Digital data file encryption apparatus and method

Abstract
The invention is directed to a digital data delivery system including a digital data server configured to deliver first key encrypted digital data to a source device, and the first key encrypted digital data is encrypted using a first key. The source device is configured to generate decrypted digital data by decrypting the first key encrypted digital data using the first key, generate second key encrypted digital data by encrypting the decrypted digital data using a second key, and deliver the second key encrypted digital data to a digital data playing device. The first key is thereby based on one or more registration attributes of a user of the digital data server, and the second key is based on one or more attributes of the digital data playing device.
Description
BACKGROUND OF THE INVENTION

1. Field of the Invention


The present invention relates in general to preventing a program, which has been transmitted through a computer communication network such as the Internet, from being illegally reproduced. More particularly, the invention relates to an apparatus and method for encrypting a digital data file in such a manner that the digital data file cannot be decrypted even if the encrypted data file is intercepted while being downloaded to a digital data player.


2. Description of the Related Art


MP3 (shorthand for MPEG-1 Layer 3 Audio) is one of various available digital data formats for audio data. An MP3 player is a new notional, portable digital device capable of readily downloading and reproducing desired data from a computer communication network using an audio data compression coding technique prescribed in MPEG-1 Layer 3. The MP3 player has few faults and excellent sound quality because it stores a file in the form of digital data. Further, the MP3 player is small in size and light in weight, thereby assuring high portability such that a user can carry it even during his physical exercise. For these reasons, this product is a viable alternative to a portable cassette tape recorder and compact disk (CD) player.


With reference to FIG. 1, there is shown in block form a conventional arrangement of a digital data player and associated peripheral devices. In this drawing, the reference numeral 10 denotes a digital data server which assigns an identification (ID) number and password (PWD) to a personal computer 20 for user registration, and which also transmits a digital data player 22 in software form to the personal computer 20. Upon receiving a file supply request from the user, the digital data server 10 identifies the user on the basis of an ID number and password entered by him and supplies an encrypted digital data file to the user in accordance with this identification. The personal computer 20 stores the digital data file supplied from the digital data server 10 on a hard disk 21 therein and decrypts it through the downloaded software player 22 to reproduce the resultant unencrypted digital data file or to download it to a digital data playing device 30. The digital data playing device 30 downloads the unencrypted data file from the personal computer 20 and stores it in a memory unit 40 for the reproduction thereof. The memory unit 40 downloads the unencrypted digital data file from the digital data playing device 30 and stores it in its internal memory 42 to output the file for a desired playing operation.


The operation of the conventional arrangement with the above-mentioned construction will now be described.


In order to legally receive a desired digital data file from the digital data server 10, the user has to register with a digital data file supplier. During user registration, the user is assigned with an ID number and password from the digital data file supplier. Then, the user downloads a digital data player 22 in software form from the digital data server 10 through a communication network and installs the downloaded digital data player 22 in the personal computer 20.


Thereafter, to download a desired digital data file from the digital data server 10 through the personal computer 20 and a communication network, the user transmits his ID number and password to the digital data server 10 through the personal computer 20 and communication network. The digital data server 10 identifies the user on the basis of the transmitted ID number and password and supplies the desired digital data file to the user in accordance with the identification. At this time, the digital data server 10 encrypts the digital data file using the user's ID number as an encryption key and transmits the encrypted digital data file to the personal computer 20.


The personal computer 20 stores the digital data file transmitted from the digital data server 10 on the hard disk 21. Then, upon receiving a reproduction request from the user, the personal computer 20 decrypts and reproduces the stored digital data file via the digital data software player 22. As a result, the user is able to listen to desired music through the personal computer 20.


On the other hand, if the user intends to listen to music in a digital data file form using the portable digital data playing device 30, then the personal computer 20 decrypts the digital data file, stored on the hard disk 21 with the digital data software player 22, and sends the decrypted digital data file to the digital data playing device 30 through a download unit 23 therein and a communication network.


Then, the digital data playing device 30 stores the digital data file, sent along the above path, in the memory 42 of the memory unit 40, which is typically in the form of a removable card. If the user requests the digital data player 30 to reproduce the digital data file stored in the memory 42, then the digital data player 30 reads the stored digital data file from the memory 42 and reproduces it through a decoder 32 therein. As a result, the user can listen to desired music anywhere using the digital data player 30.


However, the above-mentioned conventional arrangement has a disadvantage in that the digital data file may be intercepted from the communication network during downloading from the personal computer to the digital data playing device (or from the digital data playing device to the memory card) in an unencrypted condition. Such an interception of the unencrypted digital data file makes it impossible to protect the copyright of a music copyright holder and music copyright associates (for example, a music producer and planner taking charge of music production, duplication and distribution).


