Patent Application
20100158255
The present invention claims priority of Korean Patent Application No. 10-2008-0130703, filed on Dec. 19, 2008, which is incorporated herein by reference.
1. Field of the Invention
The present invention relates to protection of a broadcasting program; and, more particularly, to a method and system for storing encryption key information and package key information for decrypting encrypted broadcasting programs to store broadcasting programs.
2. Description of Related Art
Lately, broadcasting programs have been illegally distributed. In general, the broadcasting programs are illegally distributed through peer to peer (P2P) websites or web storage service providers such as Web-hard. The illegally distributed broadcasting program can be reproduced without a corresponding right. This feature of broadcasting program makes it difficult to be protected from illegal distribution. Therefore, it is required to develop a method for effectively protecting a broadcasting program from illegal distribution.
In order to prevent the illegal distribution, digital rights management (DRM) was applied to the broadcasting program. The DRM includes an encryption technology that enables only a user or a terminal having a right to reproduce a corresponding broadcasting program.
For example, when a terminal receives and stores a broadcasting program, the terminal must be restricted to make illegal distribution of the broadcasting program although the terminal has a use right of recording, copying, and replaying the broadcasting program within a personal use/duplication range.
In order to restrict the illegal distribution, as a related art, encryption information was shared only with users or terminals that have a use right of a corresponding broadcasting program after encrypting and storing the corresponding broadcasting program. Accordingly, only the users or the terminals having the use right are enabled to decrypt the corresponding broadcasting program. In this way, users or terminals without a proper use right of a corresponding broadcasting program are restricted to decrypt the corresponding program since they do not have the encryption information.
Advanced Television Systems Committee (ATSC) standard includes a redistribution control descriptor (RC descriptor) that defines transmission and insertion of redistribution restriction information in a broadcasting program in order to prevent illegal distribution of a broadcasting program. Table 1 shows a structure of a RC descriptor.
However, the ATSC standard does not define rc_information( ) for protecting a broadcasting program.
In order to include information about controlling redistribution of a broadcasting program and information related to copyright in rc_information ( ) of the RC descriptor, program protection information (PPI) was defined. The PPI includes redistribution controlling information, redistribution allowance range information such as “no redistribution permitted”, “restricted redistribution permitted” or “full redistribution permitted”, and information about restriction details.
Accordingly, it is necessary to have a scheme for technically protecting a broadcasting program set with “no redistribution” and “restricted redistribution permitted”. Such a technical protection scheme generally includes an encryption scheme for a broadcasting program.
The ATSC standard and the PPI standard do not introduce a method for storing necessary information about an encrypted broadcasting program and about decrypting encrypted broadcasting program.
As a standard for defining storing the encrypted broadcasting program, ISO Base Media File Format (ISO/IEC 14496-12; ISO base media file format) was introduced. The ISO Base Media File Format defines a technology of storing a received broadcasting program in a format of MPEG-2 TS. The ISO Base Media File Format defines information about whether stored MPEG-2 TS is encrypted or not, a previous format before encrypting a corresponding broadcasting program, necessary information for protecting a broadcasting program based on MPEG intellectual property management and protection (IPMP), a scheme type used for protecting a broadcasting program, and scheme information used for protecting a broadcasting program.
However, the IOS Base Media File Format does not define a method for storing scheme information according to a scheme type although the IOS Base Media File Format defines a container box for storing the scheme type and the scheme information.
That is, there is a demand for developing a method and apparatus for storing an encrypted broadcasting program and necessary information for decrypting the encrypted broadcasting program as a technology for protecting a broadcasting program.
An embodiment of the present invention is directed to providing a method and apparatus for storing encryption key information and package key information with or separately from an encrypted broadcasting program in order to enable a user or a terminal having a reproduction right to decrypt an encrypted and stored broadcasting program.
In accordance with an aspect of the present invention, there is provided a method for protecting a broadcasting program, including generating and storing information about a first encryption key for encrypted the broadcasting program, and generating package key information by encrypted the first encryption key using a second encryption key.
