendor of the access device 120.
  • the public key P 122 is part of a public-private key-pair, the private key of the key-pair being a secret kept at the trusted authority. An item that is encrypted using the public key of the key-pair can only feasibly be decrypted by the private key of the key-pair.
  • the encryption device 110 encrypts the master key M 121 using the public key P 122, and communicates the encrypted master key Ep(M) 111 to the recording device 130 for inclusion on the medium 140 with the encrypted content material E M (CM) 112 or E (CM) 114. If the encrypted content material is encoded using the session key K, the encryption device 110 also encrypts the session key K using the master key M, and provides an encrypted session key E M (K) 113 to the recording device 130 for inclusion on the medium 140 as well.
  • a playback device 150 communicates the encrypted material 111, 112 or 111, 113, 114 from the medium 140 to the decryption device 160.
  • the medium 140 may be any of a variety of recording mediums including magnetic tape, magnetic disks, laser disks, CDs, DVDs, and so on.
  • the playback device 150 is a co ⁇ esponding device for reading the material on the medium. If the medium 140 is a hard disk drive, for example, the playback device 150 may be a computer system that reads files that are stored on a hard disk drive.
  • the decryption device 160 can receive the master key from the access device 120, if required.
  • the decryption device 160 If the content material CM 101 is encrypted using the session key K, as E ⁇ (CM) 114, and the decryption device 160 is privy to the session key K, it does not need the master key M 121 to decrypt a copy 1 O of the content material CM 101. If, on the other hand, the decryption device 160 does not have direct access to session key K, or the content material CM 101 is encrypted using the master key M 121, as E M (CM) 112, the decryption device 160 receives the master key M 121 from the access device 120 and provides thereafter a copy 101' of the content material CM 101. This copy 101' of the content material CM 101 is provided to a conventional rendering device 170 for presentation to the user in a suitable form.
  • FIG. 2 illustrates an example flow diagram for recording encrypted content material in accordance with this invention, as may be effected by the encryption device 110 of FIG. 1.
  • the use of a session key K, and the encryption of the session key K using the master key M is not illustrated in FIG. 2; the details for adding this option will be evident to one of ordinary skill in the art in view of this disclosure.
  • the process commences upon receipt of the content material CM, at 210.
  • the encryption device 110 receives a master key M and a public key P, at 220, typically from an access device 120 in FIG. 1.
  • the encryption device 110 encrypts the master key M using the public key P, at 230, and records the encrypted master key Ep(M), at 240.
  • the content material is encrypted, at 250, using the master key M, and the encrypted content material E M (CM) is similarly recorded, at 260.
  • the recording of the encrypted master key Ep(M) and the encrypted content material E M (CM) is preferably stored on the same medium 140.
  • FIG. 3 illustrates an example flow diagram for the retrieval of a master key M in accordance with this invention.