SUMMARY OF THE INVENTION

Therefore, the present invention has been made in view of the above problem, and it is an object of the present invention to provide an apparatus and method for encrypting a digital data file in such a manner that an unencrypted digital data file cannot be intercepted in the process of being downloaded from a personal computer to a digital data player and, in turn, from the digital data player to a memory card.


It is another object of the present invention to provide a digital data file encryption apparatus and method which are capable of encrypting an encryption key itself in such a manner that, even when the encryption key is extracted from an encrypted digital data file, the key cannot be decrypted and the digital data file cannot thus be decrypted.


In accordance with one aspect of the present invention, there is provided an encryption apparatus for decrypting an encrypted digital data file from a server, including a digital data playing device for receiving the encrypted digital data file, storing the encrypted digital data file in a data storage medium, and decrypting the stored digital data file using an encryption key, wherein the encryption key is generated on the basis of an identification number of the data storage medium or an identification number of the digital data playing device.


In accordance with another aspect of the present invention, there is provided a method for encrypting or decrypting a digital data file, including adding a first internal key to an identification number of a digital data player or an identification number of a data storage medium associated therewith, thereby generating a first encryption key; and encrypting or decrypting the digital data file based on the first encryption key.


In accordance with another aspect of the present invention, there is provided a program (or script) embodied on a computer-readable medium for encrypting or decrypting a digital data file, the computer-readable-medium-embodied program including a first program code segment to input an identification number of a digital data player or a data storage medium associated with the digital data player; a second program code segment to add a first internal key to the inputted identification number to convert the identification number into a first encryption key; and a third program code segment to encrypt or decrypt a digital data file based on the first encryption key.




BRIEF DESCRIPTION OF THE DRAWINGS

The above and other objects, features and advantages of the present invention will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which:



FIG. 1 is a block diagram of a conventional arrangement of a digital data player and the associated peripheral devices;



FIG. 2 is a block diagram of a digital data file encryption apparatus for a digital data player in accordance with the present invention; and



FIG. 3 is a block diagram illustrating a method for encrypting and decrypting a digital data file in a digital data player in accordance with the present invention.




DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

With reference to FIG. 2, there is shown in block form the construction of a digital data file encryption apparatus for a digital data player in accordance with the present invention. The operation of the digital data file encryption apparatus according to the present invention will hereinafter be described in detail.


First, the user must register with a digital data file supplier to legally receive a desired digital data file from a digital data server 110. During user registration, the user is assigned with an ID number and password (PWD) from the digital data file supplier. Then, the user downloads a digital data player 122 in a software form from the digital data server 110 through a communication network and installs the downloaded digital data player 122 in a personal computer 120. An encryption/decryptor 123 and the encryption/download unit 124, also in software form, may be downloaded and installed in the personal computer 120 at the same time as the player 122, if they have not been previously installed.


Thereafter, the user transmits his ID number and password to the digital data server 110 through the personal computer 120 and communication network to download a desired digital data file from the digital data server 110. The digital data server 110 identifies the user on the basis of the transmitted ID number and password and supplies the desired digital data file to the user in accordance with the identified result. At this time, the digital data server 110 encrypts the digital data file using the user's ID number as a first encryption key and transmits the encrypted digital data file to the personal computer 120. The personal computer 120 stores the digital data file transmitted from the digital data server 110 on a hard disk 121 therein. Then, upon receiving a reproduction request from the user, the personal computer 120 decrypts and reproduces the stored digital data file through the digital data software player 122 using the first encryption key. As a result, the user can listen to desired music through the personal computer 120.


On the other hand, when the user intends to listen to music in a digital data file form using a digital data playing device 130, the personal computer 120 reads an ID number of a removable data storage medium 140 (or of the playing device 130, or some combination thereof) through the digital data playing device 130 and an interconnecting communication network and generates a second encryption key on the basis of the read ID number. At this time, the digital data playing device 130 generates the same second encryption key using the ID number of the data storage medium 140 (or playing device 130), in a similar manner as the personal computer 120.


In the personal computer 120, an encryption/decryptor 123 decrypts the digital data file, which is stored on the hard disk 121, using the first encryption key. An encryption/download unit 124 re-encrypts the decrypted digital data file from the encryption/decryptor 123 using the second encryption key and sends the re-encrypted digital data file to the digital data playing device 130 through the communication network.


The digital data playing device 130 stores the re-encrypted digital data file downloaded from the personal computer 120 in a memory 142 of the removable data storage medium 140. If the user requests the digital data playing device 130 to reproduce the digital data file stored in the memory 142, then the digital data playing device 130 reads the stored digital data file from the memory 142 and reproduces it through a decoder 132 therein. At this time, the digital data file read from the data storage medium 140 has to be decrypted for the reproduction using the second encryption key.