In accordance with another aspect of the present invention, there is provided a system for protecting a broadcasting program, including a first encryption key generator configured to generate a first encryption key for encrypted the broadcasting program, a broadcasting program encryptor configured to generate first encryption key information about the first encryption key, a package key generator configured to generate a package key by encrypting the first encryption key using a second encryption key and package key information about the package key, and a memory configured to store the first encryption key information, the package key, and the package key information.
Other objects and advantages of the present invention can be understood by the following description, and become apparent with reference to the embodiments of the present invention. Also, it is obvious to those skilled in the art to which the present invention pertains that the objects and advantages of the present invention can be realized by the means as claimed and combinations thereof.
The advantages, features and aspects of the invention will become apparent from the following description of the embodiments with reference to the accompanying drawings, which is set forth hereinafter.
As described above, protection of a broadcasting program includes encryption of a broadcasting program. According to an embodiment of the present invention, a first encryption key used for encrypting a broadcasting program is encrypted again using a second encryption key. In the specification, the first encryption key, which is used for encrypting the broadcasting program and encrypted by the second encryption key, is defined as a package key.
In order to decrypt an encrypted broadcasting program by a first encryption key, a user or a terminal needs information about the first encryption key that is used to encrypt a broadcasting program and information about the encrypted first encryption key, which is the package key, that is encrypted by the second encryption key.
That is, in order to decrypt the encrypted broadcasting program, the encrypted first encryption key is decrypted using information about the package key and then the encrypted broadcasting program is decrypted using information about the first encryption key and the decrypted first encryption key. Therefore, the protection of the broadcasting program according to an embodiment of the present invention includes encryption of a broadcasting program, information about the first encryption key, generation of a package key which is encryption of the first encryption key using the second encryption key, and information about the package key. It is possible to decrypt the broadcasting program encrypted by the above information and to obtain comparability with various types of terminals.
Hereafter, a method and system for protecting a broadcasting program according to an embodiment of the present invention will be described with a terrestrial DTV broadcasting program. However, the present invention is not limited thereto. The present invention can be applied to various types of broadcasting programs such as cable broadcasting programs, satellite broadcasting programs, digital multimedia broadcasting programs, and IPTV broadcasting programs.
As shown in
In the method of protecting a broadcasting program according to an embodiment of the present invention, the broadcasting program receiver 201 receives a broadcasting program at step S101. At step 103, the encryption determiner 203 determines whether it is required to protect the received broadcasting program from distribution or it is free to distribute the received broadcasting program without encryption. Whether encryption is required or not may be decided in various ways according to a policy of a broadcasting program provider. For example, all of broadcasting programs can be encrypted according to the policy of the broadcasting program provider or information about the encryption of the broadcasting program can be inserted into the broadcasting program. In case of the terrestrial DTV broadcasting, PPI may be inserted into a broadcasting program. In this case, the encryption determiner 203 may use the PPI inserted in the broadcasting program to determine whether it is required to encrypt the received broadcasting program or not.
When the encryption determiner 203 determines that it is free to distribute the received broadcasting program without encryption at step S103, the received broadcasting program is stored in the memory 205 at step S105.
On the contrary, when the encryption determiner 203 determines that it is required to protect the received broadcasting program through encryption at step S103, the first encryption key generator 207 generates a first encryption key for encrypting the received broadcasting program from the broadcasting program receiver 201 at step S107. In generally, the first encryption key is independently provided from a broadcasting program. The first encryption key may be generated with well-known methods.
Then, the broadcasting program encryptor 209 encrypts the received broadcasting program from the broadcasting program receiver 201 based on the generated first encryption key from the first encryption key generator 207 and stores the encryted broadcasting program in the memory 205 at step S109.
The broadcasting program encryptor 209 generates first encryption key information and stores the generated first encryption key information in the memory 205 at step S111. The first encryption key information is information about how the broadcasting program is encrypted.
The first encryption key information is necessary information to decrypt the encrypted broadcasting program. Table 2 shows definition of the first encryption key information according to an embodiment of the present invention.