  • FIG. 3 illustrates example actions that occur at a provider's locale and at a user's locale.
  • the provider provides a master key M and a public key P to the user, the master key M and public key P being typically provided on a smartcard that is used to facilitate the encryption of copy-protected material via a conforming system 350.
  • the master key M may be generated randomly on the smart card, and not known to the provider.
  • a conforming system 350 effects and enforces the encryption and copy protection in accordance with these standards.
  • the user Via the conforming system 350 that includes encryption, decryption, recording, and playback capabilities, the user is able to create a collection 360 of encrypted content material CM that conforms to the appropriate standards, and is able to decrypt and playback the encrypted content material CM, via the use of the provided master key M.
  • the provider provides the user with a replacement master key M, via the following process, illustrated in FIG. 3.
  • the user selects an individual encrypted recording 361 from the collection 360 and sends it to the provider.
  • a copy of the recording 361 can be sent, provided that the copy contains an unmodified copy of the encrypted master key Ep(M).
  • the provider decrypts the encrypted master key Ep(M), using the co ⁇ esponding private key p, at 320, and provides a replacement copy of the master key M and public key K, at 330, typically by sending the user a replacement smartcard in return for a servicing fee.
  • FIG. 4 illustrates an example block diagram of a system for providing a replacement access device 120' in accordance with this invention.
  • the playback device 410 accesses the encrypted recording 361 from the user's collection 360 of FIG. 3 to provide the encrypted master key Ep(M) to a decryption device 420.
  • the decryption device 420 uses the private key p 401 to decrypt the encrypted master key Ep(M) to provide the master key M.
  • a programming device loads the decrypted master key M, and the public key P co ⁇ esponding to the private key p 401 into the duplicate access device 120' that is sent back to the user, typically with the encrypted recording 361.
  • the foregoing merely illustrates the principles of the invention. It will thus be appreciated that those skilled in the art will be able to devise various a ⁇ angements which, although not explicitly described or shown herein, embody the principles of the invention and are thus within its spirit and scope.
  • controls may be incorporated into the process illustrated in FIG. 3 to assure that the number of copies of the master key M is limited.
  • a simple record of the number of times a master key M is provided can be maintained, and further copies of the master key M may be precluded.
  • providing each copy of the master key M can have an increasingly higher fee charged, or some other procedure employed, so as to make an unauthorized mass distribution of the same master key M economically infeasible, or highly inefficient.
  • the access device 120 may be a programmable device that is downloaded with a master key M upon activation. Thereafter, the aforementioned process of replacing the access device 120 may include the downloading of a copy of the master key M, based on a transmission of encrypted master key Ep(M) to the downloading entity.
  • Ep(M) encrypted master key

