WO2001073567A1 - Secure compact disc technology - Google Patents

Secure compact disc technology Download PDF

Info

Publication number
WO2001073567A1
WO2001073567A1 PCT/US2001/010136 US0110136W WO0173567A1 WO 2001073567 A1 WO2001073567 A1 WO 2001073567A1 US 0110136 W US0110136 W US 0110136W WO 0173567 A1 WO0173567 A1 WO 0173567A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
drive
gold
compact disc
format
Prior art date
Application number
PCT/US2001/010136
Other languages
French (fr)
Inventor
Daniel R. Salmonsen
Don Shulsinger
Original Assignee
Oak Technology, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oak Technology, Inc. filed Critical Oak Technology, Inc.
Priority to AU2001251102A priority Critical patent/AU2001251102A1/en
Publication of WO2001073567A1 publication Critical patent/WO2001073567A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • G06T1/0021Image watermarking
    • G06T1/005Robust watermarking, e.g. average attack or collusion attack resistant
    • G06T1/0071Robust watermarking, e.g. average attack or collusion attack resistant using multiple or alternating watermarks
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00884Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a watermark, i.e. a barely perceptible transformation of the original data which can nevertheless be recognised by an algorithm
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T2201/00General purpose image data processing
    • G06T2201/005Image watermarking
    • G06T2201/0064Image watermarking for copy protection or copy management, e.g. CGMS, copy only once, one-time copy

