U.S. patent application number 10/217994 was filed with the patent office on 2003-09-11 for data protection system.
Invention is credited to Miles, Anthony.
Application Number | 20030169878 10/217994 |
Document ID | / |
Family ID | 9932566 |
Filed Date | 2003-09-11 |
United States Patent
Application |
20030169878 |
Kind Code |
A1 |
Miles, Anthony |
September 11, 2003 |
Data protection system
Abstract
A method of manufacturing digital data storage medium comprising
the steps of: segmenting copyright material in digital form into
consecutive segments, allocating each segment to a sector of the
storage medium, pre-determining the position of each sector on the
storage medium and using an algorithm to derive a unique encryption
key for each sector according to the logical block address
corresponding to the start of each sector, encrypting each sector
using its unique key, and writing the encrypted data sectors to the
said storage medium.
Inventors: |
Miles, Anthony;
(Oxfordshire, GB) |
Correspondence
Address: |
WOODCOCK WASHBURN LLP
ONE LIBERTY PLACE, 46TH FLOOR
1650 MARKET STREET
PHILADELPHIA
PA
19103
US
|
Family ID: |
9932566 |
Appl. No.: |
10/217994 |
Filed: |
August 12, 2002 |
Current U.S.
Class: |
380/201 ; 705/57;
G9B/20.002 |
Current CPC
Class: |
G11B 20/00507 20130101;
G11B 20/00753 20130101; G11B 20/0021 20130101; G11B 20/00956
20130101; G11B 20/00202 20130101; G11B 20/00333 20130101; G11B
2020/10546 20130101; G11B 20/00086 20130101; G11B 20/00615
20130101 |
Class at
Publication: |
380/201 ;
705/57 |
International
Class: |
G06F 012/14 |
Foreign Application Data
Date |
Code |
Application Number |
Mar 8, 2002 |
GB |
0205459.1 |
Claims
We claim:
1. A method of manufacturing an optical disc for storing digital
data comprising the steps of: (a) segmenting copyright material in
digital form into consecutive segments (b) allocating each segment
to a sector of the disc (c) pre-determining the position of each
sector on the disc and using an algorithm to derive a unique
encryption key for each sector according to the logical block
address corresponding to the start of each sector (d) encrypting
each sector using its unique key, and (d) writing the encrypted
data sectors to a disc.
2. Recorded material on an optical disc comprising digital data
segmented into consecutive sectors each containing encrypted data,
the data in each sector being encrypted using a unique key, the
unique key for each sector being dependent upon the logical block
address on the disc corresponding to the start of each sector.
3. Optical disc player software containing embedded within its code
the logical block address on the disc of the first sector
corresponding to a file or track, decryption software operated by a
key and an algorithm for determining the unique key for each sector
from the logical block address corresponding to the start of that
sector.
4. A method of reading encrypting digital data from a disc
comprising the steps of (a) decrypting data in consecutive sectors
each using a unique key (b) the unique key for each sector being
dependent upon the logical block address on the disc corresponding
to the start of that sector.
5. A method of preventing a computer copying audio sessions on an
optical disc including the steps of (a) describing the audio
session as data tracks in the Table of Contents contained within
the Q-channel information in the lead in area of the disc, (b)
describing the audio session in the Q-channel data in each sector
within the session as audio tracks.
6. A method of monitoring whether a disc according to the invention
is being accessed in an authorized way comprising the steps of (a)
including software for a supervisory program on the said disc (b)
activating this supervisory program when the computer operating
system first accesses the disc, (b) insertion of all or part of the
supervisory program into the operating systems driver chain that
allows two way communication between an application program
accessing the disc and the disc drive (d) using the supervisory
program to monitor communications between the said application
program and the disc drive.
7. A method according to claim 6 comprising (e) describing an audio
session as data tracks in the Table of Contents contained within
the Q-channel information in the lead in area of the disc, (f)
describing the audio session in the Q-channel data in each sector
within the session as audio tracks.
