EP1774696A1 - Device and method for providing and decrypting encrypted network content using a key encryption key scheme - Google Patents
Device and method for providing and decrypting encrypted network content using a key encryption key schemeInfo
- Publication number
- EP1774696A1 EP1774696A1 EP05758468A EP05758468A EP1774696A1 EP 1774696 A1 EP1774696 A1 EP 1774696A1 EP 05758468 A EP05758468 A EP 05758468A EP 05758468 A EP05758468 A EP 05758468A EP 1774696 A1 EP1774696 A1 EP 1774696A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- key
- encrypted
- decrypting
- decrypted
- index
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000000034 method Methods 0.000 title claims abstract description 16
- 230000004044 response Effects 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 3
- 238000012360 testing method Methods 0.000 description 16
- 229910052594 sapphire Inorganic materials 0.000 description 7
- 239000010980 sapphire Substances 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 2
- 238000007792 addition Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
- H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/23—Processing of content or additional data; Elementary server operations; Server middleware
- H04N21/234—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
- H04N21/2347—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
- H04N21/23476—Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption by partially encrypting, e.g. encrypting the ending portion of a movie
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption
- H04N21/44055—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving video stream decryption by partially decrypting, e.g. decrypting a video stream that has been partially encrypted
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
- H04N21/835—Generation of protective data, e.g. certificates
- H04N21/8352—Generation of protective data, e.g. certificates involving content or source identification data, e.g. Unique Material Identifier [UMID]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/173—Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
- H04N7/17309—Transmission or handling of upstream communications
- H04N7/17318—Direct or substantially direct transmission and handling of requests
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- the invention relates to a device for decrypting an encrypted content received through a network.
- the invention further relates to a system for providing an encrypted content through a network and decrypting the encrypted content, which system includes a server for providing the encrypted content, said device for decrypting the encrypted content and a storage medium (e.g., a record carrier, or a recording medium) for providing a decryption key, and its corresponding method and software program.
- a server for providing the encrypted content
- said device for decrypting the encrypted content and a storage medium (e.g., a record carrier, or a recording medium) for providing a decryption key, and its corresponding method and software program.
- a storage medium e.g., a record carrier, or a recording medium
- the Sapphire system provides fine-grained protection mechanism and is incorporated by CD2 standard.
- contents i.e. A/V streams, files, etc.
- the corresponding decryption key is stored as Asset Key (or Asset ID) in Sapphire Key Locker.
- An European Patent Application 03102257. 7 describes a disc player, a record carrier and method for reading and protecting network data, which is related to data stored in the record carrier, by using the above-mentioned Sapphire system protection mechanism.
- Figure 1 is a schematic block diagram illustrating a system including a disc player, disc and server of the patent application 03102257. 7.
- the system of figure 1 comprises a disc player 11, a disc 12 and a network unit 13 (e.g., a server) for supplying network data related to carrier data 122 stored on the disc 12.
- the network unit 13 is connected with the disc player 11 through the Internet.
- a key locker 121 is stored on the disc 12, as shown in Figure 2 in details.
- Figure 2 shows a table illustrating the contents of the key locker.
- the key locker 121 is usually a table containing four column: an application ID used as an identification for an application run by the disc player and to restrict the access of a subset of the key locker; an asset ID used as an identification of (a group of) files that are encrypted in the same key and have the same usage rights; an asset key used as a key for decryption which is required to be kept secret from the public; and a rightstring, which has an undefined format and a variable length.
- the rightstring includes a network identifier, like URL of the network unit 13, and the asset key used as a decryption key for decrypting the network data.
- the disc player 11 includes two parts: a drive 111 for reading data from the record carrier 12, and an application unit 112.
- the application unit 112 is comprised of a check element, an access element and a decrypt element.
- the access element of the application unit 112 first send a request for a specific network data from the network unit 13.
- the drive 111 retrieves a rightstring from the record carrier according to its application ID and sends the retrieved rightstrings to the application unit 112.
- the check element of the application unit 112 checks whether the URL stored in the rightstring matches with that of the specific network unit 13 providing the network data. If so, the decrypt element of the application 112 decrypts the encrypted network data provided by the network unit 13 with the decryption key stored in the rightstring. If not, the drive 111 will retrieve a rightstring again and the whole process as described above will be performed once again.
- the application unit uses the decryption key, which is identical with the asset key, to decrypt the network content.
- the application unit is a piece of hardware for executing a (software) application, which is similar with the case of an operating system (OS) or software running on a computer.
- OS operating system
- the application running in the application unit can be easily attacked/hacked, just as what hackers do to software running on a computer. Therefore, it is relatively easy to access the decryption key, which is used by the application unit to decrypt the network content and should be kept secret from the public and protected against key publishing.