Definitions

  • the present invention relates to compact disc technology, and more specifically, to secure compact disc technology.
  • FIG. 1 is a block diagram of a prior art system.
  • a compact disc 110 is placed in a legacy drive 120, a standard compact disc drive.
  • the data can then be "ripped," e.g. acquired by a computer system, including a "wild" application 130.
  • ripping data includes generating a digital copy of the data and compressing this digital copy.
  • One example of the compression mechanism used is MP3.
  • the wild application 130 can then pass copies of the data ripped from the original disc 110 to a hard drive 140, a portable device, a sound card, or the Internet. This permits a user to make any number of copies of the tracks ripped from the original disc 110.
  • the wild application 130 can make copied discs 150, which may be used by others. This is disadvantageous to the content providers, since users can create copied discs 150, and distribute content via the Internet. It is also disadvantageous to users because ripping a disc is a tedious, unreliable process.
  • SDMI Secure Digital Music Initiative
  • FIG. 2 is a block diagram of a prior art system using the SDMI structure.
  • Original CD 210 includes a strong watermark (Swm) and a fragile watermark (Fwm).
  • the disc 210 is placed in legacy drive 220.
  • the data from the original CD 210 may be ripped by both a trusted SDMI application 240, and a wild application 230.
  • Both the wild application 230 and trusted application 240 may interact with hard drive 250, portable devices, as well as sound card or other output mechanism.
  • both the wild application 230 and trusted application 240 can interact with the Internet.
  • a copy created using the trusted SDMI application 240 is a secured copy 270, which has the strong watermark, but from which the fragile watermark has been peeled.
  • the trusted application 240 recognizes the secure copy 270 as a copy of an original disc.
  • the wild application 230 can also make copies.
  • the wild application 230 can make a bit-by-bit copy of the original 210, resulting in a wild copy 260 that includes the strong and the fragile watermarks.
  • the trusted application 240 can not differentiate between a wild copy 260 and an original 210.
  • an original SDMI compliant CD 210 may be copied. This is disadvantageous to content providers. Furthermore, users must still do the ripping, which is a tedious, unreliable process.
  • a method and apparatus for a secure compact disc system comprises a backward compatible compact disc including a Gold Format area, a drive to read the compact disc, and a client application for receiving data from the drive and for playing, storing, and copying the data.
  • the Gold format data can only be read if the drive is a Gold drive.
  • the client application can only interface with the Gold drive if the client application is a trusted client application.
  • Figure 1 is a diagram of a prior art compact disc system.
  • FIG. 2 is a diagram of a prior art compact disc system using SDMI.
  • Figure 3 is a block diagram of one embodiment of a computer system.
  • Figure 4 is an illustration of one embodiment of a compact disc in accordance with the present invention.
  • FIG. 5 is a block diagram of one embodiment of the compact disc system in accordance with the present invention.
  • Figure 6 is a chart illustrating the interaction between the compact discs and players of various formats.
  • Figure 7 is a diagram of one embodiment of the compact disc system using the new drive and the new disc format.
  • Figure 8 is a diagram of one embodiment of the compact disc system using a legacy drive and the new disc format.
  • Figure 9 is a flowchart of one embodiment of the new drive interacting with a compact disc.
  • Figure 10 is a flowchart of one embodiment of a trusted client application interacting with data received from the new drive.
  • the secure CD system includes a backward compatible enhanced compact disc format.
  • the enhanced compact disc format includes an area on the CD that can only be read by a new drive. For simplicity, this area is termed as the "Gold Format” for the remainder of this application, and the CD including this area is termed a "Gold CD.”
  • the Gold CD further includes, for one embodiment, data in the standard Red Book audio format, which may be read by any drive.
  • the Gold CD may further include a Yellow Book format copy of the data, which may be pre-compressed and encrypted.
  • the Gold CDs include the Gold Format data, and the Red Book and /or Yellow Book data.
  • the Red Book area may be eliminated, leaving more space for compressed and other content.
  • the new drive includes embedded security mechanisms that prevent unsecure copies of the Gold Format data from being made. Furthermore, the new drive interacts only with secure client software. In this way, no wild applications may be used to make a bit-by-bit copy of the data on the CD.
  • This architecture and format is consistent with SDMI and CPSA architectures.
  • FIG. 3 is a block diagram of one embodiment of a computer system. It will be apparent to those of ordinary skill in the art, however that other alternative systems of various system architectures may also be used.
  • the data processing system illustrated in Figure 3 includes a bus or other internal communication means 345 for communicating information, and a processor 340 coupled to the bus 345 for processing information.
  • the system further comprises a random access memory (RAM) or other volatile storage device 350 (referred to as memory), coupled to bus 345 for storing information and instructions to be executed by processor 340.
  • Main memory 350 also may be used for storing temporary variables or other intermediate information during execution of instructions by processor 340.
  • the system also comprises a read only memory (ROM) and/or static storage device 320 coupled to bus 340 for storing static information and instructions for processor 340, and a data storage device 325 such as a magnetic disc or optical disc and its corresponding disc drive.
  • Data storage device 325 is coupled to bus 345 for storing information and instructions.
  • the system may further be coupled to a display device 370, such as a cathode ray tube (CRT) or a liquid crystal display (LCD) coupled to bus 345 through bus 365 for displaying information to a computer user.
  • a display device 370 such as a cathode ray tube (CRT) or a liquid crystal display (LCD) coupled to bus 345 through bus 365 for displaying information to a computer user.
  • An alphanumeric input device 375 including alphanumeric and other keys, may also be coupled to bus 345 through bus 365 for communicating information and command selections to processor 340.
  • cursor control device 380 such as a mouse, a trackball, stylus, or cursor direction keys coupled to bus 345 through bus 365 for communicating direction information and command selections to processor 340, and for controlling cursor movement on display device 370.
  • the communication device 390 may include any of a number of commercially available networking peripheral devices such as those used for coupling to an Ethernet, token ring, Internet, or wide area network. Note that any or all of the components of this system illustrated in Figure 3 and associated hardware may be used in various embodiments of the present invention.
  • control logic or software implementing the present invention can be stored in main memory 350, mass storage device 325, or other storage medium locally or remotely accessible to processor 340.
  • Other storage media may include floppy disks, memory cards, flash memory, or CD- ROM drives.
  • the software of the present invention may also be embodied in a handheld or portable device containing a subset of the computer hardware components described above.
  • the handheld device may be configured to contain only the bus 345, the processor 340, and memory 350 and /or 325.
  • the handheld device may also be configured to include a set of buttons or input signaling components with which a user may select from a set of available options.
  • the handheld device may also be configured to include an output apparatus such as a liquid crystal display (LCD) or display element matrix for displaying information to a user of the handheld device. Conventional methods may be used to implement such a handheld device.
  • LCD liquid crystal display
  • Conventional methods may be used to implement such a handheld device.
  • the implementation of the present invention for such a device would be apparent to one of ordinary skill in the art given the disclosure of the present invention as provided herein.
  • FIG 4 is an illustration of one embodiment of a compact disc in accordance with the present invention.
  • the compact disc 410 includes three regions, Red Book, Yellow Book, and Gold format. As discussed above, the Red Book area and the Yellow Book area are optional.
  • the CD 410 may include a Red Book compliant region 420.
  • the Red Book region 420 is an SDMI compliant Red Book format. It contains audio-tracks.
  • the Red Book tracks 420 are clear text, i.e. not compressed or encrypted.
  • the Red Book data is watermarked. As will be discussed below, the watermarks may include a strong watermark and a fragile watermark. This is discussed in the SDMI standard, and is known in the art.
  • the Red Book format 420 is playable in all devices, and readable in devices that can read Red Book format.
  • the compact disc 410 may further include a Yellow Book portion 430.
  • the Yellow Book portion 430 includes pre-ripped and compressed audio tracks.
  • the Yellow Book data 430 is also pre-encrypted, such that only the trusted client application can access the Yellow Book data 430. However, there is no need to purchase a new drive in order to access the Yellow Book data 430.
  • the encryption may be a public key (PKI) encryption, or an alternative type of encryption.
  • PKI public key
  • Providing the Yellow Book tracks 430 eliminates the need for a user to personally rip the Red Book tracks 420, and provides a faster method of accessing ripped tracks.
  • the disc 410 prevents access to the ripped tracks by any application that does not know how to decrypt the tracks 430. Therefore, security is maintained.
  • the Yellow Book area 430 may further includes a copy of the trusted client application, which may be uploaded from disc 410. This provides the advantage of assuring that a copy of the trusted client application is available to the user, whenever he or she wishes to use it.
  • the start-up function determines whether the trusted client application already exists, and prompts the user to install the trusted client application if it does not exist.
  • the Yellow Book area 430 may include other ancillary information or content.
  • the compact disc 410 further includes Gold Format data 440.
  • the Gold Format data 440 is encrypted and compressed. Gold Format data 440 is only accessible by the new drive, which knows how to access the Gold Format data 440.
  • the Gold Format data 440 may be made inaccessible to legacy drives by having a different synch, having a different error correction method, or by other means.
  • the Gold Format data 440 is also encrypted, and thus interacts only with trusted client applications.
  • the Gold Format data 440 may provide additional enhanced tracks, such as audio tracks with a higher sampling rate, additional tracks, or non-audio information. By providing such enhanced data, the user is provided an incentive to purchase a new drive, and thus for converting to the system providing benefits to the user as well as the content provider.
  • the Gold disc 410 is backwards compatible and can be used with the old drives as well as with new drives, and provides data in various formats.
  • FIG. 5 is a block diagram of one embodiment of the compact disc system in accordance with the present invention.
  • the compact disc system includes the drive logic 510, which is part of the Gold drive, and the trusted client application 520, which resides on a computer system or similar system.
  • the drive logic 510 for one embodiment, is implemented in an integrated circuit, or IC. In that way, the logic can not be avoided, when the drive is used. Alternatively, the drive logic 510 may be implemented in other portions of the drive system. For one embodiment drive logic 510 may be firmware, or another format.
  • the drive logic 510 includes gold data processing logic 530.
  • the Gold Format is designed to be readable only by the new drive, which includes the gold data processing logic 530.
  • the gold data processing logic 530 processes the Gold Format data to make a standard trusted client application 520 able to interface with the Gold Format data.
  • the gold data processing logic 530 detects the synch or the error correction of the Gold Format data, and processes it such that the output of the gold data processing logic 530 is in a standard format.
  • the Gold Format data is stored encrypted and compressed on the disc.
  • the Gold Format output 533 is encrypted and compressed, and is passed to trusted client application 520.
  • Yellow book data 536 is, for one embodiment, pre-encrypted and compressed on disc 410, and thus is passed directly to the trusted client application 520.
  • Yellow book data 536 may be unencrypted, and may be encrypted by encryption logic 540.
  • Red book data 539 may be ripped from the disc 410.
  • Red book data 539 is encrypted by encryption logic 540 in drive logic 510.
  • encryption logic 540 encrypts Red Book data 539 using a public key encryption. Alternative means for encryption may be used.
  • the Red Book data 539 may be passed to the client application 520 unencrypted.
  • Drive logic 510 further may include authentication logic 545.
  • Authentication logic 545 makes sure that the drive is talking to a trusted application 520.
  • the drive is disabled and does not work without a trusted application 520.
  • the drive retains certain functionality without the presence of trusted application 520.
  • the drive may play Red Book data, but not upload the encrypted Yellow Book or Gold Format data.
  • authentication logic 545 may further validate that the client application is a trusted application prior to permitting copies to be made.
  • the drive continues to perform all data and backup operations in the absence of trusted client application 520, but will only perform limited numbers or types of music applications.
  • a digital signature is received from the trusted client application 520, authenticating the trusted client application 520.
  • the authentication logic 545 may further prevent unauthorized importation of music to the drive by requesting that the user enter a serial number during importation. Other methods of authenticating data may be used.
  • the Gold 533, Yellow 536, and/or Red book data 539 are passed to the trusted client application 520.
  • the data is passed in response to a user request.
  • the requested data types are passed to the client application 520.
  • the trusted client application 520 includes decryption logic 550.
  • Decryption logic 550 decrypts the pre-encrypted Gold Format and/or Yellow book data, and/or the Red book data 539 encrypted by encryption logic 540.
  • decryption logic 550 uses a public key infrastructure.
  • Decryption logic 550 passes Yellow book and Gold Format data to decompression logic 560. Red book data is ripped from disc 410 uncompressed, and therefore is passed directly to strong watermark detection logic 570. Yellow book and Gold Format data are decompressed, and passed to the strong watermark detection logic 570.