Abstract

An encryption of a master key is included with each recording of encrypted published material that requires the master key for decryption and subsequent processing. The master key is encrypted using a public key associated with a trusted authority, typically encoded on a smartcard that is associated with each authorized user. Should the smartcard be lost, or the decryption device become inoperative, one of the recordings containing the encrypted master key is sent to the trusted authority for a retrieval of the master key. The trusted authority uses the private key corresponding to the public key that was used to encrypt the master key to determine the master key. In a preferred embodiment, the trusted authority is the vendor of the smartcard or other encryption/decryption device, and provides a replacement smartcard or device containing the retrieved master key, typically for a fee, for subsequent use by the user to decrypt other recorded material in the user's collection.

Description

Recovery of a master key from recorded published material
This invention relates to the field of consumer electronics, and in particular to the recovery of published material that is recorded in an encrypted form.
Digital recordings have the unique property that copies of the content material have the same quality as the original. As such, the need for an effective copy protection scheme is particularly crucial for the protection of content material that is digitally recorded. A number of protection schemes have been developed or proposed that record the content material in an encrypted form. Other protection schemes have been developed or proposed that record an encrypted key that controls the playback, or rendering, of the content material. In a number of these schemes, a "smartcard" is used to decrypt the encrypted information. The smartcard contains a master key that is used to encrypt and decrypt the content material or to encrypt or decrypt another key that controls the rendering of the content material. Alternatively, the master key is contained within the recording or playback device, or within a content-access-module that is used to decrypt the content material. A smartcard or content- access-module is typically preferred, so as to allow the use of alternative or replacement recording or playback devices.
After some time, the user will accumulate a collection of recordings that contain content material that can only be accessed via the use of the smartcard containing the master key. In this encrypted environment, a loss of the smartcard, or a failure of the content- access-module will effectively render the user's collection of recordings virtually worthless. Other encrypted collections, such as computer file systems, are also equally vulnerable to the loss of an access device or master key. A conventional method for alleviating the inconvenience and impact associated with the loss of a smartcard is to maintain a registry of each smartcard and its associated master key. Such a system, however, requires that the user have a means for identifying the particular smartcard after it is lost, or requires that the registry contain an identification of each user of each smartcard. Such a system is difficult to administer, and prone to administrative mishaps that could result in the complete loss of the user's collection due to a misregistration or erroneous identification of the user. In the field of law enforcement and national secuπty, "digital lockbox" techniques have been proposed for providing emergency access to encrypted files by encrypting the master key using a public key of a trusted authority, and including the encryption of the master key with each encrypted file. U.S. Patents 5,557,346 and 5,557,765, and PCT publications WO 99/04530 and WO 98/47260 discuss these techniques, and are incorporated by reference herein. The techniques presented in these publications, however, are encumbered with various safeguards to prevent the unauthorized access to the encrypted information, to protect the privacy of the individual who created the information.
In the field of consumer electronics, different considerations from law enforcement are relevant. The content material is intended to be published for use by the general public. This published material is encrypted to prevent it from being copied or used by persons other than those who have acquired the right to access the published material, and those who have acquired the right to access the material have no privacy rights or concerns regarding access to the material. In effect, the encryption process inconveniences those who have acquired the right to access the published material. The success of imposing the proposed encryption schemes for safeguarding copy protected published material will be highly dependent on the general public's acceptance of this inconvenience, and in particular, to any loss of value incurred due to a misplaced or defective decryption device.
It is an object of this invention to provide a method and device for recording encrypted published material that facilitates a simple retrieval of a master key that can be used to decrypt the published material. It is a further object of this invention to provide a method of providing a replacement decryption device that contains a master key that is suitable for decrypting encrypted information.
This objective and others are achieved by including an encryption of a master key with each recording that contains encrypted published material that requires the master key for decryption and subsequent processing. The master key is encrypted using a public key associated with a trusted authority. Should the smartcard be lost, or the decryption device become inoperative, any one of the recordings containing the encrypted master key is sent to the trusted authority for a retrieval of the master key. The trusted authority uses the private key corresponding to the public key that was used to encrypt the master key to determine the master key. In a preferred embodiment, the trusted authority is the vendor of the smartcard or other encryption decryption device, and provides a replacement smartcard or device containing the retrieved master key, typically for a fee, for subsequent use by the user to decrypt other recorded material in the user's collection.