- this object is achieved by providing a device for decrypting an encrypted content received through a network, comprising: an application unit for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; and a key management unit for acquiring the dedicated second key from a storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
- a system for providing and decrypting an encrypted content comprising a server for providing the encrypted content, a device for decrypting the encrypted content and a storage medium, wherein, the server is further arranged to comprise: a receiver for
- the device for decrypting the encrypted content is further arranged to comprise: an application unit for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; and a key management unit for acquiring the dedicated second key from the storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
- a method of decrypting an encrypted content received through a network comprising steps of: receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; acquiring the dedicated second key from a storage medium; and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
- a computer program for decrypting an encrypted content received through a network comprising: a first software means for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; a second software means for acquiring the dedicated second key from a storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
- the key management unit e.g., a drive
- the key management unit is basically a piece of component used by the device, which has its own conformance rules (e.g., rules complying with the Sapphire system) and has an interface between itself the and the application unit via a secure authentication channel (SAC) pre-defined by the Sapphire system. Therefore, the key management unit as a single component is very hard to be attacked, like what happens to the application unit.
- conformance rules e.g., rules complying with the Sapphire system
- SAC secure authentication channel
- the second keys i.e., the asset keys
- the application unit uses the first key which is randomly generated in response to the request for content download
- the key management unit which is relatively safer and more stable than the application unit, is the only unit in the device which knows the asset keys.
- the device and method of the present invention is more effective for preventing the content protection keys (e.g., asset keys) from being attacked.
- Fig. 1 is a schematic block diagram illustrating the structure of a system of providing and decrypting network data according to prior art, which system includes a disc player, a server and a record carrier;
- Fig. 2 shows a table of a key locker stored on the record carrier of Fig. 1;
- Fig. 3 is a schematic block diagram illustrating the structure of a system of providing and decrypting network data according to a first embodiment of the present invention, which system includes a disc player, a server and a record carrier; and
- Fig. 4 is a schematic block diagram illustrating the structure of a system of providing and decrypting network data according to a second embodiment of the present invention, which system includes a disc player, a server and a record carrier.
- the system includes a server 31 for providing an encrypted content, a disc player 32 for decrypting the encrypted content and a disc 33 for storing a key locker 121 as shown in Fig. 2 as well as disc data 122, in which the disc player 32 connects with the server 31 through a network, and the server shares the information about the key locker stored on the disc.
- the server further comprises a receiver (not shown in the figure) for receiving a request for downloading network content related to the disc data from the disc player, in which the request is preferably includes an application ID (e.g., application ID 2 in the key locker of Fig.
- the disc applications stored on the disc (e.g. multiple Java applications packages); a generator 311 for randomly generating a pass phase in response to the request; an encryptor 312 for encrypting a network content as requested, which is stored in a content pool 313, by use of the pass phase, and then encrypting the pass phase by use of an asset key selected from the key locker shared with the disc, for instance, the asset key ASDF 1234 in the key locker as shown in Fig. 2 (hereinafter, the asset key is called dedicated asset key, in order to distinguish it from other asset keys stored in the 5 key locker.
- the dedicated asset key can also be selected to encrypt other randomly generated pass phases); and a transmitter for sending the encrypted content, encrypted pass phase and the asset ID associated with the dedicated asset key, for example, the asset ID 80 in Figure 2.
- the disc player 32 comprises an application unit 321 for receiving the encrypted content, encrypted pass phase, and the associated asset ID from the server 31 and decrypting the encrypted content with the pass phase; a drive 322 for retrieving the dedicated asset key from the key locker 121 stored in the disc 33 according to the associated asset ID and decrypting the encrypted pass phase with the dedicated asset key to provide the pass phase
- the application unit 322 further includes an access element for receiving the encrypted content, encrypted pass phase and the asset ID from the server, sending the encrypted pass phase to the drive and receiving the decrypted pass phase from the drive; and an decrypt
- 322 further includes an access element for retrieving the dedicated asset key from the key locker stored on the disc according to the asset ID and passing the decrypted pass phase to the application unit via Secure Authentication Channel (SAC), and a decrypted element for decrypting the encrypted pass phase received from the application unit with the retrieved 5 dedicated asset key.
- SAC Secure Authentication Channel
- the access element of the application unit sends a request for content download to the server.
- the server randomly generates a pass phase in response to the request.
- the request for content download is optional for the generation procedure of the random pass phase, and the server can generate the pass phase on the time basis.
- the server encrypts the network content as required with the pass phase, and encrypts the pass phase with the dedicated asset key.
- the data including the asset ID, the encrypted pass phase and encrypted content, is sent to
- the application unit in which the asset ID and the encrypted pass phase are sent to the drive.