To this end, in the digital data playing device 130, a microcomputer 131 decrypts the digital data file read from the data storage medium 140 using the second encryption key generated on the basis of the ID number of the data storage medium 140 and outputs the decrypted digital data file to an output line through the decoder 132.


As a result, the user can listen to desired music anywhere using the digital data playing device 130, and interception of the unencrypted digital data file can be prevented during downloading.


There may be various methods for generating the encryption key using the ID number of the data storage medium 140. For example, a 16-byte encryption key (E-K) may be generated including three bytes representing a manufacturing company name, twelve bytes representing a serial number (SN) of the data storage medium 140 and one byte arbitrarily set in the system. A similar method may be used for generating an E-K using the playing device 130. As shown in FIG. 2, the 16-byte E-K generated by the playing device 130 may be transmitted to the encryption/download unit 124 through the interconnecting communication network and used to encrypt the data from the encryption/decryptor 123.



FIG. 3 is a block diagram illustrating a method for encrypting and decrypting a digital data file in a digital data player in accordance with the present invention. First, a portable MP3 playing device 2 is connected to a personal computer 1 via an interface (not shown) to download a desired digital data file from the personal computer 1. Then the personal computer 1 requests and inputs information regarding an ID number 7 (serial number) of the MP3 playing device 2 or the associated memory (not shown) using a control command based on a communication convention between the two devices.


The personal computer 1 utilizes the inputted ID number 7 of the MP3 playing device 2 or its media as a user authentication number, resulting in no need for a separate user authentication process. In order to prevent hacking (i.e., circumvention of the authentication by way of software), the personal computer 1 adds a first internal key 3 based on a convention between the two devices (or based on an initiation number associated with the personal computer 1 or the MP3 playing device 2) to the inputted ID number 7 in order to convert the inputted ID number 7 into an encryption key. In this manner, the ID number of the MP3 playing device 2 or the associated memory can be used as an encryption key. Although one first internal key is described, two or more first internal keys 3 may be used according to the convention between the two devices to make decryption more difficult.


It should be noted that a converted encryption key has conventionally been used to encrypt a digital data file. However, in the present invention, the converted encryption key itself is encrypted according to an encryption algorithm 5 applied with a second internal key 4 based on the convention between the two devices. Then the encrypted key is used to encrypt a digital data file.


Although a key encryption algorithm, not a file encryption algorithm, may be applied to encrypt the encryption key, it is preferred that the file encryption algorithm 5 be applied in consideration of low-execution capability of a microprocessor (not shown) used in the portable MP3 playing device 2. Use of the file encryption algorithm 5 results in a reduction in size of a program memory for algorithm storage and an increase in processing efficiency. Because the ID number 7 of the storage medium or playing device is added with the first internal key 3 and the resultant encryption key is encrypted according to the encryption algorithm 5 based on the second internal key 4 in the above manner, it is impossible to recognize the encryption key itself during transmission from the computer 1 to the playing device 2. A subsequent operation is performed by encryption algorithm 5 in a conventional manner to encrypt a digital data file using the encrypted encryption key and send the encrypted digital data file to the portable MP3 playing device 2.


In the same manner as the personal computer 1, the portable MP3 playing device 2 generates the same encrypted encryption key by adding the first internal key 3 to the ID number 7 of the device (or memory) and encrypting the resultant encryption key according to the encryption algorithm 5 using the second internal key 4. Then, upon receiving the encrypted digital data file from the personal computer 1, the portable MP3 player 2 decrypts the received digital data file according to a decryption algorithm 6 based on the encrypted encryption key and outputs the resultant decrypted MP3 file through a decoder 8.


As apparent from the above description, according to the present invention, both the personal computer and digital data player generate the same encryption key using an ID number 7 of the memory card (or of the MP3 player). A digital data file is encrypted on the basis of the generated encryption key in such a manner that it interception of an unencrypted data file can be prevented during downloading. In particular, the encryption key itself is encrypted. Therefore, even when the encryption key is extracted during transmission, it cannot be decrypted, and the digital data file can thus be prevented from being hacked (i.e., decoded using an illicitly obtained encryption key).


Although the preferred embodiments of the present invention have been disclosed for illustrative purposes, those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.