The invention is explained in further detail, and by way of example, with reference to the accompanying drawings wherein:
FIG. 1 illustrates an example block diagram of a system for recording encrypted published material in accordance with this invention.
FIG. 2 illustrates an example flow diagram of a system for recording encrypted published material in accordance with this invention.
FIG. 3 illustrates an example flow diagram for the retrieval of a master key in accordance with this invention.
Throughout the drawings, same reference numerals indicate similar or corresponding features or functions.
FIG. 1 illustrates an example block diagram of a system 100 for recording encrypted published material, such as audio content, audio-visual content, virtual-reality content, multi-media content, and the like, in accordance with this invention. For the purposes of this specification, the term published material is used in the general sense of content material that is recorded by one party for distribution to other parties, typically the general public. That is, the encryption of the material is not to preserve the secrecy of the content material, but rather to preserve the copy and viewing rights to the published material. An encryption device 110 receives the content material 101 and provides encrypted material to a recording device 130 for recording onto a medium 140. As is common in the art, the content material 101 is often communicated from a source, such as a "pay-per-view" broadcaster, in encrypted form and decrypted locally. For ease of understanding, this decryption stage is not illustrated in FIG. 1 and is not discussed further in this disclosure. Depending upon the specific standard or convention employed by the encryption device 110, the encryption device 110 encrypts the content material using either a master key M 121 to produce an encryption EM(CM) 112, or a session key K to produce an encryption E (CM) 114. The master key M 121 is intended to remain constant for all encryptions of the particular system 100, and is commonly provided by, for example, a smartcard, illustrated in FIG. 1 as an access device 120. Alternatively, the access device 120 may be embodied within a separate access module, such as a set-top-box or other device. As is common in the art, the session key K may change for each particular content material, or each content material classification, and may contain, for example, a ticket or other item that identifies the display or copy rights to the content material. Copending U.S. Patent
Application "Copy Protection by Ticket Encryption", serial number 09/333,628, filed 6/15/99 for Michael Epstein, Attorney docket PHA 23,457, presents techniques for copy and display protection of copyright material, and is incorporated by reference herein. The session key K is commonly generated locally, using, for example, a key-exchange between the encryption device 110, and a coπesponding decryption device 160. Copending U.S. Patent Application
"Key Exchange Via a Portable Remote Control Device", serial number , filed for Michael Epstein, Attorney docket PHA (Disclosure 700621), presents methods and applications for exchanging cryptography keys between authorized devices, and is incorporated by reference herein. In accordance with this invention, the access device 120 that provides the master key M 121 also provides a public key P 122 that is associated with a trusted authority, such as the vendor of the access device 120. The public key P 122 is part of a public-private key-pair, the private key of the key-pair being a secret kept at the trusted authority. An item that is encrypted using the public key of the key-pair can only feasibly be decrypted by the private key of the key-pair. The encryption device 110 encrypts the master key M 121 using the public key P 122, and communicates the encrypted master key Ep(M) 111 to the recording device 130 for inclusion on the medium 140 with the encrypted content material EM(CM) 112 or E (CM) 114. If the encrypted content material is encoded using the session key K, the encryption device 110 also encrypts the session key K using the master key M, and provides an encrypted session key EM(K) 113 to the recording device 130 for inclusion on the medium 140 as well. In many cases, it is difficult to store a session key K on a smartcard, whereas the inclusion of an encryption of the session key based on a master key M 121 provides a means for retrieving the session key K via the use of a smartcard containing the master key M 121. Note that by encrypting the content material CM 101 or the key K to decrypt the encrypted content material EK(CM) 114 using the master key M 121 , and storing these encryptions 111, 112 or 111, 113, 114 on the medium 100, the content material CM 101 can be recovered by a decryption, or series of decryptions, based on the master key M 121. To render the encrypted content material that is stored on the medium 140, a playback device 150 communicates the encrypted material 111, 112 or 111, 113, 114 from the medium 140 to the decryption device 160. The medium 140 may be any of a variety of recording mediums including magnetic tape, magnetic disks, laser disks, CDs, DVDs, and so on. The playback device 150 is a coπesponding device for reading the material on the medium. If the medium 140 is a hard disk drive, for example, the playback device 150 may be a computer system that reads files that are stored on a hard disk drive. The decryption device 160 can receive the master key from the access device 120, if required. If the content material CM 101 is encrypted using the session key K, as Eκ(CM) 114, and the decryption device 160 is privy to the session key K, it does not need the master key M 121 to decrypt a copy 1 O of the content material CM 101. If, on the other hand, the decryption device 160 does not have direct access to session key K, or the content material CM 101 is encrypted using the master key M 121, as EM(CM) 112, the decryption device 160 receives the master key M 121 from the access device 120 and