8. A method according to claim 6 wherein any application attempting
to access data other than the data session or sessions on the disc
will be judged illegal and blocked by the supervisory program.
9. A method according to claim 6 wherein any program other than the
player application program accessing the disc will be judged
illegal and blocked by the supervisory program.
10. A method according to claim 6 wherein the current average disc
speed is monitored by the supervisory program and if this average
speed does not fall within a range determined by the supervisory
program blocking access of the application program to the disc by
the supervisory program.
11. A method according to claim 6 where access is blocked by the
supervisory program not relaying the communication along the driver
chain or relaying a fictitious communication.
12. A method of manufacturing digital data storage medium
comprising the steps of: (a) segmenting copyright material in
digital form into consecutive segments (b) allocating each segment
to a sector of the storage medium (c) pre-determining the position
of each sector on the storage medium and using an algorithm to
derive a unique encryption key for each sector according to the
logical block address corresponding to the start of each sector (d)
encrypting each sector using its unique key, and (d) writing the
encrypted data sectors to the said storage medium.
13. A method of reading encrypting digital data from a storage
medium comprising the steps of (a) decrypting data in consecutive
sectors each using a unique key (b) the unique key for each sector
being dependent upon the logical block address on the storage
medium corresponding to the start of that sector.
14. A method of monitoring whether a storage medium according to
the invention is being accessed in an authorized way comprising the
steps of (a) including software for a supervisory program on the
storage medium (b) activating this supervisory program when the
computer operating system first accesses the storage medium, (b)
insertion of all or part of the supervisory program into the
operating systems driver chain that allows two way communication
between an application program accessing the storage medium and a
storage medium read/write unit (d) using the supervisory program to
monitor communications between the said application program and the
storage medium read/write unit.
Description
BACKGROUND OF THE INVENTION
[0001] This invention concerns apparatus, methods and articles
manufactured thereby for preventing theft of copyright material,
particularly as recorded in digital form on carrier means such as
optical disc media. In this description optical disc media is
intended to include not only CDs, CD-ROMs and DVDs, but also
similar media that may be read using electromagnetic radiation
outside of the visible range; for example, infra-red, ultra-violet
or X-rays.
[0002] The advent of recordable CDs (CD-R) has made it generally
easy and inexpensive to make unauthorised copies of Audio CDs and
CD-ROMs; for example by copying the entire contents of a audio CD
to a computer hard disc and then writing this to a CD-R. The
potential loss of revenue to recording companies from such
activities is considerable, and indeed its impact has already been
felt. Consequently, there has been much interest in techniques that
prevent such unauthorised copying.
[0003] U.S. Pat. No. 5,513,260 (Ryan) and U.S. Pat. No. 5,659,613
(Copeland) disclose a method of placing an authenticating signature
on a legitimate copy that cannot easily be detected, and hence
transferred to an illicit copy. New CD players would need a
subsystem that searched for such a signature and if the signature
should be there, but was not found, refuse to play the disc.
[0004] US 20010054028 A1 (Kuroda) describes the addition of copy
control information to copyright material, such that when an
attempt is made to copy this material using reproduction and
recording apparatus according to the invention such copying is
prevented, if appropriate, on the basis of the copy control and
information and also attribution information generated by the
reproduction apparatus.
[0005] US 2002003880 A1 (Kato) discloses a system where a recording
of copyright material is encrypted and also has a digital watermark
which is read by apparatus according to the invention, thereby
allowing the replay apparatus to obtain a disk key and so decrypt
the material.
[0006] All of the above methods and systems suffer from the
disadvantage that they do not prevent unauthorised copying of a CD
and replay of that copy on most existing CD players; that is they
require new players equipped with appropriate hardware.
[0007] US 20020001690 A1 (Selinfreund) discloses a method of
manufacturing optical discs that includes areas on the disc with
light-sensitive material. During the first pass of a conventional
optical reader the digital information on such light sensitive
areas is read correctly, but on a second pass the data is read
differently due to the activation of the light sensitive material
by the optical reader As most optical disc readers and players are
pre-programmed to re-sample data areas to assure correct copying
such discs will fail to copy correctly. While this method will work
with many existing players, the inclusion of light sensitive areas
at precise locations on the disc is expected to significantly
increase disc production costs.