Claims
  • 1. A digital data delivery system, comprising: a digital data server configured to deliver first key encrypted digital data to a source device, wherein the first key encrypted digital data is encrypted using a first key; and the source device configured to generate decrypted digital data by decrypting the first key encrypted digital data using the first key, generate second key encrypted digital data by encrypting the decrypted digital data using a second key, and deliver the second key encrypted digital data to a digital data playing device, wherein the first key is based on one or more registration attributes of a user of the digital data server, and wherein the second key is based on one or more attributes of the digital data playing device.
  • 2. The digital data delivery system of claim 1, wherein the attributes of the digital data playing device include at least one of a manufacturer of the digital data playing device, a serial number of the digital data playing device, and an ID of a storage medium of a memory unit utilized by the digital data playing device.
  • 3. The digital data delivery system of claim 2, wherein the storage medium of the memory unit is removable.
  • 4. The digital data delivery system of claim 1, wherein the digital data server is configured to provide an encryption/download unit software to the source device, and wherein the source device is configured to generate the second key encrypted digital data using the encryption/download unit software.
  • 5. The digital data delivery system of claim 1, wherein the digital data server is configured to provide an encryption/decryptor software to the source device, and wherein the source device is configured to decrypt the first key encrypted digital data using the encryption/decryptor software.
  • 6. The digital data delivery system of claim 1, wherein the source device is configured to generate the second key by combining the one or more attributes of the digital data playing device with one or more first internal keys and a second internal key.
  • 7. The digital data delivery system of claim 6, wherein the source device is configured to generate the second key by: summing the one or more first internal keys to the one or more attributes of the digital data playing device to generate an internal encryption key, and generating the second key by converting the internal encryption key according to an encryption algorithm using a second internal key.
  • 8. The digital data delivery system of claim 7, wherein the encryption algorithm is based on a convention between the source device and the digital data playing device.
  • 9. The digital data delivery system of claim 6, wherein the digital data playing device is configured to generate the second key and to decrypt the second key encrypted data from the source device using the second key.
  • 10. The digital data delivery system of claim 1, wherein the digital data playing device is configured to generate the second key by combining the one or more attributes of the digital data playing device with one or more first internal keys and a second internal key.
  • 11. The digital data delivery system of claim 10, wherein the digital data playing device is configured to generate the second key by: summing the one or more first internal keys to the one or more attributes of the digital data playing device to generate an internal encryption key, and generating the second key by converting the internal encryption key according to an encryption algorithm using a second internal key.
  • 12. The digital data delivery system of claim 10, wherein the digital data playing device is configured provide the second key to the source device.
  • 13. The digital data delivery system of claim 1, wherein the digital data server delivers the first key encrypted digital file to the source device via a first network, and wherein the source device delivers the second key encrypted digital file to the digital data playing device via a second network.
  • 14. A source device for digital data delivery, comprising: a storage configured to store first key encrypted digital data from a digital data server; an encryption/decryptor configured to generate decrypted digital data by decrypting the first key encrypted digital data using a first key; and an encryption/download unit configured to generate second key encrypted digital data by encrypting the decrypted digital data using a second key and to deliver the second key encrypted digital data to a digital data playing device, wherein the first key is based on one or more registration attributes of a user of the source device, and wherein the second key is based on one or more attributes of the digital data playing device.
  • 15. The source device of claim 14, wherein the attributes of the digital data playing device include at least one of a manufacturer of the digital data playing device, a serial number of the digital data playing device, and an ID of a storage medium of a memory unit utilized by the digital data playing device.
  • 16. The source device of claim 15, wherein the storage medium of the memory unit is removable.
  • 17. The source device of claim 14, wherein the source device is configured to receive the encryption/download unit from the digital data server in a software form.
  • 18. The source device of claim 14, wherein the source device is configured to receive the encryption/decryptor from the digital data server in a software form.
  • 19. The source device of claim 14, wherein the encryption/download unit is configured to generate the second key by combining the one or more attributes of the digital data playing device with one or more first internal keys and a second internal key.
  • 20. The source device of claim 19, wherein the encryption/download unit is configured to generate the second key by: summing the one or more first internal keys to the one or more attributes of the digital data playing device to generate an internal encryption key, and generating the second key by converting the internal encryption key according to an encryption algorithm using a second internal key.
  • 21. The source device of claim 20, wherein the encryption algorithm is based on a convention between the source device and the digital data playing device.
  • 22. The source device of claim 14, wherein the source device is configured to receive the second key from the digital data playing device.
  • 23. The source device of claim 14, wherein the source device receives the first key encrypted digital file from the digital data server via a first network, and wherein the source device delivers the second key encrypted digital file to the digital data playing device via a second network.
Priority Claims (2)
Number Date Country Kind
4483/1999 Feb 1999 KR national
4493/1999 Feb 1999 KR national
CROSS REFERENCE TO RELATED APPLICATIONS

This is a Divisional Application of pending U.S. application Ser. No. 09/499,633 filed on Feb. 8, 2000, which claims priority under 35 U.S.C. §119(a) to Patent Application No. 4483/1999 and No. 4493/1999 filed in the Republic of Korea on Feb. 9, 1999, respectively, the entire contents of which is hereby incorporated by reference in its entirety.

Divisions (1)
Number Date Country
Parent 09499633 Feb 2000 US
Child 11979690 Nov 2007 US