provides thereafter a copy 101' of the content material CM 101. This copy 101' of the content material CM 101 is provided to a conventional rendering device 170 for presentation to the user in a suitable form. For example, if the content material CM 101 is an audio recording, the rendering device 170 provides an audio representation of the content material CM 101. Similarly, if the content material CM 101 is a plurality of stimuli associated with a virtual reality environment, the rendering device 170 provides the appropriate representations of each of the recorded stimuli. FIG. 2 illustrates an example flow diagram for recording encrypted content material in accordance with this invention, as may be effected by the encryption device 110 of FIG. 1. For ease of understanding, the use of a session key K, and the encryption of the session key K using the master key M, is not illustrated in FIG. 2; the details for adding this option will be evident to one of ordinary skill in the art in view of this disclosure. The process commences upon receipt of the content material CM, at 210. Thereafter, the encryption device 110 receives a master key M and a public key P, at 220, typically from an access device 120 in FIG. 1. The encryption device 110 encrypts the master key M using the public key P, at 230, and records the encrypted master key Ep(M), at 240. The content material is encrypted, at 250, using the master key M, and the encrypted content material EM(CM) is similarly recorded, at 260. In accordance with this invention, the recording of the encrypted master key Ep(M) and the encrypted content material EM(CM) is preferably stored on the same medium 140.
As can be seen from the above, a knowledge of the master key M allows for the decryption of all material that is recorded in accordance with this invention. FIG. 3 illustrates an example flow diagram for the retrieval of a master key M in accordance with this invention. FIG. 3 illustrates example actions that occur at a provider's locale and at a user's locale. At 310, the provider provides a master key M and a public key P to the user, the master key M and public key P being typically provided on a smartcard that is used to facilitate the encryption of copy-protected material via a conforming system 350. Alternatively, the master key M may be generated randomly on the smart card, and not known to the provider. As noted above, a number of standards have been proposed that call for the encryption of copy-protected material using a master key M that is unique for each user, to prevent the uncontrolled reproduction of copy-protected content material CM. A conforming system 350 effects and enforces the encryption and copy protection in accordance with these standards. Via the conforming system 350 that includes encryption, decryption, recording, and playback capabilities, the user is able to create a collection 360 of encrypted content material CM that conforms to the appropriate standards, and is able to decrypt and playback the encrypted content material CM, via the use of the provided master key M.
If the user loses the master key M, or the smartcard becomes faulty, the provider provides the user with a replacement master key M, via the following process, illustrated in FIG. 3. The user selects an individual encrypted recording 361 from the collection 360 and sends it to the provider. In lieu of sending the original encrypted recording 361, a copy of the recording 361 can be sent, provided that the copy contains an unmodified copy of the encrypted master key Ep(M). The provider decrypts the encrypted master key Ep(M), using the coπesponding private key p, at 320, and provides a replacement copy of the master key M and public key K, at 330, typically by sending the user a replacement smartcard in return for a servicing fee. In this manner, by paying the associated service fees, a user is able to continue to access and playback each recording of the user's collection 360. FIG. 4 illustrates an example block diagram of a system for providing a replacement access device 120' in accordance with this invention. The playback device 410 accesses the encrypted recording 361 from the user's collection 360 of FIG. 3 to provide the encrypted master key Ep(M) to a decryption device 420. The decryption device 420 uses the private key p 401 to decrypt the encrypted master key Ep(M) to provide the master key M. A programming device loads the decrypted master key M, and the public key P coπesponding to the private key p 401 into the duplicate access device 120' that is sent back to the user, typically with the encrypted recording 361. The foregoing merely illustrates the principles of the invention. It will thus be appreciated that those skilled in the art will be able to devise various aπangements which, although not explicitly described or shown herein, embody the principles of the invention and are thus within its spirit and scope. For example, controls may be incorporated into the process illustrated in FIG. 3 to assure that the number of copies of the master key M is limited. For example, a simple record of the number of times a master key M is provided can be maintained, and further copies of the master key M may be precluded. Alternatively, providing each copy of the master key M can have an increasingly higher fee charged, or some other procedure employed, so as to make an unauthorized mass distribution of the same master key M economically infeasible, or highly inefficient.
The particular structures and functions of the figures in this disclosure are presented for illustration purposes. Other configurations and functional implementations are feasible. For example, the access device 120 may be a programmable device that is downloaded with a master key M upon activation. Thereafter, the aforementioned process of replacing the access device 120 may include the downloading of a copy of the master key M, based on a transmission of encrypted master key Ep(M) to the downloading entity. These and other system configuration and optimization features will be evident to one of ordinary skill in the art in view of this disclosure, and are included within the scope of the following claims.