- the drive receives the encrypted pass phase and asset ID from the application unit and then retrieves the asset key according to the asset ID from the key locker on the disc.
- the drive decrypts the pass phase with the retrieved asset key and send the decrypted pass phase to the application unit via SAC.
- the application unit decrypts the
- the application unit does not exactly directly hold and handle the asset key. Instead, the application unit uses the randomly generated pass phase
- the possibility for the asset keys to be retrieved from the application unit is substantially zero.
- the column of righstring is left blank. Whether to use the rightstring field depends on applications.
- FIG. 4 The structure of a system for providing and decrypting network data according to the second embodiments of the present invention is shown in figure 4.
- the differences between the systems of figures 3 and 4 are that the generator 311 of the application unit 421 of figure 4 further generates a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a bit sequence) complying with a test sequence (i.e., a
- the application unit 421 further comprises a retrieve element for retrieving the pass phase for the decrypt element to decrypt the network content.
- the access element of the application unit 421 sends a request for content download to the server 31.
- the generator 311 of the server randomly generator a pass phase and the test sequence in response to the request.
- the request is optional for generation of the pass phase, and the generator can generator the data on time basis.
- the encrypt element 312 of the server encrypts the content stored in the content pool 313 with the generated pass phase and then encrypts the pass phase and the test sequence with a dedicated asset key, which is selected from the key locker information shared with the disc 33.
- the transmitter of the server (not shown in Figure 4) sends the encrypted content, encrypted pass phase and test sequence to the disc player 32.
- the access element of the application unit 421 of the disc player transfers the encrypted pass phase and test sequence to the drive 322.
- the access element of the drive 322 reads all of the asset keys in entries associated with its application ID from the key locker 121 stored on the disc 33, and the read asset keys include the dedicated asset key which is selected by the server to encrypt the pass phase and test sequence.
- the decrypt element of the drive decrypts the pass phase and the test sequence with each of the read asset keys to provide to the application unit 421 pairs of decrypted pass phase and test sequence with respect to each asset key.
- the retrieve element of the application unit 421 retrieves a pair of decrypted pass phase and test sequence, in which the decrypted test sequence complies with the pre-defined data structure. Then, the decrypt element of the application unit decrypts the encrypted content received from the server by use of the retrieved pass phase.
- the encrypt element of the server 31 encrypts the test sequence with the dedicated asset key.
- the encrypt element can also encrypt the test sequence with the pass phase.
- the decrypt element of the drive 322 only decrypts the encrypted pass phase with each of the read asset keys and provides pluralities of decrypted pass phases to the access element of the application unit 421.
- the decrypt element of the application unit decrypts the encrypted test sequence with each of the decrypted pass phases and provides pairs of decrypted test sequence and pass phase to the retrieve element to retrieve a pair of decrypted test sequence and pass phase, which test sequence complies with the pre-defined data structure.
- the decrypt element of the application unit decrypts the encrypted content downloaded from the server with the retrieved pass phase.
- the network content is encrypted by the pass phase
- the pass phase is encrypted by the dedicated asset key.
- the network content protection key e.g., the dedicated asset key
- the pass phase consists of not only the encrypted content protection key, but also some data that indicates which portion of the content are encrypted.
- the device for decrypting the network data is a disc player.
- any skilled persons can expected that other devices, like a computer with a drive for reading data stored on a storage medium.
- the function of the drive of the disc player can also be fulfilled with a key management unit in a compact flash card (e.g. smartcard or a USB memory stick), or with a chip affixed to a record carrier (the so-called
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Multimedia (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a method and device for decrypting an encrypted content received through a network, comprising: - an application unit for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; and - a key management unit for acquiring the dedicated second key from a storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
Description
DEVICE AND METHOD FOR PROVIDING AND DECRYPTING ENCRYPTED NETWORK CONTENT USING A KEY ENCRYPTION KEY SCHEME
FIELD OF THE INVENTION
The invention relates to a device for decrypting an encrypted content received through a network. The invention further relates to a system for providing an encrypted content through a network and decrypting the encrypted content, which system includes a server for providing the encrypted content, said device for decrypting the encrypted content and a storage medium (e.g., a record carrier, or a recording medium) for providing a decryption key, and its corresponding method and software program.
BACKGROUND OF THE INVENTION
Nowadays content protection becomes one of the major concerns of the content providers when publishing content through e.g. an optical disc or the internet. The Sapphire system provides fine-grained protection mechanism and is incorporated by CD2 standard. In Sapphire system, contents (i.e. A/V streams, files, etc.) on disc are encrypted and the corresponding decryption key is stored as Asset Key (or Asset ID) in Sapphire Key Locker.