  • Strong watermark detection logic 570 determines whether the CD had a watermark, e.g. whether the CD is SDMI compliant. If the CD is SDMI compliant, the strong watermark detection logic 570 passes the data on to fragile watermark filter. For one embodiment, for non-compliant CDs, the strong watermark detection logic 570 places a strong watermark into the data. Thus, for one embodiment, the data passed to the fragile watermark filter 580 always includes a strong watermark.
  • the fragile watermark filter 580 removes the fragile watermark from the data.
  • the fragile watermark is designed to be broken whenever a lossy compression is performed on the data.
  • fragile watermark filter 580 removes the fragile watermark without the need for a lossy compression.
  • the output from the fragile watermark filter 580 never has the fragile watermark.
  • the output from the fragile watermark filter 580 which includes a strong watermark but no fragile watermark, may be passed to the CD or an output device. For one embodiment, if it is passed to another CD, it returns to drive logic 510, where authentication is performed by authentication logic 545, as described above.
  • Trusted client application 520 may further include serial copy management system (SCMS) logic 595.
  • SCMS logic 595 adds subcode data to any copies made using the trusted application 520.
  • the SCMS logic 595 tests authentication information on an original disc, and if a copy is made, the SCMS logic 595 alters information to indicate that the disc is a copy.
  • the original disc may have identifier "01", while the copy would have identifier "10". In this way, when a user attempts to make an additional copy from the copy, the trusted client application 520 could refuse permission to make such a copy.
  • the user would be permitted to make only a certain number of copies.
  • the SCMS logic 595 may further prevent unauthorized importation of music to the drive by requesting that the user enter a serial number during importation.
  • Other methods of authenticating data may be used.
  • the data is passed to re-encryption logic 590 and is encrypted before it is passed to storage device. For one embodiment, this only occurs if the user wishes to store the Yellow Book or Gold Format data. If the user wishes to store Red Book clear text data, this step may be skipped.
  • This method using a combination of the new drive logic 510 and a trusted client application 520 increases user options and security for content providers.
  • Figure 6 is a chart illustrating the interaction between the compact discs and players of various formats.
  • the horizontal axis lists the old (legacy) drive and the Gold drive.
  • the Gold drive includes the encryption logic and gold data processing logic described above.
  • the vertical axis lists the CD formats, the Red Book (old) CD, and the Gold CD.
  • the Gold CD may include the Red Book and Yellow Book data as well as the Gold Format data.
  • the first Quadrant illustrates the Legacy drive with the legacy CD format.
  • the player can play the Red Book audio tracks.
  • the user can further rip the Red Book CD tracks.
  • This is unsure, unsecure, and tedious.
  • the user can also copy the CD, and generate a compilation CD.
  • the ripped tracks can be transferred to a portable device, and the tracks can be posted to the web or e-mailed. As can be seen, this is disadvantageous to the user, requiring ripping of tracks, and disadvantageous to the content provider, permitting unsecure copies, compilations, and e-mailing of tracks.
  • the third Quadrant illustrates the Legacy drive with the Gold CD.
  • the legacy drive provides the same functionalities as described in Quadrant I. If a trusted client software is provided, however, the user can retrieve the pre- compressed and encrypted Yellow Book format tracks. This provides a faster transfer of data, improved error correction, and no need for ripping the tracks.
  • the user can create secure Red Book copies, compilation CDs, and transfers to portable devices. Note that the user can also use the standard Red Book tracks, and perform the same actions as described above in Quadrant I.
  • the second Quadrant illustrates the Gold drive with the legacy CD format.
  • the Gold drive encrypts the outgoing Red Book data and thus forces the use of a trusted client application. Since no wild applications can be used, the ripping, copying, compilation, and transfer to portable device are all secured by the trusted application. This provides an advantage to the content provider.
  • the fourth Quadrant illustrates the new Gold drive with the Gold CD.
  • This provides the benefits described with respect to Quadrant II, and further provides access to the Gold Format data. This may provide improved audio quality, access to additional tracks, and access to additional collateral information.
  • the functionalities and benefits described with respect to Figure 6 are exemplary. Not all of these benefits are needed to provide a Gold disc format.
  • the Gold Format data may not include additional tracks, but remain a Gold disc, if at least some data is only readable using a Gold drive, and if there is also "standard" format data on the disc.
  • Red Book and Yellow Book are used, the data does not have to be compliant with these formats. Rather, the Gold disc provides data in at least two formats, one readable by a legacy drive and one readable only by the improved Gold drive.
  • Figure 7 is a diagram of one embodiment of the compact disc system using the new drive and the new disc format.
  • the disc 410 is inserted into the Gold drive 740. If the user is accessing the Red Book tracks, the data is passed through encryption 750, and the ripped Red Book data is passed on to the Wild Application 760 and /or Trusted SDMI application 770. Because the Red Book data is encrypted by encryption logic 750, the Wild application 760 can not read the data. The Yellow Book data and Gold Format data are stored in encrypted form on disc 410. Therefore, wild application 760 can not access any of the tracks on disc 410. Thus, there can be no wild copies made.
  • the Yellow, Gold, and/or Red Book data is passed to the trusted application 770.
  • the trusted application 770 in turn interfaces with hard drive 780, portable devices, output, and the Internet. For one embodiment, all outputs are encrypted, and can not be captured easily to make copies.
  • the trusted application 770 further may make a copy of the disc 410 at the user's request.
  • the copy 790 is a secure copy, with the fragile watermark removed.
  • an SDMI compliant drive reads the copied disc 790, it will not permit the user to make further copies.
  • the user can make a single archival or compilation copy, but can not make further copies of copy 790.
  • the gold drive 740 and the trusted application 770 make secure reading, storing and copying of discs 410 possible.
  • Figure 8 is a diagram of one embodiment of the compact disc system using a legacy drive and a Gold disc.
  • the disc 410 is inserted into the legacy drive 820. If the user is accessing the Red Book tracks, the data is passed to the wild application 860 or to the trusted application 870. Since the Yellow Book data and Gold Format data are stored in encrypted form on disc 410, they can not be accessed by the wild application 860.
  • the wild application 860 could use the ripped Red Book format tracks, to store the data in hard drive 880, portable device, or to pass it to the Internet or other output.
  • the Yellow Book data is pre-encrypted on the disc, and therefore only accessible to the trusted application 870.
  • the Yellow Book data which is pre-compressed, the user does not need to rip the tracks him or herself. Therefore, using the Yellow Book tracks is the path of least resistance, the easiest to do for the user. Therefore, it is expected that the user will simply use the trusted application 870 and obtain the Yellow Book tracks in that way.
  • the Yellow Book data may be unencrypted on the disc, and may be available to the wild application 860.
  • the user can not access the Gold Format tracks using a legacy drive 820.
  • the trusted application 870 can store data in hard drive 880, portable device, or output the data to sound card. Furthermore, the trusted application 870 can make a secure copy 890, in which the fragile watermark is destroyed. In this way, security is improved by using the Gold disc 410, even with a legacy drive 820.
  • Figure 9 is a flowchart of one embodiment of the new drive interacting with a compact disc. The process starts at block 905, when a disc is inserted into the Gold drive and data is selected for uploading to the client application.
  • the process determines whether there are Red Book tracks on the CD.
  • the Gold discs include Red Book tracks, as well as the Gold Format tracks, and the optional Yellow Book tracks. If there are no Red Book tracks on the CD, the process continues to block 915.
  • the process determines whether there are any Gold Format tracks on the CD. If there are no Gold Format tracks on the CD, the process continues to block 920, and the disc is treated as a legacy CDROM, having only Yellow Book or other proprietary data format content. If there are Gold Format tracks, the process returns to block 940.
  • the process continues to block 925.
  • the process determines whether there are any Gold Format tracks on the CD. If there are no Gold tracks the disc is a legacy disc, and the process continues to block 930.
  • the Red Book tracks are ripped and encrypted using drive specific encryption.
  • the encrypted Red Book tracks are uploaded to the computer. The process then continues to block 950.
  • the Gold Format tracks are processed. As described above, the Gold Format tracks are written such that legacy drives can not read them. This processing alters the Gold Format tracks to make them readable by a standard trusted client application.
  • the processed Gold Format and /or Yellow Book data requested by the user is uploaded to the computer. Because both the Gold Format and Yellow Book data are compressed, this is a fast upload. For one embodiment, if the Gold Format data is not the data selected by the user, only the Yellow Book tracks are uploaded to the computer. If the Gold Format data is improved quality audio data similar to the Yellow Book data, only the Gold Format data may be uploaded. Alternatively, if the Gold Format data provides additional information, such as additional songs, liner notes, video, or peripheral data requested by the user, both the Gold Format and Yellow Book data may be uploaded.
  • the trusted client application is used to securely play the tracks, store them on a hard drive, or transfer them to a portable player.
  • the fragile watermark is filtered /destroyed, if it is present. Furthermore, if the original CD was a non-SDMI compliant CD, a strong watermark is added to the disc. In this way, if the disc is inserted into an SDMI compliant drive, the strong watermark and absence of the fragile watermark indicates to the drive that the disc is a copy.
  • an authentication process determines whether the client application is a trusted client application. For one embodiment, the authentication of the client application is required in order to make a copy. If the application is not a trusted application, for one embodiment, the copy can not be made. For one embodiment, the authentication step may also be performed prior to playing a song, or uploading data.
  • the serial copy management system (SCMS) data is altered for the copy.
  • this indicator is stored on the disc as collateral information.
  • the altered SCMS data indicates that the disc is a copy.
  • the SCMS data indicates the number of copies made.
  • an original CD has the SCMS number 00001.
  • a first copy has the number 00010, while the second copy has the number 00011. In this way, the number of copies made can be tracked.
  • a lockdown may disable the use of the Nth copy.
  • FIG. 10 is a flowchart of one embodiment of a trusted client application interacting with data received from the Gold drive. The process starts at block 1005, when the trusted client application receives data from the Gold drive.
  • the data is decrypted.
  • the Yellow Book and Gold Format data is stored encrypted on the disc, and the Red Book data is encrypted by the drive.
  • the decryption uses a public key cryptography.
  • the process determines whether the tracks received from the drive are Red Book tracks. If the tracks are Red Book tracks, the process continues directly to block 1025. If the tracks are not Red Book tracks, the process continues to block 1020. At block 1020, the data is decompressed. As discussed above, both the Yellow Book and Gold Format data are stored in a compressed format. The process then continues to block 1025.
  • the process determines whether there is a strong watermark on the data. If the disc is SDMI compliant, there is a strong watermark on the disc. However, if the disc is a legacy disc, there may not be a watermark on the disc. If there is no strong watermark, the process continues to block 1030. At block 1030, a strong watermark is added to the data. By adding a strong watermark to the data, subsequent copies can be identified.
  • the fragile watermark is removed from the data.
  • the fragile watermark may be automatically removed when the data is ripped from the disc, if a lossy compression method is used. However, if loss-less compression is used for the ripping, the fragile watermark is removed at block 1035.
  • the process determines whether the data is going to an output device.
  • the output device may be a sound card, a headphone, or another type of output device. If the data is going to an output device, at block 1045, the data is passed to the output device. The process then ends at block 1065.
  • the user may perform another action, such as passing the data to a storage device. Thus, the process, instead of ending, may return to block 1040, if the user wishes to perform further actions with the data.
  • the process continues to block 1050.
  • the process determines whether the data is going to a storage device. If the data is going to a storage device, the process continues to block 1055.
  • the data is encrypted, and passed to the storage device. In this way, whenever the data is stored, it is stored in encrypted form, and only accessible to trusted devices. The process then continues to block 1065.
  • the process continues to block 1060.
  • the data is passed to the Gold drive.
  • the process determines whether the drive is a Gold drive or not, and data is only passed to the drive if the drive is a Gold drive. The process then ends at block 1065.
  • the trusted client application permits a user to access, copy, and store the data, but maintains the data in a secure format, such that the data can not be surreptitiously passed to third parties, and no wild copies of CDs can be made.
  • the system described above permits the use of the compact disc form factor, while removing the need for ripping the disc, and enabling the delivery of collateral information.
  • the compact disc form is attractive since it has a large installed base, supports music and data applications, and has a low cost-per- megabyte.
  • This system provides an enhanced disc that can use the player/reader installed base, but provides an incentive to upgrade to the enhanced drive. In this way, a limited amount of security is provided when the user upgrades to an enhanced disc, with additional benefits as the user upgrades to a trusted client application, and further benefits if the user also upgrades to the enhanced drive. This gradual upgrade push does not alienate users or content providers.