Claims

CLAIMS:
1. A method for recording published material (101) comprising: encrypting (210) the published material (101) to produce an encrypted content (112, 114) that depends upon a master key (121) to facilitate a decryption of the encrypted content (112, 114), encrypting (230) the master key (121) to produce an encrypted master key (111) that depends upon a private key (p) to facilitate a decryption of the master key (121), recording (240) the encrypted master key (111) and the encrypted content (112, 114) on a recording medium (140).
2. The method of claim 1, wherein encrypting (210) the published material (101) includes : encrypting the published material (101) using a first key (K) to produce the encrypted content (114), encrypting the first key (K) to produce an encrypted first key (113) that depends upon the master key (121) to facilitate a decryption of the first key(K), and the method further includes : recording the encrypted first key (113) on the recording medium (140).
3. The method of claim 1 , wherein the encrypting (230) of the master key (121) is based on a public key (P) that coπesponds to the private key (p) as a public-private key pair.
4. The method of claim 1, wherein the published material (101) comprises at least one of: audio material, video material, audio-visual material, and virtual reality material.
5. The method of claim 1, wherein the recording medium (140) is at least one of: a magnetic tape, a magnetic disk, a laser disk, a CD, and a DVD.
6. A method of providing a replacement access device (120') for facilitating a decryption of an encrypted content material (112, 114) comprising: receiving a recording (361) from a user that includes an encryption (111) of a master key (121) based on a public key (P), decrypting (320) the encryption (111) of the master key (121) to produce a copy of the master key (121), using a private key (p) that coπesponds to the public key (P) as a public-private key pair, encoding (430) the copy of the master key (121) in the replacement access device (120'), and providing (330) the replacement access device (120') to the user.
7. The method of claim 6, further including: providing an original access device (120) that contains the master key (121) to the user.
8. The method of claim 6, further including: maintaining a record of each copy of the master key (121), and providing (330) the replacement access device (120') in dependence upon the record.
9. The method of claim 6, further including: assessing a fee for providing the replacement access device (120').
10. The method of claim 9, further including: maintaining a record of each copy of the master key (121), and determining the fee for providing the replacement access device (120') in dependence upon the record.
11. The method of claim 10, wherein determining the fee includes: determining a number of occuπences of each copy of the master key (121), and determining the fee in coπelation with the number of occuπences.
12. The method of claim 6, wherein the recording (361) is contained on at least one of: a magnetic tape, a magnetic disk, a laser disk, a CD, and a DVD.
13. A system comprising: an encryption device (110) that is configured to: encrypt published material (101) to provide encrypted content material (112, 114) whose decryption depends upon a master key (121), and encrypt the master key (121) to provide an encrypted master key (111) whose decryption depends upon a private key (p), and a recording device (130) that is configured to record the encrypted master key (111) and the encrypted content material (112, 114) on a recording medium (140).
14. The system of claim 13, wherein the recording medium (140) is at least one of: a magnetic tape, a magnetic disk, a laser disk, a CD, and a DVD.
15. The system of claim 13, wherein the encryption device (110) is configured to encrypt the master key (121) based on a public key (P) that coπesponds to the private key (p) as a public-private key pair.
16. The system of claim 13, wherein the encryption device (110) is configured to encrypt the published material such that: the published material (101) is encrypted via a first key (K) to produce the encrypted content material (114), and the first key (K) is encrypted via the master key (121) to produce an encrypted first key (113), and, the recording device (130) is further configured to record the encrypted first key (113).
17. A system for providing a replacement access device (120') comprising: a playback device (410) that provides an encrypted master key (111) from a recording (361) that contains an encrypted master key (111) based on a public key (P) of a public-private key pair and encrypted content material (112, 114) that is decryptable based on a master key (121) coπesponding to the encrypted master key (111), a decryption device (420) that decrypts the master key (121) from the encrypted master key (111) based on a private key (p) that coπesponds to the public key (P) of the public-private key pair, a programming device (430) that records the master key (121) on the replacement access device (120').
18. The system of claim 17, wherein the programming device (430) also records the public key (P) on the replacement access device (120').
19. A recording (361) contained on a medium comprising: an encryption (111) of a master key (121) based on a public key (P) of a public-private key- pair whose decryption is facilitated by a private key (p) of the public-private key-pair, and an encryption of published material (101) whose decryption is facilitated by the master key (121).
20. The recording (361) of claim 19, wherein the medium includes at least one of: a magnetic tape, a magnetic disk, a laser disk, a CD, and a DVD.
PCT/EP2000/008054 1999-09-03 2000-08-16 Recovery of a master key from recorded published material WO2001018807A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2001522536A JP2003509881A (en) 1999-09-03 2000-08-16 How to recover a master key from recorded electronic publications
EP00965881A EP1145242A3 (en) 1999-09-03 2000-08-16 Recovery of a master key from recorded published material

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US38982599A 1999-09-03 1999-09-03
US09/389,825 1999-09-03

Publications (2)

Publication Number Publication Date
WO2001018807A2 true WO2001018807A2 (en) 2001-03-15
WO2001018807A3 WO2001018807A3 (en) 2001-10-04

Family

ID=23539874

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2000/008054 WO2001018807A2 (en) 1999-09-03 2000-08-16 Recovery of a master key from recorded published material

Country Status (5)