An European Patent Application 03102257. 7 describes a disc player, a record carrier and method for reading and protecting network data, which is related to data stored in the record carrier, by using the above-mentioned Sapphire system protection mechanism.
Figure 1 is a schematic block diagram illustrating a system including a disc player, disc and server of the patent application 03102257. 7. The system of figure 1 comprises a disc player 11, a disc 12 and a network unit 13 (e.g., a server) for supplying network data related to carrier data 122 stored on the disc 12. The network unit 13 is connected with the disc player 11 through the Internet. Besides the disc data 122, a key locker 121 is stored on the disc 12, as shown in Figure 2 in details. Figure 2 shows a table illustrating the contents of the key locker. In the Sapphire system, the key locker 121 is usually a table containing four column: an application ID used as an identification for an application run by the disc
player and to restrict the access of a subset of the key locker; an asset ID used as an identification of (a group of) files that are encrypted in the same key and have the same usage rights; an asset key used as a key for decryption which is required to be kept secret from the public; and a rightstring, which has an undefined format and a variable length. In the system shown in Figure 1, the rightstring includes a network identifier, like URL of the network unit 13, and the asset key used as a decryption key for decrypting the network data.
The disc player 11 includes two parts: a drive 111 for reading data from the record carrier 12, and an application unit 112. The application unit 112 is comprised of a check element, an access element and a decrypt element. During this European Patent application, the access element of the application unit 112 first send a request for a specific network data from the network unit 13. Then, the drive 111 retrieves a rightstring from the record carrier according to its application ID and sends the retrieved rightstrings to the application unit 112. The check element of the application unit 112 checks whether the URL stored in the rightstring matches with that of the specific network unit 13 providing the network data. If so, the decrypt element of the application 112 decrypts the encrypted network data provided by the network unit 13 with the decryption key stored in the rightstring. If not, the drive 111 will retrieve a rightstring again and the whole process as described above will be performed once again.
It can be seen from the prior art that the application unit uses the decryption key, which is identical with the asset key, to decrypt the network content. Usually, the application unit is a piece of hardware for executing a (software) application, which is similar with the case of an operating system (OS) or software running on a computer. In this case, the application running in the application unit can be easily attacked/hacked, just as what hackers do to software running on a computer. Therefore, it is relatively easy to access the decryption key, which is used by the application unit to decrypt the network content and should be kept secret from the public and protected against key publishing.
SUMMERY OF THE INVENTION
It is therefore an object of the invention to provide a new system, device and method for providing and decrypting an encrypted network content, which is effective for reducing the possibility of secret keys being attacked.
In accordance with a first aspect of the present invention, this object is achieved by providing a device for decrypting an encrypted content received through a network, comprising: an application unit for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; and a key management unit for acquiring the dedicated second key from a storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
In accordance with a second aspect of the present invention, there is provided a system for providing and decrypting an encrypted content, the system comprising a server for providing the encrypted content, a device for decrypting the encrypted content and a storage medium, wherein, the server is further arranged to comprise: a receiver for
• receiving a request for a content download from the device for decrypting; a generator for generating a first key in response to the request; an encryptor for encrypting the content by using the first key to provide the encrypted content and encrypting the first key by using a dedicated second key to provide an encrypted first key; and a transmitter for transmitting the encrypted content and the encrypted first key; and the device for decrypting the encrypted content is further arranged to comprise: an application unit for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; and a key management unit for acquiring the dedicated second key from the storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
In accordance with a third aspect of the present invention, there is provided a method of decrypting an encrypted content received through a network, comprising steps of: receiving the encrypted content and an encrypted first key through the network, in which
the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; acquiring the dedicated second key from a storage medium; and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
In accordance with a fourth aspect of the present invention, there is provided a computer program for decrypting an encrypted content received through a network, comprising: a first software means for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; a second software means for acquiring the dedicated second key from a storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
The applicant notices that the key management unit (e.g., a drive) is basically a piece of component used by the device, which has its own conformance rules (e.g., rules complying with the Sapphire system) and has an interface between itself the and the application unit via a secure authentication channel (SAC) pre-defined by the Sapphire system. Therefore, the key management unit as a single component is very hard to be attacked, like what happens to the application unit.
According to the system, device and method for decryption of the present invention, the second keys (i.e., the asset keys) are kept secret from the application unit, the application unit uses the first key which is randomly generated in response to the request for content download, and the key management unit, which is relatively safer and more stable than the application unit, is the only unit in the device which knows the asset keys. In view of this, the device and method of the present invention is more effective for preventing the content protection keys (e.g., asset keys) from being attacked.