Referring to
In an embodiment, the first encryption key is encrypted using a domain key or an authentication key of a terminal that is authenticated to use a corresponding broadcasting program. The domain key is a key shared by users or terminals within a personal use/duplication range. Herein, the personal use/duplication range is a range of allowing a related user to legally duplicate, distribute, and/or use a corresponding broadcasting program. A technical term of the personal use/duplication range is a domain. The domain means a set of users or terminals that are allowed to store, distribute, and/or reproduce a broadcasting program. That is, the domain is generated through a technical process such as registration and authentication of a user or a terminal. The domain is also a technically controllable personal range of using or duplicating a broadcasting program. In the present embodiment, the domain key is defined as a key shared by users or terminals within the personal use/duplication range. Users or terminals in a domain are always changed due to joining and disjoining. Accordingly, the domain key is always changed.
When the first encryption key is encrypted using the domain key, it guarantees using a broadcasting program within a domain. On the contrary, it may restrict a terminal or a user from using a broadcasting program in the outside of the domain. That is, when the first encryption key is encrypted using the domain key or the terminal authentication key, it is possible to guarantee using a broadcasting program within the personal use/duplication range and to restrict illegal distribution.
The package key generator 211 generates a package key by encrypting the first encryption key using the domain key or the terminal authentication key as the second encryption key and stores the generated package key in the memory 205.
Meanwhile, the package key generator 211 generates package key information and stores the generated package key information in the memory 205 at step S113. Here, the package key information is about how the first encryption key is encrypted.
The package key information is information necessary for decrypting the encrypted first encryption key, that is, the package key. Table 3 shows definitions of the package key information according to an embodiment of the present invention.
In the present embodiment, a package key, package key information, and encryption key information may be stored in one file format or stored in different file formats.
The package key information and the encryption key information may be stored in a binary format, a text formation, or an XML formation.
A standard format for storing a broadcasting program includes an ISO Base Media File Format and a Digital Video Broadcasting File Format (DVB-FF). Since the ISO Base Media File Format and the DVB-FF are Open standard that have been well-known to those skilled in the art, detail description thereof is omitted. According to the standard format, audio and video of a broadcasting program are stored independently from metadata. The metadata is formed in a box unit.
As an embodiment of the present invention applied to the ISO Base Media File Format and the DVB-FF, a broadcasting program may be stored in a MPEG-2 TS Reception Hint Track, a package key may be stored in a Key Message Track, and package key information and first encryption key information may be stored in a Sample Entry of a Key Message Track. In this embodiment, terminals, users, and authenticated terminals in a domain can advantageously share one broadcasting program by storing multiple package keys together, such as a package key generated by encrypting the first encryption key using a domain key (second encryption key) and another package key generated by encrypting the first encryption key using a terminal authentication key (second encryption key). In case of one package key, the package key information and the first encryption key information may be stored in a Sample Entry of MPEG-2 TS Reception Hint Track.
Herein, MPEG-2 TS Reception Hint Track, Key Message Track and Sample Entry are defined in the ISO Base Media File Format and the DVB-FF. Since they are well-known to those skilled in the art, detail description thereof is omitted.
In the embodiment of the present invention, a box is defined for storing package key information and first encryption key information in order to apply the present embodiment into the ISO Base Media File Format and the DVB-FF.
The box structure for storing package key information and encryption key information shown in
As described above, the present invention relates to a method and system for storing encryption key information and package key information for decrypting encrypted broadcasting programs to store broadcasting programs as a technology for protecting a broadcasting program.
The method and system according to the present invention store a broadcasting program encrypted by a first encryption key, information about the first encryption key, the encrypted first encryption key, which is the package key, encrypted by a second encryption key, and information about the package key in a terminal. Therefore, it is possible to decrypt and reproduce the broadcasting program encrypted based on the above information and to secure comparability with various types of terminals.
The method of the present invention described above may be programmed for a computer. Codes and code segments constituting the computer program may be easily inferred by a computer programmer of ordinary skill in the art to which the present invention pertains. The computer program may be stored in a computer-readable recording medium, i.e., data storage, and it may be read and executed by a computer to realize the method of the present invention. The recording medium includes all types of computer-readable recording media, that is it includes not only tangible media such as CD and DVD, but also intangible media such as carrier wave.
While the present invention has been described with respect to the specific embodiments, it will be apparent to those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention as defined in the following claims.
| Number | Date | Country | Kind |
|---|---|---|---|
| 10-2008-0130703 | Dec 2008 | KR | national |