Country Link
EP (1) EP1145242A3 (en)
JP (1) JP2003509881A (en)
KR (1) KR100748867B1 (en)
CN (1) CN1327586A (en)
WO (1) WO2001018807A2 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1233381A3 (en) * 2001-02-20 2003-03-19 Kabushiki Kaisha Toshiba IC card terminal unit and IC card duplication method
EP1331614A3 (en) * 2001-12-12 2003-11-12 Setec Oy Method of loading a secret key of one device into another device
WO2005064432A2 (en) * 2003-12-30 2005-07-14 Wibu-Systems Ag Authorization code recovering method
WO2005064433A1 (en) * 2003-12-22 2005-07-14 Koninklijke Philips Electronics N.V. Software execution protection using an active entity
WO2005069102A1 (en) * 2004-01-13 2005-07-28 Koninklijke Philips Electronics N.V. Backup and restoration of drm security data
WO2006003632A3 (en) * 2004-07-02 2006-05-18 Philips Intellectual Property Security unit and method for protecting data
KR100731242B1 (en) 2004-04-13 2007-06-22 가부시키가이샤 히타치세이사쿠쇼 Encoding backup method and decoding restore method
US20080005030A1 (en) * 2006-06-30 2008-01-03 Scientific-Atlanta, Inc. Secure Escrow and Recovery of Media Device Content Keys
US7861082B2 (en) 2002-05-24 2010-12-28 Pinder Howard G Validating client-receivers
US9277295B2 (en) 2006-06-16 2016-03-01 Cisco Technology, Inc. Securing media content using interchangeable encryption key

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20020049483A (en) * 2000-12-19 2002-06-26 조충환 Carcass member of bias tire
JP3978046B2 (en) * 2002-02-25 2007-09-19 日本電信電話株式会社 File access control method, program, and storage medium
EP1480371A1 (en) * 2003-05-23 2004-11-24 Mediacrypt AG Device and method for encrypting and decrypting a block of data
NZ603822A (en) * 2004-08-12 2013-07-26 Cmla Llc Permutation data transform to enhance security

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0679029A1 (en) * 1991-03-29 1995-10-25 Scientific-Atlanta, Inc. System for cooperating with a satellite transponder
EP0773490A1 (en) * 1995-11-07 1997-05-14 Fujitsu Limited Security system for protecting information stored in storage media
EP0802535A1 (en) * 1995-10-09 1997-10-22 Matsushita Electric Industrial Co., Ltd. Information recording medium, information reproduction apparatus and information reproduction method
WO1999004530A1 (en) * 1997-07-15 1999-01-28 V-One Corporation File encryption with key recovery
EP0936812A1 (en) * 1998-02-13 1999-08-18 CANAL+ Société Anonyme Method and apparatus for recording of encrypted digital data
WO2000062290A1 (en) * 1999-03-25 2000-10-19 Koninklijke Philips Electronics N.V. Key distribution via a memory device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0679029A1 (en) * 1991-03-29 1995-10-25 Scientific-Atlanta, Inc. System for cooperating with a satellite transponder
EP0802535A1 (en) * 1995-10-09 1997-10-22 Matsushita Electric Industrial Co., Ltd. Information recording medium, information reproduction apparatus and information reproduction method
EP0773490A1 (en) * 1995-11-07 1997-05-14 Fujitsu Limited Security system for protecting information stored in storage media
WO1999004530A1 (en) * 1997-07-15 1999-01-28 V-One Corporation File encryption with key recovery
EP0936812A1 (en) * 1998-02-13 1999-08-18 CANAL+ Société Anonyme Method and apparatus for recording of encrypted digital data
WO2000062290A1 (en) * 1999-03-25 2000-10-19 Koninklijke Philips Electronics N.V. Key distribution via a memory device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
TASKETT J: "SMART CARDS AS A REPLACEABLE SECURITY ELEMENT FOR TELEVISION DELIVERY ACCESS CONTROL" PROCEEDINGS OF THE ANNUAL CONVENTION AND EXPOSITION,US,WASHINGTON, NCTA, vol. CONVENTION 42, 6 June 1993 (1993-06-06), pages 128-132, XP000410492 *