Abstract

A method and apparatus for a secure compact disc system is provided. The system comprises a backward compatible compact disc including a Gold Format area, a drive to read the compact disc, and a client application for receiving data from the drive and for playing, storing, and copying the data. The Gold format data can only be read if the drive is a Gold drive. Furthermore, for one embodiment, the client application can only interface with the Gold drive if the client application is a trusted client application.

Description

SECURE COMPACT DISC TECHNOLOGY FIELD OF THE INVENTION
The present invention relates to compact disc technology, and more specifically, to secure compact disc technology.
BACKGROUND
Compact Disc technology was developed at a time when the Internet as we know it today did not exist. At the time, no thought was given to the security issues faced today by the content industry. However, now, with the advent of the Internet, the security of content provided on compact disc is a problem.
Figure 1 is a block diagram of a prior art system. A compact disc 110 is placed in a legacy drive 120, a standard compact disc drive. The data can then be "ripped," e.g. acquired by a computer system, including a "wild" application 130. Generally ripping data includes generating a digital copy of the data and compressing this digital copy. One example of the compression mechanism used is MP3. The wild application 130 can then pass copies of the data ripped from the original disc 110 to a hard drive 140, a portable device, a sound card, or the Internet. This permits a user to make any number of copies of the tracks ripped from the original disc 110. Furthermore, the wild application 130 can make copied discs 150, which may be used by others. This is disadvantageous to the content providers, since users can create copied discs 150, and distribute content via the Internet. It is also disadvantageous to users because ripping a disc is a tedious, unreliable process.
One prior art solution advanced by the Secure Digital Music Initiative (SDMI) to protect content providers is to add watermarks to compact discs. However, the proposal advanced by the SDMI is limited to lossy compression applications. Currently, most compression mechanisms, such as MP3 are lossy. However, as communication bandwidth increases, the need for lossy compression may be eliminated, and future technologies may use loss-less compression. Furthermore, making a disc copy is a loss-less application, and therefore is not protected against by the SDMI. Therefore, the mechanism proposed by the SDMI is not useful for loss-less compression or making disc copies.
Figure 2 is a block diagram of a prior art system using the SDMI structure. Original CD 210 includes a strong watermark (Swm) and a fragile watermark (Fwm). The disc 210 is placed in legacy drive 220. The data from the original CD 210 may be ripped by both a trusted SDMI application 240, and a wild application 230. Both the wild application 230 and trusted application 240 may interact with hard drive 250, portable devices, as well as sound card or other output mechanism. Furthermore, both the wild application 230 and trusted application 240 can interact with the Internet.
A copy created using the trusted SDMI application 240 is a secured copy 270, which has the strong watermark, but from which the fragile watermark has been peeled. In this way, when a trusted application 240 receives as an input the data from a secured copy 270, the trusted application 240 recognizes the secure copy 270 as a copy of an original disc. However, the wild application 230 can also make copies. The wild application 230 can make a bit-by-bit copy of the original 210, resulting in a wild copy 260 that includes the strong and the fragile watermarks. Thus, the trusted application 240 can not differentiate between a wild copy 260 and an original 210.
By using a wild application 230, one that does not use lossy compression, an original SDMI compliant CD 210 may be copied. This is disadvantageous to content providers. Furthermore, users must still do the ripping, which is a tedious, unreliable process.
Another prior art solution is to evolve to other more secure formats, such as DVD-Audio, Super Audio CD, Flash memory cards, or other formats. However, using such formats requires the purchase of new hardware by customers. Because the benefits offered to consumers are not great, it is difficult to convince consumers to convert to such a new format. Therefore, market penetration may take many years, and this is not a solution that is currently useful.
SUMMARY OF THE INVENΗON
A method and apparatus for a secure compact disc system is provided. The system comprises a backward compatible compact disc including a Gold Format area, a drive to read the compact disc, and a client application for receiving data from the drive and for playing, storing, and copying the data. The Gold format data can only be read if the drive is a Gold drive. Furthermore, for one embodiment, the client application can only interface with the Gold drive if the client application is a trusted client application.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which like reference numerals refer to similar elements and in which:
Figure 1 is a diagram of a prior art compact disc system.
Figure 2 is a diagram of a prior art compact disc system using SDMI.
Figure 3 is a block diagram of one embodiment of a computer system.
Figure 4 is an illustration of one embodiment of a compact disc in accordance with the present invention.
Figure 5 is a block diagram of one embodiment of the compact disc system in accordance with the present invention.
Figure 6 is a chart illustrating the interaction between the compact discs and players of various formats.
Figure 7 is a diagram of one embodiment of the compact disc system using the new drive and the new disc format.
Figure 8 is a diagram of one embodiment of the compact disc system using a legacy drive and the new disc format.
Figure 9 is a flowchart of one embodiment of the new drive interacting with a compact disc. Figure 10 is a flowchart of one embodiment of a trusted client application interacting with data received from the new drive.
DETAILED DESCRIPTION
A secure compact disc (CD) system is described. The secure CD system includes a backward compatible enhanced compact disc format. The enhanced compact disc format includes an area on the CD that can only be read by a new drive. For simplicity, this area is termed as the "Gold Format" for the remainder of this application, and the CD including this area is termed a "Gold CD."
By providing additional benefits for using the Gold Format data, the user is provided an incentive to purchase a new drive. These additional benefits may be additional data, such as songs, liner notes, videos, etc, better audio quality, or other benefits. The Gold CD further includes, for one embodiment, data in the standard Red Book audio format, which may be read by any drive. For one embodiment, the Gold CD may further include a Yellow Book format copy of the data, which may be pre-compressed and encrypted. Thus, the Gold CDs include the Gold Format data, and the Red Book and /or Yellow Book data. For one embodiment, the Red Book area may be eliminated, leaving more space for compressed and other content.
The new drive includes embedded security mechanisms that prevent unsecure copies of the Gold Format data from being made. Furthermore, the new drive interacts only with secure client software. In this way, no wild applications may be used to make a bit-by-bit copy of the data on the CD. This architecture and format is consistent with SDMI and CPSA architectures.
Figure 3 is a block diagram of one embodiment of a computer system. It will be apparent to those of ordinary skill in the art, however that other alternative systems of various system architectures may also be used.
The data processing system illustrated in Figure 3 includes a bus or other internal communication means 345 for communicating information, and a processor 340 coupled to the bus 345 for processing information. The system further comprises a random access memory (RAM) or other volatile storage device 350 (referred to as memory), coupled to bus 345 for storing information and instructions to be executed by processor 340. Main memory 350 also may be used for storing temporary variables or other intermediate information during execution of instructions by processor 340. The system also comprises a read only memory (ROM) and/or static storage device 320 coupled to bus 340 for storing static information and instructions for processor 340, and a data storage device 325 such as a magnetic disc or optical disc and its corresponding disc drive. Data storage device 325 is coupled to bus 345 for storing information and instructions.
The system may further be coupled to a display device 370, such as a cathode ray tube (CRT) or a liquid crystal display (LCD) coupled to bus 345 through bus 365 for displaying information to a computer user. An alphanumeric input device 375, including alphanumeric and other keys, may also be coupled to bus 345 through bus 365 for communicating information and command selections to processor 340. An additional user input device is cursor control device 380, such as a mouse, a trackball, stylus, or cursor direction keys coupled to bus 345 through bus 365 for communicating direction information and command selections to processor 340, and for controlling cursor movement on display device 370.
Another device, which may optionally be coupled to computer system 330, is a communication device 390 for accessing other nodes of a distributed system via a network. The communication device 390 may include any of a number of commercially available networking peripheral devices such as those used for coupling to an Ethernet, token ring, Internet, or wide area network. Note that any or all of the components of this system illustrated in Figure 3 and associated hardware may be used in various embodiments of the present invention.
It will be appreciated by those of ordinary skill in the art that any configuration of the system may be used for various purposes according to the particular implementation. The control logic or software implementing the present invention can be stored in main memory 350, mass storage device 325, or other storage medium locally or remotely accessible to processor 340. Other storage media may include floppy disks, memory cards, flash memory, or CD- ROM drives.
It will be apparent to those of ordinary skill in the art that the methods and processes described herein can be implemented as software stored in main memory 350 or read only memory 320 and executed by processor 340. This control logic or software may also be resident on an article of manufacture comprising a computer readable medium having computer readable program code embodied therein and being readable by the mass storage device 325 and for causing the processor 340 to operate in accordance with the methods and teachings herein.
The software of the present invention may also be embodied in a handheld or portable device containing a subset of the computer hardware components described above. For example, the handheld device may be configured to contain only the bus 345, the processor 340, and memory 350 and /or 325. The handheld device may also be configured to include a set of buttons or input signaling components with which a user may select from a set of available options. The handheld device may also be configured to include an output apparatus such as a liquid crystal display (LCD) or display element matrix for displaying information to a user of the handheld device. Conventional methods may be used to implement such a handheld device. The implementation of the present invention for such a device would be apparent to one of ordinary skill in the art given the disclosure of the present invention as provided herein.
Figure 4 is an illustration of one embodiment of a compact disc in accordance with the present invention. The compact disc 410 includes three regions, Red Book, Yellow Book, and Gold format. As discussed above, the Red Book area and the Yellow Book area are optional. The CD 410 may include a Red Book compliant region 420. For one embodiment, the Red Book region 420 is an SDMI compliant Red Book format. It contains audio-tracks. For one embodiment, the Red Book tracks 420 are clear text, i.e. not compressed or encrypted. For one embodiment, the Red Book data is watermarked. As will be discussed below, the watermarks may include a strong watermark and a fragile watermark. This is discussed in the SDMI standard, and is known in the art. The Red Book format 420 is playable in all devices, and readable in devices that can read Red Book format.