[0008] US 20010053979 A1 (Kori) describes an encryption protection
system that encrypts copyright material, requiring the user to have
the decrypting key, and also keeps a record of the number of copies
made, so that a pre-determined limit can be placed on this.
However, determined copyists can with sufficient effort break such
a single or double key systems. Further, this system appears
unsuitable for replaying discs in most currently available
players.
SUMMARY OF THE INVENTION
[0009] An object of some aspects of the present invention is to
provide improved methods of protecting copyright digital data
recorded on a data storage medium, particularly optical discs such
as CDs. It is a further object of some aspects of the invention to
provide a method of producing optical discs that provide such
improved protection. It is also an object of some aspects of the
present invention to provide an optical disc with such improved
protection. A further object of some aspects of the invention is to
provide a system that is effective when used with most players and
computers presently available.
DETAILED DESCRIPTION OF THE INVENTION
[0010] CD audio discs contain at least a first session formatted in
compliance with the well known "Red Book", also known as standard
908 of the International Electrotechnical Commission (IEC) entitled
"Compact Disc Digital Audio System" (Geneva, Switzerland,
1987).
[0011] According to one aspect of the invention slight deviations
from strict "Red Book" compliance are introduced into this first
session to prevent most CD-ROM drives reading the data. Thus, the
first session on the disc will normally contain audio tracks. In
the lead in area of the disc, the Q-channel information contains
the Table of Contents (TOC). Each audio track on the first session
is described in the TOC including where the track is located on the
disc and the type of track. In a conventional CD the tracks are
described as audio tracks. In a disc according to the invention
such audio tracks are described as data tracks in the TOC. A normal
CD player does not reference this TOC but rather looks at Q-channel
data in each sector within the session. This track area data is
unaltered and conforms entirely to "Red Book" standard. Hence, such
a disc will play normally in a standard "Red Book" audio CD player.
However, when such a disc is read by a CD-ROM drive the drive will
reference the TOC and will then recognise a discrepancy between the
TOC data and that Q-channel data within each sector of the track.
This contradiction normally results in an "illegal mode for this
track", that prevents the CD-ROM drive reading the track.
[0012] Specifically, the TOC describes the tracks in the audio
session as data tracks, control=4 (0100 binary). Normally they
would be described as audio tracks, control=0 (0000 binary) (see
"Red Book", p41).
[0013] No amendments are made to the well known Cross Interleave
Reed-Solomon Code (CIRC) error protection data on the protected
disc.
[0014] A further important aspect of the invention is the ability
to play the optical disc on a computer. This is achieved by first
compressing the audio tracks, then encrypting this data and
recording this resulting data in a second session on to the optical
disc, known as a data session.
[0015] For a CD this data is recorded in the following manner; the
data is first split into logical block that will fit into a "Yellow
Book" (IEC) standard CD sector (also known as a logical block).
Each of these blocks is then encrypted using an encryption key
derived from its logical block address (LBA) or position on the CD.
The data resulting from this process is then written to the disc at
this position (LBA) using conventional mastering and recording
methods. This compressed audio data is not visible to the host
computer under normal circumstances. The data is played on a
personal computer, by including in this second session a "CD player
application program" that is visible to the host computer. This
player has built into it the ability to locate, decrypt and play
the compressed and encrypted audio data.
[0016] To enable protected discs to be played on computers using
operating systems such as Windows 95, 98, NT-4, 2000ME, 2000
Professional, 2000 Server, 2000 Server Professional, XP Home
Edition, XP Professional, Linux 6.2 and higher, Apple Macintosh OS9
and higher, Sun Unix OS8; hereafter referred to as PCs, at least
one further data session is included on the disc.