BRIEF DESCRYPTION OF DRAWINGS
Embodiments of the invention will now be discussed, by way of example, with reference to the accompanying drawings, in which like reference numbers refer to like parts, and in which:
Fig. 1 is a schematic block diagram illustrating the structure of a system of providing and decrypting network data according to prior art, which system includes a disc player, a server and a record carrier;
Fig. 2 shows a table of a key locker stored on the record carrier of Fig. 1;
Fig. 3 is a schematic block diagram illustrating the structure of a system of providing and decrypting network data according to a first embodiment of the present invention, which system includes a disc player, a server and a record carrier; and
Fig. 4 is a schematic block diagram illustrating the structure of a system of providing and decrypting network data according to a second embodiment of the present invention, which system includes a disc player, a server and a record carrier.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS OF THE INVENTION
In Figure 3 the structure of a system for providing and decrypting network data according to the first embodiment of the present invention is shown. The system includes a server 31 for providing an encrypted content, a disc player 32 for decrypting the encrypted content and a disc 33 for storing a key locker 121 as shown in Fig. 2 as well as disc data 122, in which the disc player 32 connects with the server 31 through a network, and the server shares the information about the key locker stored on the disc. The server further comprises a receiver (not shown in the figure) for receiving a request for downloading network content related to the disc data from the disc player, in which the request is preferably includes an application ID (e.g., application ID 2 in the key locker of Fig. 2) in the case that there are a variety of disc applications stored on the disc (e.g. multiple Java applications packages); a generator 311 for randomly generating a pass phase in response to the request; an encryptor 312 for encrypting a network content as requested, which is
stored in a content pool 313, by use of the pass phase, and then encrypting the pass phase by use of an asset key selected from the key locker shared with the disc, for instance, the asset key ASDF 1234 in the key locker as shown in Fig. 2 (hereinafter, the asset key is called dedicated asset key, in order to distinguish it from other asset keys stored in the 5 key locker. The dedicated asset key can also be selected to encrypt other randomly generated pass phases); and a transmitter for sending the encrypted content, encrypted pass phase and the asset ID associated with the dedicated asset key, for example, the asset ID 80 in Figure 2.
.0 The disc player 32 comprises an application unit 321 for receiving the encrypted content, encrypted pass phase, and the associated asset ID from the server 31 and decrypting the encrypted content with the pass phase; a drive 322 for retrieving the dedicated asset key from the key locker 121 stored in the disc 33 according to the associated asset ID and decrypting the encrypted pass phase with the dedicated asset key to provide the pass phase
[ 5 for the application unit.
The application unit 322 further includes an access element for receiving the encrypted content, encrypted pass phase and the asset ID from the server, sending the encrypted pass phase to the drive and receiving the decrypted pass phase from the drive; and an decrypt
20 element for decrypting the encrypted content by use of the decrypted pass phase. The drive
322 further includes an access element for retrieving the dedicated asset key from the key locker stored on the disc according to the asset ID and passing the decrypted pass phase to the application unit via Secure Authentication Channel (SAC), and a decrypted element for decrypting the encrypted pass phase received from the application unit with the retrieved 5 dedicated asset key.
The process of providing and decrypting network data by the system of the first embodiment of the present invention is described below:
0 First, the access element of the application unit sends a request for content download to the server. Then, the server randomly generates a pass phase in response to the request. Here, the request for content download is optional for the generation procedure of the random pass phase, and the server can generate the pass phase on the time basis. Then, the server
encrypts the network content as required with the pass phase, and encrypts the pass phase with the dedicated asset key.
The data, including the asset ID, the encrypted pass phase and encrypted content, is sent to
5 the application unit, in which the asset ID and the encrypted pass phase are sent to the drive. The drive receives the encrypted pass phase and asset ID from the application unit and then retrieves the asset key according to the asset ID from the key locker on the disc.
Then, the drive decrypts the pass phase with the retrieved asset key and send the decrypted pass phase to the application unit via SAC. Finally, the application unit decrypts the
0 encrypted content by use of the decrypted pass phase sent by the drive.
It can be seen from the above description that in the whole process of decrypting the content received through a network, the application unit does not exactly directly hold and handle the asset key. Instead, the application unit uses the randomly generated pass phase
5 to decrypt the network content. Therefore, the possibility for the asset keys to be retrieved from the application unit is substantially zero. Moreover, since the described embodiment of the present invention does not use the rightstring field in the key locker stored on the disc, the column of righstring is left blank. Whether to use the rightstring field depends on applications.
>0
The structure of a system for providing and decrypting network data according to the second embodiments of the present invention is shown in figure 4. The differences between the systems of figures 3 and 4 are that the generator 311 of the application unit 421 of figure 4 further generates a test sequence (i.e., a bit sequence) complying with a
.5 pre-defined data structure, such as length of sequence, definitions of certain bits, and the application unit 421 further comprises a retrieve element for retrieving the pass phase for the decrypt element to decrypt the network content.