The compact disc 410 may further include a Yellow Book portion 430. The Yellow Book portion 430 includes pre-ripped and compressed audio tracks. For one embodiment, the Yellow Book data 430 is also pre-encrypted, such that only the trusted client application can access the Yellow Book data 430. However, there is no need to purchase a new drive in order to access the Yellow Book data 430. For one embodiment, the encryption may be a public key (PKI) encryption, or an alternative type of encryption. Providing the Yellow Book tracks 430 eliminates the need for a user to personally rip the Red Book tracks 420, and provides a faster method of accessing ripped tracks. However, by pre- encrypting the Yellow Book tracks 430, the disc 410 prevents access to the ripped tracks by any application that does not know how to decrypt the tracks 430. Therefore, security is maintained.
For one embodiment, the Yellow Book area 430 may further includes a copy of the trusted client application, which may be uploaded from disc 410. This provides the advantage of assuring that a copy of the trusted client application is available to the user, whenever he or she wishes to use it. For one embodiment, when the user first inserts disc 410 into the drive, the start-up function determines whether the trusted client application already exists, and prompts the user to install the trusted client application if it does not exist. Furthermore, the Yellow Book area 430 may include other ancillary information or content. The compact disc 410 further includes Gold Format data 440. The Gold Format data 440 is encrypted and compressed. Gold Format data 440 is only accessible by the new drive, which knows how to access the Gold Format data 440. For one embodiment, the Gold Format data 440 may be made inaccessible to legacy drives by having a different synch, having a different error correction method, or by other means. The Gold Format data 440 is also encrypted, and thus interacts only with trusted client applications. Furthermore, the Gold Format data 440 may provide additional enhanced tracks, such as audio tracks with a higher sampling rate, additional tracks, or non-audio information. By providing such enhanced data, the user is provided an incentive to purchase a new drive, and thus for converting to the system providing benefits to the user as well as the content provider.
In this way, the Gold disc 410 is backwards compatible and can be used with the old drives as well as with new drives, and provides data in various formats.
Figure 5 is a block diagram of one embodiment of the compact disc system in accordance with the present invention. The compact disc system includes the drive logic 510, which is part of the Gold drive, and the trusted client application 520, which resides on a computer system or similar system.
The drive logic 510, for one embodiment, is implemented in an integrated circuit, or IC. In that way, the logic can not be avoided, when the drive is used. Alternatively, the drive logic 510 may be implemented in other portions of the drive system. For one embodiment drive logic 510 may be firmware, or another format.
The drive logic 510 includes gold data processing logic 530. As discussed above the Gold Format is designed to be readable only by the new drive, which includes the gold data processing logic 530. The gold data processing logic 530 processes the Gold Format data to make a standard trusted client application 520 able to interface with the Gold Format data. For one embodiment, the gold data processing logic 530 detects the synch or the error correction of the Gold Format data, and processes it such that the output of the gold data processing logic 530 is in a standard format. For one embodiment, the Gold Format data is stored encrypted and compressed on the disc. For another embodiment, the Gold Format output 533 is encrypted and compressed, and is passed to trusted client application 520.
Yellow book data 536 is, for one embodiment, pre-encrypted and compressed on disc 410, and thus is passed directly to the trusted client application 520. For another embodiment, Yellow book data 536 may be unencrypted, and may be encrypted by encryption logic 540.
Red book data 539 may be ripped from the disc 410. For one embodiment, Red book data 539 is encrypted by encryption logic 540 in drive logic 510. For one embodiment, encryption logic 540 encrypts Red Book data 539 using a public key encryption. Alternative means for encryption may be used. For another embodiment, the Red Book data 539 may be passed to the client application 520 unencrypted.
Drive logic 510 further may include authentication logic 545. Authentication logic 545 makes sure that the drive is talking to a trusted application 520. For one embodiment, the drive is disabled and does not work without a trusted application 520. For another embodiment, the drive retains certain functionality without the presence of trusted application 520. For example, the drive may play Red Book data, but not upload the encrypted Yellow Book or Gold Format data.
For one embodiment, authentication logic 545 may further validate that the client application is a trusted application prior to permitting copies to be made. For one embodiment, the drive continues to perform all data and backup operations in the absence of trusted client application 520, but will only perform limited numbers or types of music applications. For one embodiment, a digital signature is received from the trusted client application 520, authenticating the trusted client application 520. For one embodiment, the authentication logic 545 may further prevent unauthorized importation of music to the drive by requesting that the user enter a serial number during importation. Other methods of authenticating data may be used.
The Gold 533, Yellow 536, and/or Red book data 539 are passed to the trusted client application 520. Generally, the data is passed in response to a user request. The requested data types are passed to the client application 520.
The trusted client application 520 includes decryption logic 550. Decryption logic 550 decrypts the pre-encrypted Gold Format and/or Yellow book data, and/or the Red book data 539 encrypted by encryption logic 540. For one embodiment, decryption logic 550 uses a public key infrastructure.
Decryption logic 550 passes Yellow book and Gold Format data to decompression logic 560. Red book data is ripped from disc 410 uncompressed, and therefore is passed directly to strong watermark detection logic 570. Yellow book and Gold Format data are decompressed, and passed to the strong watermark detection logic 570.
Strong watermark detection logic 570 determines whether the CD had a watermark, e.g. whether the CD is SDMI compliant. If the CD is SDMI compliant, the strong watermark detection logic 570 passes the data on to fragile watermark filter. For one embodiment, for non-compliant CDs, the strong watermark detection logic 570 places a strong watermark into the data. Thus, for one embodiment, the data passed to the fragile watermark filter 580 always includes a strong watermark.
The fragile watermark filter 580 removes the fragile watermark from the data. The fragile watermark is designed to be broken whenever a lossy compression is performed on the data. However, fragile watermark filter 580 removes the fragile watermark without the need for a lossy compression. Thus, the output from the fragile watermark filter 580 never has the fragile watermark. The output from the fragile watermark filter 580, which includes a strong watermark but no fragile watermark, may be passed to the CD or an output device. For one embodiment, if it is passed to another CD, it returns to drive logic 510, where authentication is performed by authentication logic 545, as described above.
Trusted client application 520 may further include serial copy management system (SCMS) logic 595. SCMS logic 595, for one embodiment, adds subcode data to any copies made using the trusted application 520. For one embodiment, the SCMS logic 595 tests authentication information on an original disc, and if a copy is made, the SCMS logic 595 alters information to indicate that the disc is a copy. For example, the original disc may have identifier "01", while the copy would have identifier "10". In this way, when a user attempts to make an additional copy from the copy, the trusted client application 520 could refuse permission to make such a copy. For another embodiment, the user would be permitted to make only a certain number of copies.
For one embodiment, the SCMS logic 595 may further prevent unauthorized importation of music to the drive by requesting that the user enter a serial number during importation. Other methods of authenticating data may be used.
For one embodiment, if the user wishes to store the data, the data is passed to re-encryption logic 590 and is encrypted before it is passed to storage device. For one embodiment, this only occurs if the user wishes to store the Yellow Book or Gold Format data. If the user wishes to store Red Book clear text data, this step may be skipped.
This method, using a combination of the new drive logic 510 and a trusted client application 520 increases user options and security for content providers.
Figure 6 is a chart illustrating the interaction between the compact discs and players of various formats. The horizontal axis lists the old (legacy) drive and the Gold drive. The Gold drive includes the encryption logic and gold data processing logic described above. The vertical axis lists the CD formats, the Red Book (old) CD, and the Gold CD. The Gold CD may include the Red Book and Yellow Book data as well as the Gold Format data.
The first Quadrant illustrates the Legacy drive with the legacy CD format. In that format, the player can play the Red Book audio tracks. The user can further rip the Red Book CD tracks. However, this is unsure, unsecure, and tedious. The user can also copy the CD, and generate a compilation CD. The ripped tracks can be transferred to a portable device, and the tracks can be posted to the web or e-mailed. As can be seen, this is disadvantageous to the user, requiring ripping of tracks, and disadvantageous to the content provider, permitting unsecure copies, compilations, and e-mailing of tracks.
The third Quadrant illustrates the Legacy drive with the Gold CD. The legacy drive provides the same functionalities as described in Quadrant I. If a trusted client software is provided, however, the user can retrieve the pre- compressed and encrypted Yellow Book format tracks. This provides a faster transfer of data, improved error correction, and no need for ripping the tracks. The user can create secure Red Book copies, compilation CDs, and transfers to portable devices. Note that the user can also use the standard Red Book tracks, and perform the same actions as described above in Quadrant I.
The second Quadrant illustrates the Gold drive with the legacy CD format. For one embodiment, the Gold drive encrypts the outgoing Red Book data and thus forces the use of a trusted client application. Since no wild applications can be used, the ripping, copying, compilation, and transfer to portable device are all secured by the trusted application. This provides an advantage to the content provider.
The fourth Quadrant illustrates the new Gold drive with the Gold CD. This provides the benefits described with respect to Quadrant II, and further provides access to the Gold Format data. This may provide improved audio quality, access to additional tracks, and access to additional collateral information. Note that the functionalities and benefits described with respect to Figure 6 are exemplary. Not all of these benefits are needed to provide a Gold disc format. For example, the Gold Format data may not include additional tracks, but remain a Gold disc, if at least some data is only readable using a Gold drive, and if there is also "standard" format data on the disc. Also, note that although the term Red Book and Yellow Book are used, the data does not have to be compliant with these formats. Rather, the Gold disc provides data in at least two formats, one readable by a legacy drive and one readable only by the improved Gold drive.