[0017] This further session is located after the first "Red Book"
compliant session and conforms to the IEC "Yellow Book" standard
and the IEC "Orange Book" standard for multi-sessions. This session
contains the player application program and any associated files,
which are visible to the computer operating system and also
encrypted data files containing the audio tracks; these latter
files not being visible to the computer operating system or
playable, except by using the CD player application program
provided on the disc.
[0018] Thus, when a protected disc is viewed by a PC file manager
only the player application program and any files directly
associated with the program will be visible.
[0019] Each sector on the disc normally contains 2048 bytes of
consecutive encrypted digital data, each sector being encrypted
with a different unlocking key. This block size is dictated by the
"Yellow Book" standard, but in principle data may be encrypted
using any convenient block size. Obviously using too large a block
size is undesirable as it would result in less variation in the
encryption, this should be avoided. The logical sector address
(LBA) corresponding to the start of each audio track (LBA-tra) is
known to the player application program this data being hidden
within the player application program code or at a location on the
disc known to the player application program, (hidden within the
player code), if the data is located on the disc then the data will
its self be encrypted, the information may also be spread over
several consecutive or randomly addressed sectors. A particular
audio track will normally comprise many thousand consecutive
sectors on the disc. The audio data in each of these sectors will
be encrypted with a different unlocking key. The player application
program contains an algorithm for deriving this unique key from the
LBA corresponding to the start of each sector (LBA.sub.sec). The
skilled person will realize that this algorithm may take a variety
of forms, as long as it generates a unique key from the LBA, Thus,
when a track is selected the player application program knows the
LBA-tra, this is the same as LBA-sec for the first sector of the
track and can derive the key from that LBA-sec to allow data from
that first sector to be decrypted. Having read the first sector the
player application program knows that the next sector starts at the
(LBA-sec) consecutive to the last LBA of the first sector. Knowing
LBA-sec the player application program can use the said algorithm
to derive the new key and so decrypt data in the second sector. In
this way the player application program can decrypt consecutive
sectors, each time deriving a new key. This is referred to below as
a dynamic key code system.
[0020] The dynamic key code system has a number of advantages over
known systems. If an unauthorised copier discovers both the LBA-tra
and the first key it only allows the first sector (block) of
digital audio data to be recovered. The key to the next consecutive
sector will normally be completely different. Further, if by some
means the consecutive encrypted sectors corresponding to a audio
track are copied, for example to a PC hard disc and the player
application program is run and directed to the first sector, it
will generate wrong keys for each sector because it would need to
know original the LBA-sec of the copied material. The sectors
occupied on the PC hard disc will almost certainly differ from
those on the original disc. Hence, the copied material will not be
decrypted by the player software.
[0021] Prior to segmentation and encryption of the audio data, this
data is preferably compressed using an appropriate compression
algorithm.
[0022] Preferably, a disc produced according to the invention
contains hidden software that is activated when the PC operating
system first accesses the storage medium; for example a CD, by
reading the directory table of contents data, whereby a memory
resident program, hereinafter called "the supervisory program"
monitors access to the protected disc. When the disc is removed the
supervisory program is removed from the memory of the PC. The
supervisory program is also designed to monitor the activity of the
disc, including disc speed, disc access type (digital or audio) and
also ensures reliable playback of the disc content.
[0023] In order to be able to monitor the disc activity, the
supervisory program must insert its self or part of its self into
the operating systems driver chain. Also the supervisory program
will be in communication with the player application program that
is allowed to "Play" the disc. A driver chain is a computer
operating system feature, where an application will communicate
with the top part of the chain. This top part of the chain will
communicate with the next layer down etc. Until finally the
communication will reach, for example, the CD-ROM drive.
Information from the CD-ROM drive will travel long the chain in the
opposite direction. This mechanism is in place in the operating
system in order to present to an application program, a standard
way of communicating with a large variety of hardware devices.