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1233381A3 (en) * 2001-02-20 2003-03-19 Kabushiki Kaisha Toshiba IC card terminal unit and IC card duplication method
US7076800B2 (en) 2001-02-20 2006-07-11 Kabushiki Kaisha Toshiba IC card terminal unit and IC card duplication method
EP1331614A3 (en) * 2001-12-12 2003-11-12 Setec Oy Method of loading a secret key of one device into another device
US7861082B2 (en) 2002-05-24 2010-12-28 Pinder Howard G Validating client-receivers
WO2005064433A1 (en) * 2003-12-22 2005-07-14 Koninklijke Philips Electronics N.V. Software execution protection using an active entity
WO2005064432A2 (en) * 2003-12-30 2005-07-14 Wibu-Systems Ag Authorization code recovering method
WO2005064432A3 (en) * 2003-12-30 2005-11-24 Wibu Systems Ag Authorization code recovering method
US8160967B2 (en) 2003-12-30 2012-04-17 Wibu-Systems Ag Authorization code recovering method
WO2005069102A1 (en) * 2004-01-13 2005-07-28 Koninklijke Philips Electronics N.V. Backup and restoration of drm security data
KR100731242B1 (en) 2004-04-13 2007-06-22 가부시키가이샤 히타치세이사쿠쇼 Encoding backup method and decoding restore method
WO2006003632A3 (en) * 2004-07-02 2006-05-18 Philips Intellectual Property Security unit and method for protecting data
US8452986B2 (en) 2004-07-02 2013-05-28 Nxp B.V. Security unit and protection system comprising such security unit as well as method for protecting data
US9277295B2 (en) 2006-06-16 2016-03-01 Cisco Technology, Inc. Securing media content using interchangeable encryption key
US11212583B2 (en) 2006-06-16 2021-12-28 Synamedia Limited Securing media content using interchangeable encryption key
US20080005030A1 (en) * 2006-06-30 2008-01-03 Scientific-Atlanta, Inc. Secure Escrow and Recovery of Media Device Content Keys
WO2008005789A2 (en) 2006-06-30 2008-01-10 Scientific-Atlanta, Inc. Secure escrow and recovery of media device content keys
WO2008005789A3 (en) * 2006-06-30 2008-04-17 Scientific Atlanta Secure escrow and recovery of media device content keys
US9137480B2 (en) * 2006-06-30 2015-09-15 Cisco Technology, Inc. Secure escrow and recovery of media device content keys

Also Published As

Publication number Publication date
JP2003509881A (en) 2003-03-11
KR20010083940A (en) 2001-09-03
CN1327586A (en) 2001-12-19
EP1145242A3 (en) 2001-12-05
WO2001018807A3 (en) 2001-10-04
EP1145242A2 (en) 2001-10-17
KR100748867B1 (en) 2007-08-13

Similar Documents

Publication Publication Date Title
USRE42106E1 (en) Digital data file encryption apparatus and method and recording medium for recording digital data file encryption program thereon
EP1312087B1 (en) Method and device for controlling distribution and use of digital works
EP1598822B1 (en) Secure storage on recordable medium in a content protection system
JP5362675B2 (en) Key distribution by memory device
US20050021948A1 (en) Secure single drive copy method and apparatus
US7325247B2 (en) Information management method using a recording medium with a secure area and a user-use area
US8005758B2 (en) Encryption/decryption method and apparatus for controlling content use based on license information
CN1305310C (en) Device and method for selectively supplying access to a service encrypted using a control word and smart card
EP1145242A2 (en) Recovery of a master key from recorded published material
EP1393317B1 (en) Encryption and decryption of data on a record carrier
KR101407139B1 (en) Method of recording and securely distributing digital data, access device and recorder
TWI271618B (en) Apparatus and method for reading or writing user data
JPH11250571A (en) Information distributing device, terminal device and information distributing system
US20090177712A1 (en) Digital data Recording device
US20040098601A1 (en) Secure local copy protection
KR101270712B1 (en) A method for protecting digital content by encrypting and decrypting a memory card

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 00801828.6

Country of ref document: CN

AK Designated states

Kind code of ref document: A2

Designated state(s): CN JP KR

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

WWE Wipo information: entry into national phase

Ref document number: 2000965881

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2001 522536

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 1020017005512

Country of ref document: KR

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): CN JP KR

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE

WWP Wipo information: published in national office

Ref document number: 2000965881

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2000965881

Country of ref document: EP