Figure 7 is a diagram of one embodiment of the compact disc system using the new drive and the new disc format. The disc 410 is inserted into the Gold drive 740. If the user is accessing the Red Book tracks, the data is passed through encryption 750, and the ripped Red Book data is passed on to the Wild Application 760 and /or Trusted SDMI application 770. Because the Red Book data is encrypted by encryption logic 750, the Wild application 760 can not read the data. The Yellow Book data and Gold Format data are stored in encrypted form on disc 410. Therefore, wild application 760 can not access any of the tracks on disc 410. Thus, there can be no wild copies made.
Note that the functionality described with respect to the Red Book data would be identical if the disc in question were a legacy disc, including only Red Book tracks.
The Yellow, Gold, and/or Red Book data is passed to the trusted application 770. The trusted application 770 in turn interfaces with hard drive 780, portable devices, output, and the Internet. For one embodiment, all outputs are encrypted, and can not be captured easily to make copies.
The trusted application 770 further may make a copy of the disc 410 at the user's request. The copy 790 is a secure copy, with the fragile watermark removed. When an SDMI compliant drive reads the copied disc 790, it will not permit the user to make further copies. Thus, the user can make a single archival or compilation copy, but can not make further copies of copy 790. In this way, the gold drive 740 and the trusted application 770 make secure reading, storing and copying of discs 410 possible.
Figure 8 is a diagram of one embodiment of the compact disc system using a legacy drive and a Gold disc. The disc 410 is inserted into the legacy drive 820. If the user is accessing the Red Book tracks, the data is passed to the wild application 860 or to the trusted application 870. Since the Yellow Book data and Gold Format data are stored in encrypted form on disc 410, they can not be accessed by the wild application 860. The wild application 860 could use the ripped Red Book format tracks, to store the data in hard drive 880, portable device, or to pass it to the Internet or other output.
For one embodiment, the Yellow Book data is pre-encrypted on the disc, and therefore only accessible to the trusted application 870. By using the Yellow Book data, which is pre-compressed, the user does not need to rip the tracks him or herself. Therefore, using the Yellow Book tracks is the path of least resistance, the easiest to do for the user. Therefore, it is expected that the user will simply use the trusted application 870 and obtain the Yellow Book tracks in that way. For another embodiment, the Yellow Book data may be unencrypted on the disc, and may be available to the wild application 860.
The user can not access the Gold Format tracks using a legacy drive 820. The trusted application 870 can store data in hard drive 880, portable device, or output the data to sound card. Furthermore, the trusted application 870 can make a secure copy 890, in which the fragile watermark is destroyed. In this way, security is improved by using the Gold disc 410, even with a legacy drive 820.
Figure 9 is a flowchart of one embodiment of the new drive interacting with a compact disc. The process starts at block 905, when a disc is inserted into the Gold drive and data is selected for uploading to the client application.
At block 910, the process determines whether there are Red Book tracks on the CD. In general, the Gold discs include Red Book tracks, as well as the Gold Format tracks, and the optional Yellow Book tracks. If there are no Red Book tracks on the CD, the process continues to block 915. At block 915, the process determines whether there are any Gold Format tracks on the CD. If there are no Gold Format tracks on the CD, the process continues to block 920, and the disc is treated as a legacy CDROM, having only Yellow Book or other proprietary data format content. If there are Gold Format tracks, the process returns to block 940.
If, at block 910, Red Book tracks were found on the disc, the process continues to block 925. At block 925, the process determines whether there are any Gold Format tracks on the CD. If there are no Gold tracks the disc is a legacy disc, and the process continues to block 930.
At block 930, the Red Book tracks are ripped and encrypted using drive specific encryption. At block 935, the encrypted Red Book tracks are uploaded to the computer. The process then continues to block 950.
If, at block 925 Gold Format tracks were found on the disc, indicating that the disc is a Gold CD, the process continues to block 940.
At block 940, the Gold Format tracks are processed. As described above, the Gold Format tracks are written such that legacy drives can not read them. This processing alters the Gold Format tracks to make them readable by a standard trusted client application.
At block 945, the processed Gold Format and /or Yellow Book data requested by the user is uploaded to the computer. Because both the Gold Format and Yellow Book data are compressed, this is a fast upload. For one embodiment, if the Gold Format data is not the data selected by the user, only the Yellow Book tracks are uploaded to the computer. If the Gold Format data is improved quality audio data similar to the Yellow Book data, only the Gold Format data may be uploaded. Alternatively, if the Gold Format data provides additional information, such as additional songs, liner notes, video, or peripheral data requested by the user, both the Gold Format and Yellow Book data may be uploaded. At block 950, the trusted client application is used to securely play the tracks, store them on a hard drive, or transfer them to a portable player.
At block 955, it is determined whether the user wishes to make a copy of the disc. Note that this decision block is placed at this point for simplicity. The user may initiate this process by indicating that he or she wishes to make a copy. If the user does not indicate the wish to make a copy, the process ends at block 960. Otherwise, the process continues to bock 965.
At block 965, the fragile watermark is filtered /destroyed, if it is present. Furthermore, if the original CD was a non-SDMI compliant CD, a strong watermark is added to the disc. In this way, if the disc is inserted into an SDMI compliant drive, the strong watermark and absence of the fragile watermark indicates to the drive that the disc is a copy.
At block 970, an authentication process determines whether the client application is a trusted client application. For one embodiment, the authentication of the client application is required in order to make a copy. If the application is not a trusted application, for one embodiment, the copy can not be made. For one embodiment, the authentication step may also be performed prior to playing a song, or uploading data.
At block 975, the serial copy management system (SCMS) data is altered for the copy. For one embodiment, this indicator is stored on the disc as collateral information. Thus, if the disc is inserted into a Gold drive, the altered SCMS data indicates that the disc is a copy. Furthermore, for one embodiment, the SCMS data indicates the number of copies made. Thus, for example, an original CD has the SCMS number 00001. A first copy has the number 00010, while the second copy has the number 00011. In this way, the number of copies made can be tracked. For one embodiment, if a certain number of copies is exceeded, a lockdown may disable the use of the Nth copy.
At block 980, a secure copy of the CD is made. The process then ends at block 960. In this way, the system permits a user to listen to tracks, and make secure copies of a disc. Figure 10 is a flowchart of one embodiment of a trusted client application interacting with data received from the Gold drive. The process starts at block 1005, when the trusted client application receives data from the Gold drive.
At block 1010, the data is decrypted. As discussed above, the Yellow Book and Gold Format data is stored encrypted on the disc, and the Red Book data is encrypted by the drive. For one embodiment, the decryption uses a public key cryptography.
At block 1015, the process determines whether the tracks received from the drive are Red Book tracks. If the tracks are Red Book tracks, the process continues directly to block 1025. If the tracks are not Red Book tracks, the process continues to block 1020. At block 1020, the data is decompressed. As discussed above, both the Yellow Book and Gold Format data are stored in a compressed format. The process then continues to block 1025.
At block 1025, the process determines whether there is a strong watermark on the data. If the disc is SDMI compliant, there is a strong watermark on the disc. However, if the disc is a legacy disc, there may not be a watermark on the disc. If there is no strong watermark, the process continues to block 1030. At block 1030, a strong watermark is added to the data. By adding a strong watermark to the data, subsequent copies can be identified.
At block 1035, the fragile watermark is removed from the data. For one embodiment, the fragile watermark may be automatically removed when the data is ripped from the disc, if a lossy compression method is used. However, if loss-less compression is used for the ripping, the fragile watermark is removed at block 1035.
At block 1040, the process determines whether the data is going to an output device. The output device may be a sound card, a headphone, or another type of output device. If the data is going to an output device, at block 1045, the data is passed to the output device. The process then ends at block 1065. For another embodiment, the user may perform another action, such as passing the data to a storage device. Thus, the process, instead of ending, may return to block 1040, if the user wishes to perform further actions with the data.
If the data is not going to an output device, the process continues to block 1050. At block 1050, the process determines whether the data is going to a storage device. If the data is going to a storage device, the process continues to block 1055. At block 1055, the data is encrypted, and passed to the storage device. In this way, whenever the data is stored, it is stored in encrypted form, and only accessible to trusted devices. The process then continues to block 1065.
If the data is not going to a storage device, the process continues to block 1060. At block 1060, to make a secure copy of the disc, the data is passed to the Gold drive. For one embodiment, the process determines whether the drive is a Gold drive or not, and data is only passed to the drive if the drive is a Gold drive. The process then ends at block 1065.
In this way, the trusted client application permits a user to access, copy, and store the data, but maintains the data in a secure format, such that the data can not be surreptitiously passed to third parties, and no wild copies of CDs can be made.
The system described above permits the use of the compact disc form factor, while removing the need for ripping the disc, and enabling the delivery of collateral information. The compact disc form is attractive since it has a large installed base, supports music and data applications, and has a low cost-per- megabyte. This system provides an enhanced disc that can use the player/reader installed base, but provides an incentive to upgrade to the enhanced drive. In this way, a limited amount of security is provided when the user upgrades to an enhanced disc, with additional benefits as the user upgrades to a trusted client application, and further benefits if the user also upgrades to the enhanced drive. This gradual upgrade push does not alienate users or content providers.
In the foregoing specification, the invention has been described with reference to specific exemplary embodiments thereof. It will, however, be evident that various modifications and changes may be made thereto without departing from the broader spirit and scope of the invention as set forth in the appended claims. The specification and drawings are, accordingly, to be regarded in an illustrative rather than a restrictive sense.