[0024] The supervisory program inserts its self into this driver
chain and can therefore monitor all communications from the
application program to the CD-ROM drive. The supervisory program
can, for example calculate the average data transfer rate, the type
of read operation that is being attempted etc, it also has the
ability to identify the disc that is the target of this
communication and as a result allow normal operation on a disc that
is not protected by the system.
[0025] If an operation that is not allowed is attempted then the
supervisory program will simply not pass the communication on and
will send a fictitious reply to the next higher part of the driver
chain and therefore eventually to the application. It may for
example chose to simply report an error to the application program
or even supply blank or incorrect information. In this way any
unauthorized access to a protected disc is blocked.
[0026] Storage medium according to the invention is only designed
to be accessed in one way by a PC; that is using the player
application program on the data session to read and decrypt data
therein. If the disc is accessed in any other way the activity will
be judged illegal and interventionary action will be taken by the
supervisory program. Normally, the supervisory program will stop
such activity and the disc will be ejected from the computer drive.
This role of the supervisory program will not prevent the copying
of an ordinary disc and will not interfere with the general
performance and/or activities of the computer.
[0027] Thus, if an "illegal" activity such as the digital
extraction of disc data to hard disk drive, is detected by the
supervisory program that command will be blocked. Likewise, if the
player application program is not open, or is closed by the user
while the disc is still in the CD-ROM drive then an eject command
is sent to the drive.
[0028] Access to the first session on the disc, by for example a CD
copying utility, will not be allowed by the supervisory program
which monitors the position of the read head and can thus identify
if data other than session data is being accessed.
[0029] If in the unlikely event that a disk copying utility is able
to read the first (audio) session of the disc, then the supervisory
program will not permit the digital extraction command used by
ASPI, ATAPI and other disk command control drivers to be used.
[0030] This method monitors the current average disc speed. If the
average speed is outside given acceptable parameters then disc
access is blocked. Speed monitoring is accomplished by the
supervisory program.
[0031] When a disc is being played in a PC using the player
software the average playback speed of the disc will be very low,
since compressed data is being read at real time. Typically data is
compressed at a ratio of about 10 to 1, i.e. ten times smaller than
the un compressed data; normal playback of the original data would
result in a disc speed of one, therefore the average disc speed
when playing the compressed data over the same period of time will
be about {fraction (1/10)} speed in this case.
[0032] Because the compressed data is read from the disc in blocks
at a high speed (Burst speed), followed by a much longer period of
inactivity, speed monitoring will need to measure the average disc
speed. The burst speed could in fact be anything up to and
including the maximum read speed of the disc, but for very short
periods. So called "ripping software" typically will try to copy at
the highest speed possible for a sustained period of time. If disc
is moving at a high speed on average then access will be blocked
(average speeds will need to be calculated over periods in the
order of ten seconds). If player application program is not playing
the disc then all access to the disc is blocked.
[0033] The present invention requires special software to control
the disc mastering machine or alternatively a CD-R, CD-RW, DVD-R or
DVD-RW disc drive. This will be referred to below as CD Production
Software (or CDPS). The CDPS needs to pre-determine the LBA
(LBA-tra and LBA-sec) of each sector of data corresponding to any
data sessions on the disc. It then selects a particular algorithm
and derives the unique encryption key for each sector. Following
compression of the audio files and division of the digital data
into consecutive segments of audio data, each of these segments is
encrypted within a data sector. Thus, when the master disc is
produced each sector of data in the data session or sessions, is
uniquely encrypted and placed at the pre-determined LBA, so
allowing the LBA-sec to be used by a player application program to
decrypt and play that sector.
[0034] The system of the invention also allows the algorithm that
derives a key from a LBA-tra or LBA-sec to be varied if desired for
each master disc produced. Advantageously, routine variations in
the algorithm used for manufacturing a given master disc can result
in completely different keys being derived for a given LBA. The
CDPS will modify the code of the player application program that is
also placed on the disc so that it contains the correct algorithm;
that is the algorithm used in the encryption step, thus allowing
the player application program to decrypt the data session.
* * * * *