The process of providing and decrypting network date by the system of Figure 4 according 0 to the second embodiment of the present invention is described below.
In Figure 4, the access element of the application unit 421 sends a request for content download to the server 31. Then, the generator 311 of the server randomly generator a pass
phase and the test sequence in response to the request. As mentioned above, the request is optional for generation of the pass phase, and the generator can generator the data on time basis. The encrypt element 312 of the server encrypts the content stored in the content pool 313 with the generated pass phase and then encrypts the pass phase and the test sequence with a dedicated asset key, which is selected from the key locker information shared with the disc 33. The transmitter of the server (not shown in Figure 4) sends the encrypted content, encrypted pass phase and test sequence to the disc player 32.
The access element of the application unit 421 of the disc player transfers the encrypted pass phase and test sequence to the drive 322. The access element of the drive 322 reads all of the asset keys in entries associated with its application ID from the key locker 121 stored on the disc 33, and the read asset keys include the dedicated asset key which is selected by the server to encrypt the pass phase and test sequence. Then, the decrypt element of the drive decrypts the pass phase and the test sequence with each of the read asset keys to provide to the application unit 421 pairs of decrypted pass phase and test sequence with respect to each asset key. After the access element of the application unit
421 receives the pairs from the drive, the retrieve element of the application unit 421 retrieves a pair of decrypted pass phase and test sequence, in which the decrypted test sequence complies with the pre-defined data structure. Then, the decrypt element of the application unit decrypts the encrypted content received from the server by use of the retrieved pass phase.
To summarize, the system, device and method for providing and decrypting network data has been disclosed. It can be understood that a skilled person may make any modifications, additions and insertions to the present invention which fall into the protective scope as claimed in the appended claims.
For instance, in accordance with the second embodiment, the encrypt element of the server 31 encrypts the test sequence with the dedicated asset key. However, the skilled person can reckon that the encrypt element can also encrypt the test sequence with the pass phase. In this case, the decrypt element of the drive 322 only decrypts the encrypted pass phase with each of the read asset keys and provides pluralities of decrypted pass phases to the access element of the application unit 421. Then the decrypt element of the application unit
decrypts the encrypted test sequence with each of the decrypted pass phases and provides pairs of decrypted test sequence and pass phase to the retrieve element to retrieve a pair of decrypted test sequence and pass phase, which test sequence complies with the pre-defined data structure. Then, the decrypt element of the application unit decrypts the encrypted content downloaded from the server with the retrieved pass phase.
Moreover, in all the embodiments of the present invention, the network content is encrypted by the pass phase, and the pass phase is encrypted by the dedicated asset key. It can be understood by the skilled person that any alternatives could be made concerning the encryption of the network content and pass phase. For example, the network content is not totally encrypted by the content protection key (e.g., the dedicated asset key), just partially encrypted, e.g. only file headers/important parameters/or a specific portion are encrypted, while the pass phase consists of not only the encrypted content protection key, but also some data that indicates which portion of the content are encrypted.
Further, in the embodiments, the device for decrypting the network data is a disc player. However, any skilled persons can expected that other devices, like a computer with a drive for reading data stored on a storage medium. The function of the drive of the disc player can also be fulfilled with a key management unit in a compact flash card (e.g. smartcard or a USB memory stick), or with a chip affixed to a record carrier (the so-called
Chip-in-Disc technology).
Claims
1. A device for decrypting an encrypted content received through a network, comprising: an application unit for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; and a key management unit for acquiring the dedicated second key from a storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
2. The device of claim 1, wherein the application unit is further arranged to receive an index through the network.
3. The device of claim 2, wherein the index is a data corresponding to the dedicated second key.
4. The device of claim 3, wherein the key management unit is further arranged to retrieve the dedicated second key from the storage medium according to the index.
5. The device of claim 4, wherein the application unit comprises: a first accessing element for receiving the encrypted content, the encrypted first key and the index through the network, forwarding the encrypted first key and index to the key management unit; and a first decrypting element for decrypting the encrypted content by using the first key from the key management unit.
6. The device of claims 5, wherein the drive comprises: a second accessing element for retrieving the dedicated key from the storage medium according to the index; a second decrypting element for decrypting the encrypted first key by using the dedicated second key from the second accessing element, and providing the first key for the second accessing element to forward the same to the application unit.
7. The device of claim 2, wherein the index is an encrypted data which data complies with a pre-defined data structure.
8. The device of claim 7, wherein the key management unit is further arranged to read plural second keys from the storage medium, which plural second keys include the dedicated second keys, and decrypting the encrypted first key and the index by using each of the second keys to provide pairs of decrypted first keys and decrypted index.
9. The device of claim 8, wherein the application unit is further arranged to retrieve a pair of decrypted index and decrypted first key from the key management unit according to the pre-defined data structure, and decrypt the encrypted content by using the retrieved first key.
10. The device of claim 9, wherein the application unit comprises: a first accessing element for receiving the encrypted content, the encrypted first key and the index through the network, forwarding the encrypted first key and the index to the key management unit, and receiving the pairs of decrypted index and decrypted first key from the key management unit; and a first retrieving element for retrieving a pair of decrypted index and decrypted first key according to the pre-defined data structure; and a first decrypting element for decrypting the encrypted content by using the retrieved first key.
11. The device of claims 10, wherein the key management unit comprises: a second accessing element for reading plural second keys from the storage medium; and a second decrypting element for decrypting the encrypted first key and the index by using each of the plural second keys, and providing the pairs of decrypted first key and decrypted index for the second accessing element to forward the same to the application unit.
12. The device of claim 7, wherein the application unit is further arranged to decrypt the index by using the plural decrypted first keys from the key management unit to provide pairs of decrypted index and decrypted first key, retrieve a pair of decrypted index and decrypted first key according to the pre-defined data structure, and decrypt the encrypted content by using the retrieved first key.
13. The device of claim 12, wherein the application unit comprises: a first accessing element for receiving the encrypted content, the encrypted first key and the index through the network, forwarding the encrypted first key to the key management unit and receiving plural decrypted first key from the key management unit; a first decrypting element for decrypting the index by using the plural decrypted first keys from the key management unit to provide pairs of decrypted index and decrypted first key; and a first retrieving element for retrieving a pair of decrypted index and decrypted first key according to the pre-defined data structure, so that the first decrypting element decrypts the encrypted content with the retrieved first key.
14. The device of claims 13, wherein the key management unit comprises: a second accessing element for reading the plural second keys from the storage medium; and a second decrypting element for decrypting the encrypted first key by using each of the plural second keys, and providing the plural decrypted first keys for the second accessing element to forward the same to the application unit.
15. A computer program for decrypting an encrypted content received through a network, comprising: a first software means for receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; a second software means for acquiring the dedicated second key from a storage medium, and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
16. A record carrier including the computer program of claim 15.
17. A system for providing and decrypting an encrypted content, comprising a server for providing the encrypted content, a device for decrypting the encrypted content and a storage medium, wherein, the server is further arranged to comprise: a receiver for receiving a request for a content download from the device for decrypting; a generator for generating a first key in response to the request; an encryptor for encrypting the content by using the first key to provide the encrypted content and encrypting the first key by using a dedicated second key to provide an encrypted first key; and a transmitter for transmitting the encrypted content and the encrypted first key; and the device as claimed in any one of claims 1-14.
18. A method of decrypting an encrypted content received through a network, comprising steps of: receiving the encrypted content and an encrypted first key through the network, in which the first key is associated with encryption of the content, and a dedicated second key is associated with encryption of the first key; acquiring the dedicated second key from a storage medium; and decrypting the encrypted first key by using the dedicated second key to provide the first key for the application unit to decrypt the encrypted content.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNA2004100557702A CN1728262A (en) | 2004-07-29 | 2004-07-29 | Systme, device and method of providing encryption content via network and decryption to such content |
PCT/IB2005/052205 WO2006013477A1 (en) | 2004-07-29 | 2005-07-04 | Device and method for providing and decrypting encrypted network content using a key encryption key scheme |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1774696A1 true EP1774696A1 (en) | 2007-04-18 |
Family
ID=34972552
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP05758468A Withdrawn EP1774696A1 (en) | 2004-07-29 | 2005-07-04 | Device and method for providing and decrypting encrypted network content using a key encryption key scheme |
Country Status (6)
Country | Link |
---|---|
EP (1) | EP1774696A1 (en) |
JP (1) | JP2008508763A (en) |
KR (1) | KR20070039157A (en) |
CN (2) | CN1728262A (en) |
TW (1) | TW200704092A (en) |
WO (1) | WO2006013477A1 (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9116841B2 (en) * | 2012-11-28 | 2015-08-25 | Infineon Technologies Ag | Methods and systems for securely transferring embedded code and/or data designed for a device to a customer |
CN105337954A (en) * | 2014-10-22 | 2016-02-17 | 航天恒星科技有限公司 | Method and device for encryption and decryption of IP message in satellite communication |
CN105471832A (en) * | 2014-10-22 | 2016-04-06 | 航天恒星科技有限公司 | Processing method and device of IP packet in satellite communication |
EP3221997B1 (en) | 2014-11-18 | 2019-11-13 | Nokia Technologies Oy | Secure access to remote data |
US9516359B2 (en) * | 2015-04-07 | 2016-12-06 | Divx, Llc | Session based watermarking of media content using encrypted content streams |
CN109040107A (en) * | 2018-08-29 | 2018-12-18 | 百度在线网络技术(北京)有限公司 | Data processing method, server, unmanned equipment and readable storage medium storing program for executing |
DE102019212959B3 (en) | 2019-08-28 | 2021-03-04 | Volkswagen Aktiengesellschaft | Method for protected communication between a vehicle and an external server, device for carrying out key derivation in the method and vehicle |
KR20240146183A (en) | 2023-03-28 | 2024-10-08 | 주식회사 골드레벤 | Anti-inflammatory composition and manufacturing method having an improvement effect on skin pain and swelling |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4078802B2 (en) * | 2000-12-26 | 2008-04-23 | ソニー株式会社 | Information processing system, information processing method, information processing apparatus, information recording medium, and program recording medium |
EP1507261B1 (en) * | 2001-08-08 | 2016-07-20 | Panasonic Intellectual Property Management Co., Ltd. | Copyright protection system, recording device, decryption device, and recording medium |
EP1501304A1 (en) * | 2003-07-23 | 2005-01-26 | Axalto S.A. | Procedure for monitoring the usage of a broadcasted content |
-
2004
- 2004-07-29 CN CNA2004100557702A patent/CN1728262A/en active Pending
-
2005
- 2005-07-04 CN CNA2005800252586A patent/CN1989728A/en active Pending
- 2005-07-04 EP EP05758468A patent/EP1774696A1/en not_active Withdrawn
- 2005-07-04 WO PCT/IB2005/052205 patent/WO2006013477A1/en active Application Filing
- 2005-07-04 KR KR1020077004468A patent/KR20070039157A/en not_active Application Discontinuation
- 2005-07-04 JP JP2007523180A patent/JP2008508763A/en not_active Withdrawn
- 2005-07-11 TW TW094123394A patent/TW200704092A/en unknown
Non-Patent Citations (1)
Title |
---|
See references of WO2006013477A1 * |
Also Published As
Publication number | Publication date |
---|---|
TW200704092A (en) | 2007-01-16 |
CN1728262A (en) | 2006-02-01 |
JP2008508763A (en) | 2008-03-21 |
KR20070039157A (en) | 2007-04-11 |
CN1989728A (en) | 2007-06-27 |
WO2006013477A1 (en) | 2006-02-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2165284B1 (en) | Method and apparatus for securing data in memory device | |
US8205083B2 (en) | System and method for providing program information, and recording medium used therefor | |
CA2715439C (en) | Use of media storage structure with multiple pieces of content in a content-distribution system | |
EP1244247B1 (en) | Key decrypting device | |
US20060149683A1 (en) | User terminal for receiving license | |
US20080285747A1 (en) | Encryption-based security protection method for processor and apparatus thereof | |
US8694799B2 (en) | System and method for protection of content stored in a storage device | |
AU2002213436A1 (en) | Method and apparatus for automatic database encryption | |
WO2002029577A2 (en) | Method and apparatus for automatic database encryption | |
EP2065828B1 (en) | Media storage structures for storing content, devices for using such structures, systems for distributing such structures | |
CN103635911A (en) | Storage device and host device for protecting content and method thereof | |
JP4167476B2 (en) | Data protection / storage method / server | |
EP2073142A2 (en) | Methods for authenticating a hardware device and providing a secure channel to deliver data | |
US20070160209A1 (en) | Content management method, content management program, and electronic device | |
US20040117639A1 (en) | Secure driver | |
EP1774696A1 (en) | Device and method for providing and decrypting encrypted network content using a key encryption key scheme | |
US20030046564A1 (en) | Storage medium and method for storing data decrypting algorithm | |
US20090319791A1 (en) | Electronic apparatus and copyright-protected chip | |
EP2466583A1 (en) | Information processing apparatus, information processing method, and program | |
JP6919484B2 (en) | Cryptographic communication method, cryptographic communication system, key issuing device, program | |
KR100695665B1 (en) | Apparatus and method for accessing material using an entity locked secure registry | |
JP4969093B2 (en) | Ticket protection method and client | |
KR20200082187A (en) | Secure usb dongle for usb memory without security | |
US8689014B2 (en) | Data encryption device and control method thereof | |
JP7412445B2 (en) | Content duplication device, access control device and access control program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20070228 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA HR MK YU |
|
17Q | First examination report despatched |
Effective date: 20070605 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20100105 |