Claims

CLAIMSWhat is claimed is:
1. A system comprising a drive, the drive comprising: a tray for receiving a compact disc; an encryption logic to encrypt unencrypted data retrieved from the compact disc; a processing logic to process special data on the compact disc to convert the special data into a readable form.
2. The system of claim 1, further comprising: a recognition logic for recognizing a type of data being retrieved from the compact disc.
3. The system of claim 2, wherein if the data is Red Book compliant data, the encryption logic encrypting the clear text Red Book data.
4. The system of claim 2, wherein if the data is Yellow Book compliant data, the drive passing the pre-encrypted and pre-compressed Yellow Book data directly to a client application.
5. The system of claim 2, wherein if the data is Gold Format compliant data, the drive processing the data to make the data readable by a client application.
6. The system of claim 5, wherein the client is a trusted system.
7. The system of claim 1, further comprising a trusted client system, the trusted client system comprising: a decryption logic to decrypt the data received from the drive; wherein the trusted client system permits a user to play the data, store the data, and copy the data to another disc.
8. The system of claim 7, further comprising: a fragile watermark filter to remove a fragile watermark from the data, the absence of the fragile watermark indicating that the data is a copy, not an original data.
9. The system of claim 1, further comprising a compact disc (CD), the CD comprising: a first area readable with a standard drive; and a second area readable only by a drive including the processing logic.
10. The system of claim 9, wherein the CD comprises a third area that is pre-compressed and pre-encrypted, the further area readable only when a trusted client system is used.
11. The system of claim 9, wherein the data in the third area is in a Yellow Book format.
12. A compact disc (CD) comprising: a first area in a Red Book format, readable in an drive; and a second area in a Gold format readable only in a special drive, the second area encrypted on the CD.
13. The compact disc (CD) of claim 12, wherein the second area is further compressed.
14. The compact disc (CD) of claim 12, further comprising a third area in Yellow book format, the third area compressed on the CD.
15. The compact disc (CD) of claim 14, wherein the third area is further encrypted.
16. The compact disc (CD) of claim 14, wherein the second and the third area are only useable by a trusted client application that has a decryption key.
17. A system comprising: a backward compatible compact disc including a Gold Format area; a drive to read the compact disc; and a client application for receiving data from the drive and for playing, storing, and copying the data; wherein the drive can only read the Gold Format area if the drive is a Gold drive, and the client application can only interface with the Gold drive if the client application is a trusted client application.
18. The system of claim 17, wherein the Gold Format area of the compact disc includes additional features providing an incentive to a user to upgrade the drive.
19. The system of claim 17, wherein the compact disc further includes a Red Book area, readable by any drive.
20. The system of claim 17, wherein the drive further comprises an encryption logic to encrypt data in the Red Book format, prior to passing the data to the client application.
21. The system of claim 17, wherein the trusted client application comprises a decryption logic to decrypt the data received from the drive.
22. The system of claim 21, wherein the trusted client application further comprises: a strong watermark detection logic; and a fragile watermark filter to remove fragile watermarks.
23. The system of claim 17, wherein the system is independent of a watermarking strategy, compression method, and digital rights management system of the compact disc.
PCT/US2001/010136 2000-03-28 2001-03-28 Secure compact disc technology WO2001073567A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001251102A AU2001251102A1 (en) 2000-03-28 2001-03-28 Secure compact disc technology

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US53790100A 2000-03-28 2000-03-28
US09/537,901 2000-03-28

Publications (1)

Publication Number Publication Date
WO2001073567A1 true WO2001073567A1 (en) 2001-10-04

Family

ID=24144579

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/010136 WO2001073567A1 (en) 2000-03-28 2001-03-28 Secure compact disc technology

Country Status (2)

Country Link
AU (1) AU2001251102A1 (en)
WO (1) WO2001073567A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2006133076A2 (en) 2005-06-03 2006-12-14 Warner Bros. Entertainment Inc. System to ensure that all audio-visual optical disc types are properly screened for watermarks
US7409561B1 (en) * 2004-06-09 2008-08-05 Lsi Corporation Piracy protection for combined hardware/software products

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4802152A (en) * 1986-04-07 1989-01-31 U.S. Philips Corporation Compact disc drive apparatus having an interface for transferring data and commands to and from a host controller
US5530752A (en) * 1994-02-22 1996-06-25 Convex Computer Corporation Systems and methods for protecting software from unlicensed copying and use
US5535339A (en) * 1994-02-25 1996-07-09 Goldstar Co., Ltd. Dual processor controlled compact disk-interactive system
US5619731A (en) * 1994-09-23 1997-04-08 Ardent Teleproductions, Inc. Interactive music CD and data
US5764817A (en) * 1994-01-19 1998-06-09 Matsushita Electric Industrial Co., Ltd. Image processing apparatus for effecting a series of processes
US5937159A (en) * 1997-03-28 1999-08-10 Data General Corporation Secure computer system
US6043828A (en) * 1996-03-29 2000-03-28 Cirrus Logic, Inc. Method and apparatus for handling proprietary and non-proprietary formatted compact discs in the same video playback system
US6064764A (en) * 1998-03-30 2000-05-16 Seiko Epson Corporation Fragile watermarks for detecting tampering in images
WO2000057684A2 (en) * 1999-03-27 2000-10-05 Microsoft Corporation Method for obtaining a black box for perfoming decryption and encryption functions in a digital rights management (drm) system
US6154571A (en) * 1998-06-24 2000-11-28 Nec Research Institute, Inc. Robust digital watermarking
US6157720A (en) * 1996-02-28 2000-12-05 Hitachi, Ltd. Method and apparatus for encrypting data
US6229769B1 (en) * 1997-08-18 2001-05-08 Stmicroelectronics N.V. Methods and apparatus for delayed block release in compact disc systems

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4802152A (en) * 1986-04-07 1989-01-31 U.S. Philips Corporation Compact disc drive apparatus having an interface for transferring data and commands to and from a host controller
US5764817A (en) * 1994-01-19 1998-06-09 Matsushita Electric Industrial Co., Ltd. Image processing apparatus for effecting a series of processes
US5530752A (en) * 1994-02-22 1996-06-25 Convex Computer Corporation Systems and methods for protecting software from unlicensed copying and use
US5535339A (en) * 1994-02-25 1996-07-09 Goldstar Co., Ltd. Dual processor controlled compact disk-interactive system
US5619731A (en) * 1994-09-23 1997-04-08 Ardent Teleproductions, Inc. Interactive music CD and data
US6157720A (en) * 1996-02-28 2000-12-05 Hitachi, Ltd. Method and apparatus for encrypting data
US6043828A (en) * 1996-03-29 2000-03-28 Cirrus Logic, Inc. Method and apparatus for handling proprietary and non-proprietary formatted compact discs in the same video playback system
US5937159A (en) * 1997-03-28 1999-08-10 Data General Corporation Secure computer system
US6229769B1 (en) * 1997-08-18 2001-05-08 Stmicroelectronics N.V. Methods and apparatus for delayed block release in compact disc systems
US6064764A (en) * 1998-03-30 2000-05-16 Seiko Epson Corporation Fragile watermarks for detecting tampering in images
US6154571A (en) * 1998-06-24 2000-11-28 Nec Research Institute, Inc. Robust digital watermarking
WO2000057684A2 (en) * 1999-03-27 2000-10-05 Microsoft Corporation Method for obtaining a black box for perfoming decryption and encryption functions in a digital rights management (drm) system

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7409561B1 (en) * 2004-06-09 2008-08-05 Lsi Corporation Piracy protection for combined hardware/software products
WO2006133076A2 (en) 2005-06-03 2006-12-14 Warner Bros. Entertainment Inc. System to ensure that all audio-visual optical disc types are properly screened for watermarks
EP1889164A2 (en) * 2005-06-03 2008-02-20 Warner Bros. Entertainment Inc. System to ensure that all audio-visual optical disc types are properly screened for watermarks
JP2008546128A (en) * 2005-06-03 2008-12-18 ワーナー ブラザーズ エンターテイメント インコーポレイテッド A system that ensures that all audio-visual optical disc formats are properly selected for watermarking
EP1889164A4 (en) * 2005-06-03 2010-10-27 Warner Bros Entertainment Inc System to ensure that all audio-visual optical disc types are properly screened for watermarks
AU2006255207B2 (en) * 2005-06-03 2011-11-03 Warner Bros. Entertainment Inc. System to ensure that all audio-visual optical disc types are properly screened for watermarks
CN101496343B (en) * 2005-06-03 2012-06-27 华纳兄弟娱乐公司 System to ensure that all audio-visual optical disc types are properly screened for watermarks

Also Published As

Publication number Publication date
AU2001251102A1 (en) 2001-10-08

Similar Documents

Publication Publication Date Title
US8750523B2 (en) Interoperable digital rights management
JP4790218B2 (en) Method and apparatus for supplying data set stored in database
US7324974B1 (en) Digital data file encryption apparatus and method
CN1331125C (en) System and method for controlling the use and duplication of digital content distributed on removable media
US7434267B2 (en) Method of preventing reduction of sales amount of records due to a digital music file illegally distributed through communication network
EP1474908A2 (en) METHOD AND SYSTEM FOR SECURELY TRANSMITTING AND DISTRIBUTING INFORMATION AND FOR PRODUCING A PHYSICAL INSTANTIATION OF THE TRANSMITTED INFORMATION IN AN INTERMEDIATE, INFORMATION−STORAGE MEDIUM
EP1163659B1 (en) Protecting compressed content after separation from original source
US20040010691A1 (en) Method for authenticating digital content in frames having a minimum of one bit per frame reserved for such use
US20070106906A1 (en) Digital data storage/reproduction method and device
JP4592398B2 (en) Information recording / reproducing method and apparatus, information recording medium
KR100741482B1 (en) A method of providing a personal informaion processor with caption information corresponding to multimedia contents and a system thereof
KR100320181B1 (en) Encryption method for digital data file
WO2001073567A1 (en) Secure compact disc technology
US20090175445A1 (en) Electronic Device, Home Network System and Method for Protecting Unauthorized Distribution of Digital Contents
JP5175494B2 (en) Encrypted content editing method and content management apparatus
KR101270712B1 (en) A method for protecting digital content by encrypting and decrypting a memory card
KR20040099404A (en) Apparatus and method for rendering user data
CN1777946B (en) Information processing device and method
JP4783159B2 (en) Content storage device, content playback device, content storage program, and content playback program
KR100809664B1 (en) Storage device for storing encoded content and method for providing the content
JP4326776B2 (en) Data recording apparatus, data reproducing apparatus, data output apparatus, and distribution system
RU2273101C2 (en) Method and system for controlling audio data reproduction incorporating editing device and record medium
KR100386238B1 (en) Digital audio copy preventing apparatus and method
Staring et al. Protected data storage system for optical discs
KR20060129581A (en) Method for providing rights management file download service

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP