An object of the present invention is to provide a marking forming apparatus, a method of forming a laser marking on an optical disk, a reproduction apparatus, an optical disk, and a method of manufacturing an optical disk, capable of providing a greatly improved copy prevention capability as compared to prior known construction. To achieve this object, in the optical disk of the invention, for example, a marking is formed by a laser on a reflective film of a disk holding data written thereon and at least position information of the marking or information concerning the position information is written on the disk in an encrypted form or with a digital signature appended thereto.
|
0. 28. An optical disk comprising:
a data zone having pits indicating data signals readable by light radiation;
a reflective layer formed on the data zone; and
portions of the reflective layer being trimmed forming markings,
wherein the markings form a barcode pattern indicating information and are formed on the pits on a track of the optical disk.
0. 29. A method of manufacturing an optical disk comprising the steps of:
forming, on a substrate, a data zone having pits indicating data signals readable by light radiation;
forming a reflective layer on the data zone; and
trimming the reflective layer to form markings on the pits on a track of the optical disk;
wherein the markings form a barcode pattern indicating information.
0. 1. A marking forming apparatus comprising:
marking forming means for applying at least one marking to at least one reflective film formed to a disk;
marking position detecting means for detecting at least one position of said marking; and
position information output means for outputting said detected position as position information of said marking.
0. 2. A marking forming apparatus according to
0. 3. A marking forming means according to
0. 4. A marking forming apparatus according to
0. 5. A marking forming apparatus according to
first encrypting means for encrypting software feature information concerning features of software contents written to said disk and a sub public key of a public key encryption function by using a master secret key of said public key encryption function, and
second encrypting means for encrypting said position information or information concerning said position information by using a sub secret key corresponding to said sub public key,
and the writing at least said output position information or information concerning said position information means writing contents encrypted by said first encrypting means and contents encrypted by said second encrypting means to said disk.
0. 6. A marking forming apparatus according to
and the writing at least said output position information or information concerning said position information means writing information concerning a result of said digital signature application to said disk.
0. 7. A marking forming apparatus according to
0. 8. A marking forming apparatus according to
said digital signature means includes
first digital signature means for applying a digital signature to software feature information concerning features of software contents written to said disk and to a sub public key of a public key encryption function by using a master secret key of said public key encryption function, and
second digital signature means for applying a digital signature to said position information or information concerning said position information by using a sub secret key corresponding to said sub public key,
and the writing at least said output position information or information concerning said position information means writing a result of the application of said digital signature by said first digital signature means and a result of the application of said digital signature by said second digital signature means to said disk.
0. 9. A marking forming apparatus according to
0. 10. A marking forming apparatus according to
0. 11. A marking forming apparatus according to
0. 12. A method of forming a laser marking to an optical disk, comprising the steps of:
forming at least one disk;
forming a reflective film to said formed disk;
laminating two disks together, said disks including at least one disk with said reflective film formed thereon; and
forming at least one marking by a laser on said reflective layer of the laminated disks.
0. 13. A reproduction apparatus comprising:
position information reading means for reading position information of at least one marking or information concerning said position information, said marking being formed to at least one reflective film formed to a disk and being detected for a position thereof, at least the position thus detected being output as said position information of said marking;
marking reading means for reading information concerning at least one actual position of said marking;
comparing/judging means for performing comparison and judgement by using a result of reading by said position information reading means and a result of reading by said marking reading means; and
reproducing means for reproducing recorded data on said optical disk in accordance with a result of the comparison and judgement performed by said comparing/judging means.
0. 14. A reproduction apparatus according to
0. 15. A reproduction apparatus according to
said position information writing means includes encrypting means for encrypting at least said output position information or information concerning said position information, and
said position information reading means includes decrypting means corresponding to said encrypting means, and by using said decrypting means, decrypts said encrypted position information or information concerning said position information.
0. 16. A reproduction apparatus according to
said decrypting means performs the decryption by using a public key corresponding to said secret key.
0. 17. A reproduction apparatus according to
said encrypting means includes
first encrypting means for encrypting software feature information concerning features of software contents written to said disk and a sub public key of a public key encryption function by using a master secret key of said public key encryption function, and
second encryption means for encrypting said position information or information concerning said position information by using a sub secret key corresponding to said sub public key,
and said decrypting means includes
first decrypting means for decrypting said encrypted software feature information and the encrypted sub public key of said public key encryption function, by using a master public key corresponding to said master secret key, and
second decrypting means for decrypting said encrypted position information or information concerning said position information by using the sub public key thus decrypted.
0. 18. A reproduction apparatus according to
said position information writing means includes
digital signature means for applying a digital signature to at least said output position information or information concerning said position information, and writes information concerning a result of said digital signature application to said disk,
and said position information reading means includes
authenticating means corresponding to said digital signature means, and
position information extracting means for obtaining said position information from an authentication process performed by said authenticating means and/or from said information concerning the result of said digital signature application,
when an output indicating correctness of said authentication result is produced from said authenticating means, said comparing/judging means performs the comparison and judgement by using the position information obtained by said position information extracting means and the result of reading by said marking reading means, and when said output indicating correctness is not produced, the reproduction is not performed.
0. 19. A reproduction apparatus according to
wherein
when said digital signature means applies said digital signature, it uses a secret key of a public key encryption function, and
said authenticating means performs said authentication by using a public key corresponding to said secret key.
0. 20. A reproduction apparatus according to
wherein
said digital signature means includes
first digital signature means for applying a digital signature to software feature information concerning features of software contents written to said disk and to a sub public key of a public key encryption function by using a master secret key of said public key encryption function, and
second digital signature means for applying a digital signature to said position information or information concerning said position information by using a sub secret key corresponding to said sub public key,
and the writing at least said output position information or information concerning said position information means writing a result of the application of said digital signature by said first digital signature means and a result of the application of said digital signature by said second digital signature means to said disk,
wherein said position information reading means includes;
authenticating means for authenticating said digital signature-applied software feature information and sub public key of said public key encryption function, by using a master public key corresponding to said master secret key, and
position information extracting means for obtaining said position information from said authentication process thereof and/or from the result of said digital signature application by using the sub public key obtained from said authentication process and/or from the result of said digital signature application,
and when an output indicating correctness of said authentication result is produced from said authenticating means, said comparing/judging means performs the comparison and judgement by using the position information obtained by said position information extracting means and the result of reading by said marking reading means, and when said output indicating correctness is not produced, the reproduction is not performed.
0. 21. A reproduction apparatus according to any one of
0. 22. A reproduction apparatus according to
0. 23. A method of manufacturing an optical disk, comprising the steps of:
forming at least one disk;
forming a reflective film to said formed disk;
applying at least one marking to said reflective film;
detecting at least one position of said marking; and
outputting said detected position as position information of said marking, and encrypting said information for writing to said disk.
0. 24. A method of manufacturing an optical disk, comprising the steps of:
forming at least one disk;
forming a reflective film to said formed disk;
applying at least one marking to said reflective film;
detecting at least one position of said marking; and
outputting said detected position as position information of said marking, and applying a digital signature in relation to said position information for writing to said disk.
0. 25. An optical disk wherein at least one marking is formed by a laser to at least one reflective film of the disk holding data written thereon and at least position information of said marking or information concerning said position information is written to said disk in an encrypted form or with a digital signature applied thereto.
0. 26. An optical disk having a structure such that at least one reflective film is one of sandwiched directly and sandwiched indirectly between two members formed from material resistant to laser light,
wherein at least one marking is formed by a laser to said reflective film.
0. 27. A marking forming apparatus according to
|
This is a Reissue Divisional Application of U.S. patent application Ser. No. 09/588,364, filed Jun. 2, 2000, which is a Reissue Application of U.S. Pat. No. 5,761,301, issued Jun. 2, 1998.
1. Field of the Invention
The present invention relates to a marking forming apparatus, a method of forming a laser marking to an optical disk, a reproduction apparatus, an optical disk, and a method of manufacturing an optical disk, which may be utilized, for example, to prevent duplication of optical disks.
2. Description of the Prior Art
With increasing use of ROM-type optical disks in recent years, pirated disks have also been spreading, infringing the rights of copyright owners.
This is because ROM disk manufacturing apparatus have been made readily available and also have become easy to operate.
A pirate can make a CD master disk just by extracting logic data from software contained on a CD, copying it onto a magnetic tape, and setting the tape on a mastering apparatus. Hundreds of thousands of pirated disks can be pressed from this single master disk. Since pirates do not, pay royalties, they make a profit by selling pirated disks at a low price. This necessarily means a financial loss to the copyright owner.
According to the current CD specification, only the function of reading logic data from a CD is provided, but no functions are provided to detect physical features of a disk. As a result, a pirated CD can be easily produced by bit-copying the logic data.
The prior art discloses a method of preventing piracy by adding a function to recognize disk physical features.
This method involves establishing a new specification that defines the inclusion of a physical mark on a master disk to prevent the pirating of disks made to this specification. As an example of the prior art, a piracy prevention method is known such as the one disclosed in Japanese Patent Unexamined Publication No. 5-325193. According to that method, in the cutting process the recording beam is deliberately swept in the tracking direction, when recording a designated region, to form a wobbling on the master disk. When the disk is played back on a reproduction apparatus equipped with a wobbling detection circuit, the disk is checked to see whether the wobbling is formed in the designated region. If it is detected that the wobbling of a designated wobbling frequency is formed in the designated region, the disk is judged to be a legitimate disk; otherwise, the disk is judged to be a pirated disk.
More specifically, based on predefined physical mark design data, a physical mark is formed on the masker disk by using a special mastering apparatus equipped with a wobbling function. This prevents pirates from making pirated disks since they do not have such special mastering apparatus nor physical mark design data. Such an anti-piracy mark needs to be formed on every disk made to this specification. However, since it is possible to extract this physical mark by examining a legitimate disk, the prior art method has had the problem that pirated disks may be made if such a special mastering apparatus falls into the hands of an illegal person. In this patent specification, piracy prevention methods of the type that forms a physical mark on the master disk will be referred to as master disk level methods.
Besides the above-described method, there has been proposed a more sophisticated master disk level method which involves forming a more complicated physical mark. On the other hand, a replica method is known that makes a replica having exactly the same physical features by melting the resin of a legitimate disk no matter how complicated the physical mark is made at the master disk level. This method requires much time and cost to produce one master disk, but since hundreds of thousands of disks can be produced from one pirated master disk, the cost per pirated disk is low. This has therefore given rise to the problem that as the replica method becomes widespread in the future, it may defeat the effectiveness of piracy prevention techniques at the master disk level.
As described above, the prior art piracy prevention techniques have several problems to be overcome.
These problems are summarized below.
Problem 1: The effectiveness of the master disk level piracy prevention techniques of the prior art is low since it is possible to replicate the physical mark.
Problem 2: In the prior art method that forms a physical mark based on physical mark design data, if a manufacturing apparatus of the same precision as the apparatus used by the legitimate disk manufacturer is obtained, illegal disks can be easily manufactured.
Problem 3: Since the security level provided by the prior art piracy prevention methods is fixed, its effectiveness decreases against constantly improving pirating techniques.
Problem 4: If a disk format without copy protection were allowed to exist along with a disk format with copy protection, pirated disks could be made with the disk format without copy protection. It has therefore been necessary to produce all disks with copy protection. The use of copy protection is therefore limited to closed specifications such as game disks.
Problem 5: According to the prior art methods, a limited number of licensing companies possess the special manufacturing apparatus and do not make the apparatus public. Therefore, software makers cannot make disks except at the licensing companies.
Problem 6: In the master-disk marking method, all disks pressed from the same master disk have the same disk ID. This means that all disks can be run by using the same password. As a result, password security cannot be maintained unless a floppy disk or a communication line is used in combination. Furthermore, the password has to be entered each time the disk is used since secondary recording is not possible.
In view of the above-outlined problems of the prior art, it is an object of the present invention to achieve a greatly improved copy prevention capability as compared to the prior art.
More specifically, the present invention provides the following means to overcome the above-outlined six problems of the prior art piracy prevention methods.
To overcome Problem 1, a piracy prevention method involving the use of a physical mark at a reflective film level, rather than the master disk level physical mark as used in the prior art, is provided wherein the physical mark is formed on a reflective film of a disk. This prevents the production of pirated disks if duplication is made at the master disk level.
To overcome Problem 2, a new ROM-recording means is used that performs secondary recording to a two-disk laminated ROM disk by using a laser. In a first step, physical marks are randomly formed, and in a second step, the physical marks are measured with a measuring accuracy as high as 0.13 μm. In a third step, their position information is encrypted and, using the secondary recording means, a barcode is recorded to the ROM disk with an accuracy of several tens of microns which is the usual processing accuracy. Optical mark position information can thus be obtained with an accuracy of, for example, 0.1 μm much higher than the processing accuracy of a conventional apparatus. Since optical marks cannot be formed with the accuracy of 0.1 μm by using commercially available equipment, production of pirated disks can be prevented.
To overcome Problem 3, both a first-generation cipher with a low degree of security and a second-generation cipher with a high degree of security, each enciphering the position information with a digital signature, are prerecorded on a medium and by using such a medium, piracy is prevented with the security corresponding to the applicable generation if the design of reproduction apparatus changes from one generation to the next.
To overcome Problem 4, an anti-piracy function identifier for indicating whether or not the software product is equipped with a copyright anti-piracy function is recorded on the master disk. To prevent the identifier from being altered, compressed information of software contents: and the anti-piracy function identifier are scrambled and encrypted together when recording the software contents on the master disk. Since the identifier cannot be altered, pirates cannot produce disks with a disk format without anti-piracy measures. This prevents the production of pirated disks.
To overcome Problem 5, as a secret key for digital signature encryption indispensable for the manufacture of disks, a subkey is generated from a master key, and the subkey is delivered to each software maker, thereby allowing the software maker to manufacture legitimate disks at its own factory.
To overcome Problem 6, position information of an antipiracy mark of the invention, which differs from one disk to another, is used as a disk identifier. The position information and the disk serial number, i.e., the disk ID, are combined and encrypted together with a digital signature, thus appending an unalterable disk ID to each disk. Since each completed disk has a different ID, the password is also different. The password does not work on other disks. This enhances password security.
Also, with the secondary recording of the invention, the password is secondary-recorded on the disk, permanently making the disk an operable disk.
Specific methods for overcoming the above six problems are disclosed below by way of embodiments.
The invention provides a marking forming apparatus comprising: marking forming means for applying at least one marking to at least one reflective film formed to a disk; marking position detecting means for detecting at least one position of said marking; and position information output means for outputting said detected position as position information of said marking.
The invention also provides a marking forming apparatus further comprising position information writing means for writing at least said output position information or information concerning said position information to said disk or to a different medium.
The invention also provides a method of forming a laser marking to an optical disk, comprising the steps of: forming at least one disk; forming a reflective film to said formed disk; laminating two disks together, said disks including at least one disk with said reflective film formed thereon; and forming at least one marking by a laser on said reflective layer of the laminated disks.
The invention also provides a reproduction apparatus comprising: position information reading means for reading position information of at least one marking or information concerning said position information, said marking being formed to at least one reflective film formed to a disk and being detected for a position thereof, at least the position thus detected being output as said position information of said marking; marking reading means for reading information concerning at least one actual position of aid marking; comparing/judging means for performing comparison and judgement by using a result of reading by said position information reading means and a result of reading by said marking reading means; and reproducing means for reproducing recorded data on said optical disk in accordance with a result of the comparison and judgement performed by said comparing/judging means.
The invention also provides a method of manufacturing an optical disk, comprising the steps of: forming at least one disk; forming a reflective film to said formed disk; applying at least one marking to said reflective film; detecting at least one position of said marking; and outputting said detected position as position information of said marking, and encrypting said information for writing to said disk.
The invention also provides a method of manufacturing an optical disk, comprising the steps of: forming at least one disk; forming a reflective film to said formed disk; applying at least one marking to said reflective film; detecting at least one position of said marking; and outputting said detected position as position information of said marking, and applying a digital signature in relation to said position information for writing to said disk.
The invention also provides an optical disk wherein at least one marking is formed by a laser to at least one reflective film of the disk holding data written thereon and at least position information of said marking or information concerning said position information is written to said disk in an encrypted form or with a digital signature applied thereto.
The invention also provides an optical disk having a structure such that at least one reflective film is sandwiched directly or indirectly between two members formed from material resistant to laser light, wherein at least one marking is formed by a laser to said reflective film.
FIG. 9(a) is a reproduced-waveform diagram for a nonreflective portion according to the present embodiment, (b) is a reproduced-waveform diagram for a nonreflective portion according to the present embodiment, and (c) is a reproduced-waveform diagram for a nonreflective portion according to the present embodiment;
FIG. 10(a) is a cross-sectional view of a nonreflective portion of the laminated type according to the present embodiment, and (b) is a cross-sectional view of a nonreflective portion of the single-plate type according to the present embodiment;
FIG. 12(a) is a cross-sectional view of a disk according to the present embodiment, and (b) is a crosssectional view of the nonreflective portion of the disk according to the present embodiment;
FIG. 13(a) is a diagram showing a physical arrangement of addresses on a legitimate CD according to the embodiment, and (b) is a physical arrangement of addresses on an illegally duplicated CD according to the embodiment;
The constitution and operation of a marking forming apparatus, a method of forming a laser marking to an optical disk, a reproduction apparatus, an optical disk, and a method of manufacturing an optical disk will be described below in accordance with an embodiment of the present invention.
In the description of the present embodiment given herein, the first half part (1) deals with such operations as manufacturing a disk, forming a marking by using a laser, reading position information of the marking, performing encryption and other processing on the position information, etc. for writing on an optical disk, and reproducing the optical disk on a player. The encryption and reproduction operations are briefly described in the first part (1).
Next, in the second half part (2), the encryption and other processing of the marking position information, etc. and the decryption and reproduction of the position information, etc. on the optical disk, briefly described in the first part (1), will be described in further detail. The second part (2) also deals with various techniques for preventing piracy.
In this patent specification, laser trimming is also referred to as laser marking, while a nonreflective optical marking portion is simply referred to as the marking or optical marking or, sometimes, as the physical ID unique to the disk. (1)
First, the software company performs software authoring in software production process 820. The completed software is delivered from the software company to the disk manufacturing factory. In disk manufacturing process 816 at the disk manufacturing factory, the completed software is input in step 818a, a master disk is produced (step 818b), disks are pressed (steps 818e, 818g), reflective films are formed on the respective disks (steps 818f, 818h), the two disks are laminated together (step 818i), and a ROM disk such as a DVD or CD is completed (step 818m, etc.).
The thus completed disk 800 is delivered to the software maker or to a factory under control of the software maker, where, in secondary recording process 817, an anti-piracy marking 584, such the one shown in
The above processes will be described in further detail. That is, a disk fabrication process, a marking formation process, a marking position reading process, and an encrypted information writing process for an optical disk according to the present invention will be described in detail with reference to
(A) First, the disk fabrication process will be described. In the disk fabrication process 806 shown in
(B) Next, the marking formation process will be described with reference to
As previously stated, a supplementary explanation will be given below of an alternative type of disk (a two-layer laminated disk) with reference to
The technique for forming the nonreflective optical marking portion will be described in further detail in sections (a) to (d) below with reference to
(b) We will next deal with the case of a single-plate optical disk (an optical disk comprising a single disk). An experiment was conducted by applying laser pulses of the same power to a 0.05 μm thick aluminum reflective film formed on a single-sided molded disk, of which result is shown in FIG. 8(b). As shown in the figure, aluminum residues were observed, and since these aluminum residues cause reproduction noise, it can be seen that the single-plate type is not suitable for secondary recording of optical disk information of which a high density and a low error rate are demanded. Furthermore, unlike the laminated disk, in the case of the single-plate disk, the protective layer 862 is inevitably damaged, as shown in FIG. 10(b), when the nonreflective portion is subjected to laser trimming. The degree of damage depends on the laser power, but the damage cannot be avoided even if the laser power is controlled accurately. Moreover, according to our experiment, the printed layer 805 formed by screen printing to a thickness of a few hundred microns on the protective layer 862 was damaged when its thermal absorptance was high. In the case of the single-plate disk, to address the problem of protective layer damage, either the protective layer has to be applied once again or the laser cut operation should be performed before depositing the protective layer. In any case, the single-plate type may present a problem in that the laser cut process has to be incorporated in the pressing process. This limits the application of the single-plate disk despite its usefulness.
(c) A comparison between single-plate disk and laminated disk has been described above, using a two-layer laminated disk as an example. As is apparent from the above description, the same effect as obtained with the two-layer laminated disk can be obtained with the single-layer laminated disk. Using FIGS. 12(a), 12(b), etc., a further description will be given dealing with the single-layer type. As shown in FIG. 12(a), the reflective layer 802 has the transparent substrate 801 of polycarbonate on one side, and the hardened adhesive layer 804 and a substrate on the other side, the reflective layer 802 thus being hermetically sealed therebetween. In this condition, pulsed laser light is focused thereon for heating; in the case of our experiment, heat of 5 μJ/pulse is applied to a circular spot of 10 to 20 μm diameter on the reflective layer 802 for a short period of 70 ns. As a result, the temperature instantly rises to 600° C., the melting point, melting state is caused. By heat transfer, a small portion of the transparent substrate 801 near the spot is melted, and also a portion of the adhesive layer 804 is melted. The molted aluminum in this state is caused by surface tension to build up along boundaries 821a and 821b, with tension being applied to both sides, thus forming buildups 822a and 822b of hardened aluminum, as shown in FIG. 12(b). The nonreflective portion 584 free from aluminum residues is thus formed. This shows that a clearly defined nonreflective portion 584 can be obtained by laser-trimming the laminated disk as shown in FIG. 10(a). Exposure of the reflective layer to the outside environment due to a damaged protective layer, which was the case with the single-plate type, was not observed even when the laser power was increased more than 10 times the optimum value. After the laser trimming, the nonreflective layer 584 has the structure shown in FIG. 12(b) where it is sandwiched between the two transparent substrates 801 and sealed on both sides with the adhesive layer 804 against the outside environment, thus producing the effect of protecting the structure from environmental effects.
(d) Another benefit of laminating two disks together will be described next. When secondary recording is made in the form of a barcode, an illegal manufacturer can expose the aluminum layer by removing the protective layer in the case of a single-plate disk, as shown in FIG. 10(b). This gives rise to a possibility that nonecrypted data may be tampered with by redepositing an aluminum layer over the barcode portion on a legitimate disk and then laser-trimming a different barcode. For example, if the ID number is recorded in plaintext or separately from main ciphertext, in the case of a single-plate disk it is possible to alter the ID number, enabling illegal use of the software by using a different password. However, if the secondary recording is made on the laminated disk as shown in FIG. 10(a), it is difficult to separate the laminated disk into two sides. In addition, when removing one side from the other, the aluminum reflective film is partially destroyed. When the anti-piracy marking is destroyed, the disk will be judged as being a pirated disk and will not run. Accordingly, when making illegal alterations to the laminated disk, the yield is low and thus illegal alterations are suppressed for economic reasons. Particularly, in the case of the two-layer laminated disk, since the polycarbonate material has temperature/humidity expansion coefficients, it is nearly impossible to laminate the two disks, once separated, by aligning the anti-piracy markings on the first and second layers with an accuracy of a few microns, and to mass produce disks. Thus, the two-layer type provides a greater effectiveness in piracy prevention. It was thus found that a clearly defined slit of a nonreflective portion 584 can be obtained by laser-trimming the laminated disk 800.
The technique for forming the nonreflective optical marking portion has been described in (a) to (d) above.
(C) Next, the process of reading the position of the thus formed marking will be described.
As shown in
The start position and end position of the nonreflective portion 564 having the above waveform can be easily detected by the low reflectivity light amount detector 586 shown in the block diagram of FIG. 15. Using the reproduced clock signal as the reference signal, position information is obtained in a low reflectivity position information output section 596.
As shown in
The reproduced light signal is waveshaped by a waveform shaping circuit 590 having an AGC 590a, for conversion into a digital signal. A clock regenerator 38a regenerates a clock signal from the waveshaped signal. An EFM demodulator 592 in a demodulating section 591 demodulates the signal, and an ECC corrects errors and outputs a digital signal. The EFM-demodulated signal is also fed to a physical address output section 593 where an address of MSF, from Q bits of a subcode in the case of a CD, is output from an address output section 594 and a synchronizing signal, such as a frame synchronizing signal, is output from a synchronizing signal output section 595. From the clock regenerator 38a, a demodulated clock is output.
In a low reflectivity portion address/clock signal position signal output section 596, a low reflectivity portion start/end position detector 599 accurately measures the start position and end position of the low reflectivity portion 584 by using an (n−1) address output section 597 and an address signal as well as a clock counter 598 and a synchronizing clock signal or the demodulated clock. This method will be described in detail by using the waveform diagrams shown in FIG. 16. As shown in the cross-sectional view of the optical disk in FIG. 16(1), the low reflectivity portion 584 of mark number 1 is formed partially. A reflection selope signal such as shown in FIG. 16(3), is output, the signal level from the reflective portion being lower than the light amount reference value 588. This is detected by the light level comparator 587, and a low reflectivity light detection signal, such as shown in FIG. 16(5), is output from the low reflectivity light amount detector 586. As shown by a reproduced digital signal in FIG. 16(4), no digital signal is output from the mark region since it does not have a reflective layer.
Next, to obtain the start and end positions of the low reflectivity light detection signal, the demodulated clock or synchronizing clock shown in FIG. 16(6) is used along with address information. First, a reference clock 605 at address n in FIG. 16(7) is measured. When the address immediately preceding the address n is detected by the (n−1) address output section 597, it is found that the next sync 604 is a sync at address n. The number of clocks from the synch 604 to the reference clock 605, which is the start position of the low reflectivity light detection signal, is counted by the clock counter 598. This clock count is defined as a reference delay time TD which is measured by a reference delay time TD measuring section 608 for storage therein.
The circuit delay time varies with reproduction apparatus used for reading, which means that the reference delay time TD varies depending on the reproduction apparatus used. Therefore, using the TD, a time delay corrector 607 applies time correction, and the resulting effect is that the start clock count for the low reflectivity portion can be measured accurately if reproduction apparatus of different designs are used for reading. Next, by finding the clock count and the start and end addresses for the optical mark No. 1 in the next track, clock m+14 at address n+12 is obtained, as shown in FIG. 16(8). Since TD=m+2, the clock count is corrected to 12, but for convenience of explanation, n+14 is used. We will describe another method, which eliminates the effects of varying delay times without having to obtain the reference delay time TD in the reproduction apparatus used for reading. This method can check whether the disk is a legitimate disk or not by checking whether the positional relationship of mark 1 at address n in FIG. 16(8) relative to another mark 2 matches or not. That is, TD is ignored as a variable, and the difference between the position, A1=a1+TD, of mark 1 measured and the position, A2=a2+TD, of mark 2 measured is obtained, which is given as A1−A2=a1−a2. At the same time, it is checked whether this difference matches the difference, a1−a2, between the position a1 of the decrypted mark 1 and the position information a2 of the mark 2, thereby judging whether the disk is a legitimate disk or not. The effect of this method is that the positions can be checked after compensating for variations of the reference delay time TD by using a simpler constitution.
(D) Next, the encrypted information writing process will be described. The position information read in the process (C) is encrypted (digital signature), as will be described in detail in the next section (2), and is written on the optical disk using a barcode or other method.
The processing steps in the optical disk manufacturing process have been described above. Next, the constitution and operation of a reproduction apparatus (player) for reproducing the thus completed optical disk on a player will be described with reference to FIG. 41.
In the figure, the construction of an optical disk 9102 will be described first. A marking 9103 is formed on a reflective layer (not shown) deposited on the optical disk 9102. In the manufacturing process of the optical disk, the position of the marking 9103 was detected by position detecting means, and the detected position was encrypted as marking position information and written on the optical disk in the form of a barcode 9104.
Position information reading means 9101 reads the barcode 9104, and decrypting means 9105 contained therein decrypts the contents of the barcode for output. Marking reading means 9106 reads the actual position of the marking 9103 and outputs the result. Comparing/judging means 9107 compares the decrypted result from the decrypting means 9105 contained in the position information reading means 9101 with the result of reading by the marking reading means 9106, and judges whether the two agree within a predetermined allowable range. If they agree, a reproduction signal 9108 for reproducing the optical disk is output; if they do not agree, a reproduction stop signal 9109 is output. Control means (not shown) controls the reproduction operation of the optical disk in accordance with these signals; when the reproduction stop signal is output, an indication to the effect that the optical disk is an illegal duplicated disk is displayed on a display (not shown) and the reproduction operation is stopped. In the above operation, it will be recognized that it is also possible for the marking reading means 9106 to use the decrypted result from the decrypting means 9105 when reading the actual position of the marking 9103.
Thus the reproduction apparatus of the above construction can detect an illegally duplicated optical disk and stop the reproduction operation of the disk, and can prevent illegal duplicates practically.
The foregoing description has dealt with the process from optical disk manufacturing to the reproduction operation of the player, and we will now proceed to a description of appertaining matters relating to the details of the above process.
(A) A low reflectivity portion address table, which is a position information list for the low reflectivity portion, will be explained.
(a) Laser markings are formed at random in the anti-piracy mark formation process at the factory. No laser markings formed in this manner can be identical in physical feature. In the next process step, the low reflectivity portion 584 formed on each disk is measured with a resolution of 0.13 μm in the case of a DVD, to construct a low reflectivity portion address table 609 as shown in FIG. 13(a). Here, FIG. 13(a) is a diagram showing a low reflectivity portion address table, etc. for a legitimate CD manufactured in accordance with the present embodiment, and FIG. 13(b) is concerned with an illegally duplicated CD. The low reflectivity portion address table 609 is encrypted using a one-direction function such as the one shown in
Referring now to
Accordingly, as shown in
(b) A first method of achieving mass production of pirated disks by removing the reflective film may be by laser trimming using a high output laser such as a YAG laser. At the present state of technology, even the most highly accurate machining laser trimming can only achieve a processing accuracy of a few microns. In the laser trimming for semiconductor mask corrections, it is said that 1 μm is the limit of the processing accuracy. This means that it is difficult to achieve a processing accuracy of 0.1 μm at the mass production level.
(c) As a second method, X-ray exposure equipment for processing semiconductor masks for VLSIs and ion beam processing equipment are known at the present time as equipment that can achieve a processing accuracy of the order of submicrons, but such equipment is very expensive and furthermore, it takes much time to process one piece of disk, and if each disk were processed using such equipment, the cost per disk would be very high. At the present time, therefore, the cost would become higher than the retail price of most legitimate disks, so that making pirated disks would not pay and meaningless.
(d) As described above, with the first method that involves laser trimming, it is difficult to process with a submicron accuracy, and therefore, it is difficult to mass produce pirated disks. On the other hand, with the second method using the submicron processing technology such as X-ray exposure, the cost per disk is so high that making pirated disks is meaningless from an economic point of view. Accordingly, making illegal copies can be prevented until some day in the future when low-cost submicron processing technology for mass production becomes practical. Since practical implementation of such technology will be many years into the future, production of pirated disks can be prevented. In the case of a two-layer disk with a low reflectivity portion formed on each layer as shown in
(B) Next, we will describe how the arrangement angle of the low reflectivity portion on the disk can be specified.
In the present invention, sufficient effectiveness in piracy prevention is provided by the reflective layer level mechanism, that is, by the low reflective marking alone. In this case, the prevention is effective even if the master disk is a duplicate. However, the effectiveness can be enhanced by combining it with the piracy prevention technique at the master disk level. If the arrangement angle of the low reflectivity portion on the disk is specified as shown in Table 532a and Table 609 in FIG. 13(a), an illegal manufacturer would have to accurately duplicate even the arrangement angle of each pit on the master disk. This would increase the cost of pirated disks and hence enhance the capability to deter piracy.
(C) The points of the present invention will be summarized below. In the present invention, a legitimate manufacturer can make a legitimate disk by processing the disk using a general-purpose laser trimming apparatus having a processing accuracy of several tens of microns. Though a measuring accuracy of 0.13 μm is required, this can be achieved by conventional circuitry contained in a consumer DVD player. By encrypting the measured result with a secret encryption key, a legitimate disk can be manufactured. That is, the legitimate manufacturer need only have a secret key and a measuring apparatus with a measuring accuracy of 0.13 μm, while the required processing accuracy is two or three orders of magnitude lower, that is, several tens of microns. This means that a convectional laser processing apparatus can be used. On the other hand, an illegal manufacturer, who does not have a secret key, will have to directly copy the encrypted information recorded on the legitimate disk. This means that a physical mark corresponding to the encrypted position information, that is, the position information on the legitimate disk, must be formed with a processing accuracy of 0.13 μm. That is, the low reflective mark has to be formed using a processing apparatus having a processing accuracy two orders of magnitude higher than that of the processing apparatus used by the legitimate manufacturer. Volume production with an accuracy higher by two orders of magnitude, i.e., with an accuracy of 0.1 μm, is difficult both technically and economically, even in the foreseeable future. This means that production of pirated disks can be prevented during the life of the DVD standard. One point of the invention is to exploit the fact that the measuring accuracy is generally a few orders of magnitude higher than the processing accuracy.
In the case of CLV, the above method exploits the fact that the address coordinate arrangement differs from one master disk to another, as previously noted.
The method of piracy prevention at the master disk level has been described above. That is, when master disks of CLV recording, such as a CD or DVD, are made from the same logic data by using a mastering apparatus, as shown in
According to the method of the present invention, the marking is formed on each disk pressed from a master disk, even if disks are pressed from the master disk, by removing a portion of the reflective film in the reflective film formation process. As a result, the position and shape of the resulting low reflective marking is different from one disk to another. In a usual process, it is next to impossible to partially remove the reflective film with an accuracy of submicrons. This serves to enhance the effectiveness in preventing duplication since duplicating the disk of the invention does not justify the cost.
In
As described, since the circuit delay time TD of the reproduction apparatus is stored in the IC ROM, optical mark position information can be obtained with increased accuracy. Furthermore, by setting the tolerance 866 and pass count for the software on each disk, the criteria for pirated disk detection can be changed according to the actual condition to allow for a scratch made on the disk after purchase. This has the effect of reducing the probability of a legitimate disk being erroneously judged as an illegal disk.
(D) A further description will be given of the operation of reading the nonreflective optical marking portion of the two-disk laminated optical disk, focusing on points that were not touched on in the foregoing description of the operation principle.
That is, as shown in
The correspondence between
FIG. 16(5) corresponds to FIGS. 27(1) and 28(1). The reproduced clock signal in FIG. 16(6) corresponds to that shown in FIGS. 27(5) and 28(5). Address 603 in FIG. 16(7) corresponds to that shown in FIGS. 27(2) and 28(2).
Frame synch 604 in FIG. 16(7) corresponds to that shown in FIGS. 27(4) and 28(4). Starting clock number 605a in FIG. 16(8) corresponds to reproduced channel clock number in FIG. 27(6). Instead of the end clock number 606 in FIG. 16(7), in FIGS. 27(7) and 28(7) data is compressed using a 6-bit marking length.
As illustrated, the detection operation is fundamentally the same between CD and DVD. A first difference is that a 1-bit mark layer identifier 603a as shown in FIG. 27(7) is included for identifying whether the low reflectivity portion is of the one-layer type or two-layer type. The two-layer DVD structure provides a greater anti-piracy effect, as previously described. A second difference is that since the line recording density is nearly two times as high, 1 T of the reproduced clock is as short as 0.13 μm, which increases the resolution for the detection of the position information and thus provides a greater anti-piracy effect.
Shown in
To read the second layer, a first/second layer switching section 827 in
(E) Additional matters relating to the two-disk laminated optical disk will be further described below.
(2) (A) Encryption (digital signature) of marking position information, etc. and decryption and reproduction of optical disk position information, etc., which have been briefly described in (1), will now be described in more detail. (B) Various mechanism for piracy prevention will also be described below.
(A) Encryption (digital signature) and its reproduction will be described.
(a) Simple encryption (digital signature)
(Implementation by RSA function)
First, an example of encryption in which encryption is performed using a function of a message recovery type signature method, such as an RSA function, will be described with reference to the flowcharts shown in
As shown in
First, in step 735a, the marking position information on the optical disk is measured in step 735b. The position information is then compressed in step 735d, and the compressed position information H is obtained in step 735e.
In step 695, the ciphertext of the compressed position information H is constructed. First, in step 695, a secret key, d, of 512 or 1024 bits, and secret keys, p and q, of 256 or 512 bits, are set, and in step 695b, encryption is performed using an RSA function. When the position information H is denoted by M, M is raised to d-th power and mod n is calculated by yield ciphertext C. In step 695d, the ciphertext C is recorded on the optical disk. The optical disk is thus completed and is shipped (step 735k).
In the reproduction apparatus, the optical disk is loaded in step 735m, and the ciphertext C is decrypted in step 698. More specifically, the ciphertext C is recovered in step 698e, and public keys, e and n, are set in step 698f; then in step b, to decrypt the ciphertext C, the ciphertext C is raised to e-th power and the mod n of the result is calculated to obtain plaintext M. The plaintext M is the compressed position information H. An error check may be performed in step 698g. If no errors, it is decided that no alterations have been made to the position information, and the process proceeds to the disk check routine 735w shown in FIG. 24. If an error is detected, it is decided that the data is not legitimate one, and the operation is stopped.
In the next step 736a, the compressed position information H is expanded to recover the original position information. In step 736c, measurements are made to check whether the marking is actually located in the position on the optical disk indicated by the position information. :In step 736d, it is checked whether the difference between the decrypted position information and the actually measured position information falls within a tolerance. If the check is OK in step 736e, the process proceeds to step 736h to output software or data or execute programs stored on the optical disk. If the check result is outside the tolerance, that is, if the two pieces of position information do not agree, a display is produced to the effect that the optical disk is an illegally duplicated one, and the operation is stopped in step 736g. RSA has the effect of reducing required capacity since only the ciphertext need be recorded.
(Implementation by elliptic function)
Next, another type of signature system, that is, an imprint type signature system using an elliptic function for encryption, will be described with reference to the flowcharts shown in
As shown in
The process from step 735a to step 735e is the same as that for the RSA function.
In step 735f, authentication ciphertext for the compressed position information H is constructed. First, in step 735g, secret keys X (128 bits or over) and K are set, and in step 735h, a public system parameter G, a point on an ellipse, is determined, and with f(x) as a one-direction function, R=f (K×G) is obtained first, and then R′=f(R) is obtained; then from equation S=(K×R′−H)X−1 mod Q, R and S as authentication ciphertext are generated. In step 735j, the authentication ciphertext R and S and the plaintext H of the compressed position information are recorded on the optical disk, and in step 735k, the completed disk is shipped.
In the reproduction apparatus, the optical disk is loaded in step 735m, and an authentication operation is performed in step 735n to authenticate the position information.
First, in step 735p, the authentication ciphertext R and S and the compressed position information H are recovered from the loaded optical disk. In step 735r, public keys Y, G, and Q are set, and in step 735s, an authentication operation is performed whereby f(A×Y+B×G) is obtained from A=SR−1 mod Q and B=HR−1 mod Q. In step 735t, it is checked if the above value matches R. If they match, it is decided that no alterations have been made to the position information, and the process proceeds to the optical disk check routine 735w in FIG. 24. If they do not match, it is decided that the data is not legitimate one, and the operation is stopped.
The subsequent process from step 736a to step 736g is the same as that for the RSA function. That is, if the optical disk is judged as being an illegally duplicated one, a display to that effect is produced, and in step 736g, the operation is stopped. Compared to the RSA function, the elliptic function has the advantage that the computation time is short, which serves to reduce the time before the reproduction starts. This system therefore is suitable for application to consumer reproduction apparatus.
(b) Complex encryption (digital signature) using master key, subkey, etc.
Not only the marking position information but information concerning the features of contents of the software stored on the optical disk and an anti-piracy identifier are subjected to encryption (digital signature). Furthermore, two kinds of encryption keys, master key and subkey, are used. A specific example is described below in which a secret key encryption function is used in combination with a public key encryption function.
Before proceeding to a detailed description of the specific example, a basic functional description of this system will be given first with reference to
In the example treated in the following basic description, encryption is performed using a public key encryption function, and encryption using a secret key encryption function is not treated here. Therefore, the master secret key for public key encryption and the sub secret key for public key encryption are simply referred to as the master secret key and sub secret key, respectively. Likewise, the master public key for public key encryption and the sub public key for public key encryption are simply referred to as the master public key and sub public key, respectively.
As shown in
For simplicity of explanation, it is assumed here that the software maker 9002 also includes a disk manufacturing factory. Therefore, the software maker 9002 here is a department that performs the manufacturing process at the disk manufacturing factory illustrated in
On the other hand, there is a player 9004 at the user side where the optical disk is used. The player 9004 is an apparatus for reproducing an optical disk, and contains a ROM in which is prestored a master public key corresponding to the master secret key maintained at the key management center. A function to stop the reproduction of an illegally duplicated optical disk is also incorporated.
Having described the general arrangement, we will now describe the operation.
(b-1) First, the processing steps for encryption performed at the software maker 9002 will be described.
The encryption step first performed (the first encryption step) involves encryption at the stage of disk mold manufacturing, and the encrypted information is reflected in the shape of the disk mold. The encryption step performed finally (the second encryption step) concerns encryption performed at a stage after the formation of a marking by laser trimming.
(1-1) In the first encryption step, encryption is performed using a sub public key corresponding to the sub secret key to be used in the second encryption step, and using a software feature information and anti-piracy identifier. The information is transferred to the key management center 9001 via the communication line 9003. The software feature information refers to the information describing the contents of the movie software written on the optical disk, and it is unique to each movie software and is different from one software to another. The anti-piracy identifier is provided to make it possible to detect whether the manufactured optical disk is processed with piracy prevention. The identifier of an optical disk processed with piracy prevention using second ciphertext is “1”; otherwise, the identifier is “0”. In this example, the identifier is “1”, needless to say.
(1-2) The key management center 9001 encrypts the information transferred from the software maker 9002, by using the master secret key maintained at the center, and sends the encrypted information back to the software maker 9002. The thus created ciphertext is referred to as the first ciphertext.
(1-3) The software maker 9002 records the first ciphertext on the disk mold (or master) along with the movie software, etc.
(1-4) The software maker 9002 molds disks by using the thus completed mold.
(1-5) Next, the software maker 9002 fabricates optical disks from the molded disks, and performs the laser trimming, as previously described, to form a marking on each optical disk.
(1-6) Further, the software maker 9002 detects the position of the marking and encrypts the obtained position information by using the sub secret key maintained at the maker. The thus encrypted information is referred to as the second ciphertext. Since it is created by encrypting the position information, the second ciphertext is different from one optical disk to another even if they are pressed from the same mold. This is the difference from the first ciphertext.
(1-7) Finally, the software maker 9002 records the second ciphertext as a barcode on the optical disk. The optical disk is thus completed.
(b-2) Next, we will describe the operation when the user who purchased the thus completed optical disk plays it back on the player 9004.
(2-1) First, the player 9004 reads the first ciphertext recorded on the optical disk, and using the master public key stored in the ROM, decrypts the first ciphertext which contains in encrypted form the sub public key corresponding to the sub secret key, the software feature information, and the anti-piracy identifier.
(2-2) In the meantime, the player 9004 extracted the software feature information from the contents of the movie software recorded on the optical disk. The extracted software feature information is compared with the software feature information obtained by decryption in (2-1); if they do not agree, the optical disk is judged as being an illegally duplicated one, and the subsequent reproduction operation is stopped. If they agree, the process proceeds to the next step.
(2-3) It is checked whether the anti-piracy identifier obtained by decryption in (2-1) is “1” or “0”. If it is “0”, the reproduction operation is immediately started, skipping the process hereinafter described. If it is “1”, the process further continues.
In this manner, if the optical disk happens to be a disk not processed with the piracy prevention using the second ciphertext, the disk can be reproduced on the player 9004 as long as its identifier is set to “0” in a legitimate way. If a pirate attempts to make an illegal copy by altering the identifier to “0”, his effort will be thwarted because the identifier is encrypted using the master secret key after being combined with the software feature information, etc., as earlier described.
(2-4) First, the second ciphertext recorded on the optical disk is read out. Then, the second ciphertext, which is the encrypted version of the position information, is decrypted using the sub public key obtained by decryption in (2-1).
(2-5) Using the decrypted position information, it is checked whether the marking is actually formed in the position on the optical disk indicated by the position information. Then, the actually measured marking position information is compared with the position information decrypted in (2-4). If they do not agree, the optical disk is judged as being an illegally duplicated one, and the reproduction operation is stopped. If they agree, the optical disk is judged as being a legitimate one, and the reproduction operation is started.
An outline of the system has been described above. Now, a description will be given in more specific form.
As shown in
When a system is employed that uses secret key encryption in combination with public key encryption, a master secret key for secret key encryption is used in step 866c, encryption is performed in step 866d, and the data is recorded on the master disk 867 in step 866e.
The disk mastering process is thus completed. The anti-piracy identifier 865 recorded on the master disk defines how the copyright of the software should be protected, and consists of at least four bits of copyright protection flags, including a flag of one bit to indicate whether the software is equipped with an anti-piracy mechanism, a flag of one bit to indicate whether it contains a low reflectivity barcode portion, a flag of one bit as a scramble identifier 965a to indicate whether the software is scrambled or not, and a flag of one bit to indicate whether software dubbing is prevented or not. Since the anti-piracy identifier 865 and the sub public key 861 are combined with the software feature information 863 unique to the software and are encrypted together by using the master secret key for public key encryption, it is not possible to alter them.
The anti-piracy identifier 865 and the sub public key 861 are combined with the software feature information unique to the software, into one data block which is then encrypted by the secret key.
If the software feature information 863 consists of 256 bits, there are 2256 possible variations. This means that when software feature information is extracted from data obtained by authoring a particular movie software product, the probability that it coincides with software feature information of some other software is 1/2256; therefore, the probability of such coincidence occurring is almost zero. When a one-direction hash function, such as MD5 or SHA, is used, if the hash value, i.e., the software feature information 963, consists of 256 bits, finding two software contents having the same hash value will require 1018 years of computing time using a currently available large computer. Consequently, it is nearly impossible to replace software. For the software feature information of a particular software product authored, only one value exists, and no other software can have the same value.
Since the software feature information is encrypted jointly with the anti-piracy identifier 865 and the sub public key 861, neither of these two values cannot be altered. Thus, after authoring, the anti-piracy identifier 865 and the sub public key 861 for a particular software product are uniquely identified.
The recording of the anti-piracy identifier 865 on the master disk will be described in further detail.
How the anti-piracy identifier 865 is actually appended to software is at the discretion of the copyright owner of the software. It takes cost and labor to apply an anti-piracy measure to optical disk software. Accordingly, not all optical disks are equipped with an anti-piracy mechanism; some optical disks incorporate an anti-piracy mechanism or the barcode of the present invention, while others do not. If legitimate disks having no anti-piracy mechanism or barcode are allowed to exist, reproduction apparatus are required to have a function that enables both types of disk to be reproduced properly. In that case, when reproducing a disk having no piracy protection, two possibilities must be considered: one is that the disk is a legitimate disk for which the software company has unlocked the piracy protection in a legitimate way, and the other is that the disk is a disk which the software company has produced with piracy protection but whose anti-piracy identifier has been illegally altered by a pirate.
Means for identifying whether the anti-piracy identifier is legitimate or not is therefore important.
In the present invention, the anti-piracy identifier 865, including the anti-piracy identifier, is encrypted together with the software feature information by using a secret key, and recorded in a ciphertext recording section on the master disk. The reproduction apparatus decrypts the ciphertext with a prescribed public key. This prevents illegal alterations from being made to either data.
The only way left to pirates is to replace the whole portion of the first ciphertext, which contains the software feature information 863 and the anti-piracy identifier 865, by different one.
To distinguish the software feature information 863 from the software feature information extracted from the movie software actually written on the optical disk, which will be described later, the former may sometimes be referred to as the first software feature information, and the latter as the second software feature information. Both kinds of information are the same in that they relate to the contents of the same movie software, but different in that the former is written in encrypted form at the time the optical disk is manufactured, while the latter is extracted by examining the contents of the actually recorded movie software at the time of reproduction.
Since the first software information 863 has a value unique to the software for which the authoring is completed, the probability of some other software yielding the same value is 1/2256, which is approximately zero, as earlier noted. If the first software information 863 is replaced, the information no longer agrees with the second software feature information 885 actually extracted from the disk in step 876e in the process of the check routine of
That is, the first software feature information 863 and the anti-piracy identifier 865 are encrypted together into the first ciphertext 886 for recording on the master disk. This has the effect of thwarting any attempt by a pirate to make illegal copies of piracy-protected software in the disk format of no piracy prevention without an anti-piracy mark or mechanism. With this method that constitutes one aspect of the invention, if a disk standard is worked out, allowing the existence of disks without piracy protection along with disks with piracy protection, and if the standard is replaced by a new-generation standard, reproduction apparatus of the new generation can achieve piracy prevention against all disks. This is a big practical advantage.
The necessity of the master secret key and sub secret key in secret key of a public key encryption and the construction and functions of these secret keys will be described in detail below.
In the piracy prevention method of the invention, the secret encryption key need not be delivered to the disk manufacturing factory since secondary recording can be done. However, it is not realistic to have an encryption center create ciphertext for each of the disks manufactured throughout the world and to receive the ciphertext via a network, because this would cause an enormous increase in communication traffic. On the other hand, distributing the secret key to each software maker and disk manufacturing factory is not possible from the viewpoint of security. A method that can overcome this problem is therefore needed.
As a method to overcome this problem, the present invention provides the master key/subkey system. According to the present invention, the key management center (key issuing center) keeps the master secret key which is not disclosed to the outside. On the other hand, the software company keeps the sub secret key with which the company maintains the security of its software on its own responsibility. As already described with reference to
This means that a particular software product can only be encrypted using a particular secret key, that is, the software maker's secret key corresponding to the sub public key. Using the sub secret key, the software maker can set the key on software locked or unlocked at their option.
This in turn means that pirates cannot produce pirated disks unless they steal the sub secret key information unique to the software from the software maker.
In
In operation,
Next, the anti-piracy operation in the reproduction apparatus, when reproducing the thus completed optical disk, will be described in further detail with reference to FIG. 38.
The operation consists essentially of a software check step 874 and a disk check step 875. In the software check step 874, first the first ciphertext is reproduce from the disk 800 in step 876a, and then, using the master public key stored in the ROM in the reproduction apparatus in step 876c, the first ciphertext is decrypted into plaintext in step 876b. In step 876d, the plaintext of the first software feature information 863 and sub public key 861 is obtained, and in step 876f, it is checked against the second software feature information extracted using the one-direction hash function. If the check is NG in step 876g, the operation is stopped; if the check is OK, the sub public key is output in step 876h. If alterations have been made to the sub public key or software attributes by a pirate, the two kinds of information do not agree, so that the reproduction of an illegal disk is prevented. The legitimate sub public key is thus obtained at the reproduction apparatus.
In the disk check step 875, the sub public key is input in step 876k, and the second ciphertext, i.e., the public key cipher 859 (see FIG. 32), is reproduce in step 876m. In step 876n, the second ciphertext is decrypted into plaintext by using the sub public key, and in step 876p, the marking position information is obtained. In this case, the marking position information cannot be altered illegally unless the sub secret key 876 (see
With the above construction, illegally duplicated disks cannot be reproduced on the reproduction apparatus unless the sub secret key maintained at the software maker is stolen or unless the nonreflective marking portion is laser-trimmed with an accuracy of submicrons, for example, 0.13 μm, and two disks are laminated together with an accuracy of the order of a few microns. This makes it virtually impossible to make pirated disks. This has the effect of preventing pirating of disks.
(c) Detailed description of an example using a public key encryption function in combination with a secret key encryption function
A first feature of the encryption system of the present invention is the use of two encryption functions, a public key encryption function and a secret key encryption function, when encrypting marking position information, etc. on each optical disk.
The following description deals with problems encountered when actually implementing a piracy prevention method that uses public key cipher, and also deals with a method of implementation. The public key cipher here refers to the position information encrypted using a public key encryption function (for example, an RSA function).
From the security point of view, it is desirable that all reproduction apparatus be equipped with a public key cipher decoder to decode the anti-piracy public key cipher of the present invention. However, processing a 512-bit public key cipher requires 0.3 seconds using a 32-bit, 50-MHz CPU. On the other hand, the DVD player control IC predominant in consumer apparatus today is an 8-bit one-chip microcomputer. With this CPU, it will take more than a few minutes to process the public key. This means that the user has to wait a few minutes before an image is reproduced from a DVD. This poses a problem in employing the public key cipher system in consumer products.
Since, at the present level, public key cipher cannot be processed by the CPU used in consumer products, for the present there is no option but to use a secret key cipher decoder for consumer reproduction apparatus because it requires a small amount of processing time. However, in the case of secret key cipher, since the secret encryption key can be easily deciphered from cipher decoder information, the secret key cipher will lose its anti-piracy effect once deciphered. Therefore, transferring to public key cipher which is difficult to decipher is imperative in the future.
Secret key cipher and public key cipher are mutually incompatible. If the system were simply switched from secret key cipher to public key cipher in future, second-generation optical disks having public key cipher would not be able to be decoded and reproduced on a first-generation player having a secret key cipher decoder. Furthermore, first-generation optical disks having secret key cipher would be unable to be reproduced on a future player. If the player is constructed to allow the reproduction of such disks, it will allow pirates to decipher the secret key for the secret key cipher and create the secret key cipher using the deciphered key, thus giving rise to the possibility of pirated disks being marketed in large quantities. If disks encrypted with secret key are allowed to be reproduced on future players, piracy cannot be prevented even if public key cipher is used.
The need therefore arises for a mechanism which, if the cipher decoder of reproduction apparatus is changed from the secret key to the public key system in the future, can preserve compatibility to allow earlier optical disks to be reproduced properly on reproduction apparatus having a new public key cipher decoder while preventing the reproducing of pirated disks.
A method of the invention that satisfies the need for compatibility is disclosed hereinafter. As shown in
In the case of a legitimate disk, the disk is normally reproduced since the two kinds of physical feature information agree, as shown in step 878a.
In the case of a pirated disk, since they do not agree as shown in step 878c, the reproduction of the disk is prevented. That is, the reproduction is prevented as long as the secret key cipher remains unbroken. If it is broken some time in the future by a pirate, as earlier described, the pirate can produce illegal disks in large quantities by illegally creating the secret key cipher. In that case, since the secret key decoder 881 in the first-generation reproduction apparatus checks only the secret key cipher, the comparison checks OK as shown in step 878d, allowing the illegal pirated disk to be reproduced. However, by that time in the future, second-generation reproduction apparatus having a public key cipher decoder 882 will have become a predominant type; therefore, reproducing pirated disks on the first-generation reproduction apparatus in an illegal manner will not have a significant impact.
Since the legitimate disk of the invention has public key cipher, the disk is normally reproduced on the second-generation reproduction apparatus, as shown in step 878b. On the other hand, when a pirated disk is inserted for reproduction, the reproduction apparatus checks only the public key cipher, as shown in step 878e, whether the secret key cipher is deciphered or not. As a result, the anti-piracy function of the public key cipher works, as shown in step 878e, so that the reproducing of the pirated disk on the second-generation reproduction apparatus is almost perfectly prevented.
According to the invention, all disks are manufactured with both the secret key cipher 879 and public key cipher 880 prewritten thereon from the time of commercial introduction of the first-generation reproduction apparatus. Therefore, in the first stage, piracy prevention at the secret key cipher level is provided since the ciphertext can be processed by the 8-bit microcomputer mounted in the first-generation reproduction apparatus. In the second stage, that is, in the future when the secret key cipher may have be broken, more sophisticated piracy prevention can be provided by the public key cipher decoder incorporated in the second-generation apparatus which will have become the predominant type by that time. In this way, if one generation is replaced by the next generation, perfect compatibility with earlier media can be preserved uninterruptedly with the second-generation reproduction apparatus achieving nearly perfect piracy prevention.
The above has described an example of application to the low reflectivity marking method, that is, the piracy prevention method at the reflective layer level, but it will be appreciated that the effect of preserving compatibility at the time of generation change can also be obtained if the same is applied to the piracy prevention method at the master disk level that uses the physical feature information of the master disk as shown in FIG. 13.
The above-illustrated example has the feature that, when performing encryption, the same information is encrypted by using a public key encryption function and a secret key encryption function separately, and the respectively encrypted versions of the information are recorded on the disk.
Accordingly when a transition is made in future from the current player equipped with a decoder, based on an 8-bit microcomputer, for decoding the ciphertext created using a secret key encryption function to the future player equipped with a decoder, based on a 32-bit microcomputer, for decoding the ciphertext created using a public key encryption function, the optical disk as described in the above example can be used effectively on either type of player.
(B) Other mechanisms will be described.
(a) We will describe another specific example of the public key/secret key combination type in which the software feature information, ID number, and marking position information are encrypted (see FIG. 29). The ID number refers to the number assigned to each disk for identifying the disk. The disk ID (also called the disk ID number) to be described later is the same in meaning to the ID number. Major differences between the present example and the foregoing specific example (see
More specifically, as shown in
(b) Next, a modulation recording method for barcode will be described in detail with reference to the same figure.
In
First, information concerning the position of the nonreflective portion 815 formed on the reflective layer 802 or on the second reflective layer 825 is detected using optical mark position detecting means 600. The method of detection has already been described with reference to
The above public key cipher and the secret key cipher are combined in a combining section 835, and are affected with interleaved/Reed-Solomon error corrections by a Reed-Solomon encoder 838 and an interleaver 839 in an error-correcting encoder 837 of a recording circuit 836. The interleave length in this case is so set as to be able to correct a burst error due to a disk scratch 2.38 mm or longer, the same level as the CD, thereby resulting such effect to provide error correction of errors in the barcode recorded data of the invention against a disk scratch that may be caused in the worst condition in consumer use.
The principle of the pulse width modulation method will be described with reference to the same figure. This method eliminates the need for the first ciphertext by the master secret key and the second ciphertext by the sub secret key. In this method, the software feature information, the position information, and the ID number are combined together for encryption. Billions of ROM disks are produced annually. Therefore, there is a possibility that a disk that happens to have a marking whose position pattern is very easy to duplicate may be produced. A pirated disk could be produced by using a combination of this easily duplicatable marking position information and the legitimate ciphertext of this position information. In
The error-correction coded signal is modulated into a PWM signal by a pulse interval modulator 840. When describing lines by using a laser, it is difficult to construct a barcode by accurately controlling the line width. Therefore, in the present invention, the pulse interval is classified into four values 1T, 2T, 3T, and 4T, as shown in
Part (1) of
The signals have a synchronizing signal area 858, consisting of three pulses 857a, 857b, and 857c with interval T; this area indicates the starting position. This is followed by a blank of 4T which is a reference time area for measuring reference time T. When the line width is 10 μm, T=20 μm. Next comes a first recording area 860 of about 1 kbits for holding secondary-recorded data. Then, preceded by a blank 861a of 100 μm or greater length, there is recorded a second recording area 862a for tertiary-recorded data. A password for descrambling, etc. are recorded at a dealer.
(c) The following describes the method of use of the barcode which can secondary- and tertiary-record by the HMST method.
As shown in
As shown in
(d) Another specific example of disk manufacturing is shown in FIG. 35. That is, in process (3) of
Referring back to
That is, in process (4) of
(e) We interrupt here our explanation relating to
In the figure, the magnetic reproduction circuit has two demodulators, an MFM demodulator 30d and a second demodulator 6b2(sic) which is another type to MFM, one or the other of which is selected by a selector 661. The corresponding modulator is kept only at the factory, so that a full recording capability is not provided although reproduction is possible. Accordingly, when a specially modulated area was recorded at the factory, a specially modulated signal is not recorded. CPU 665 on the drive side performs control so that no recording can be made unless the specially modulated signal is reproduced from this area. Therefore, it can be said that this area is a logical write-once area, permitting recording only once. Accordingly, once the machine ID, such as a drive ID 699a recorded in a ROM 699 in the reproduction apparatus, has been recorded in this write-once area of a magnetic recording portion on an optical disk or a floppy disk, the user drive cannot alter the recorded contents, thus preventing illegal installation on more machines than a permitted number of machines. The drive ID mentioned here is a number assigned to each reproduction apparatus for identifying the apparatus. The machine ID may be an ID assigned to a personal computer. A network interface section 14 examines an HDD, etc. on a second personal computer 663 connected to a network 664 and supervises the operation so that the program of the same drive ID or same machine ID will not be started or run, thus preventing the use of illegally copied software.
The laser marking recording method of the invention permits secondary recording such as recording of a dealer code at a dealer, as does a magnetic method. This, however, does not constitute a feature of the present invention, and therefore, detailed explanation will not be given here.
In the case of a rental video store, if a password were recorded permanently on a disk, and if the disk were shoplifted, the shoplifter could play back that disk. To prevent this, a rental video store hands a scrambled disk 844j to a customer, as shown in process (6). In step 851g, a password for descrambling is computed from the disk ID or the drive ID described later by using a sub secret key. In step 851j, the password is printed on the receipt which is handed to the customer. The password may be notified to the customer by telephone, as shown in step 851u.
The customer performs the descrambling operation shown in step 851r on his reproduction apparatus in his home. First, in step 851s, the scramble identifier and the software feature information are decrypted from the cipher-text by using the sub public key. The decrypted software feature information is compared with the software feature information that was actually extracted from the software contents by using a one-direction hash function, to verify whether they agree or not. If verification cannot be done, the disk is regarded as an illegal one, and the reproduction is stopped. If the scramble identifier is OFF in step 851x, the reproduction operation is permitted in step 851p. If the scramble identifier is ON, the user enters a password from a numeric keypad in step 851k, and the password is computed using the sub public key. In step 851t, a further computation is performed using the disk ID and/or drive ID, and only when the result of the password computation agrees with the disk ID or drive ID, the scramble or ciphertext is unlocked to permit reproduction or operation for a prescribed number of days. When the disk has been rented out with a password only for a portion of the software to the customer, if the customer desires to view other items in the software, the customer can request by telephone the key issuing center to issue the password for the desired software item; the password is then notified to the customer in step 851u and input in step 851k to enable the desired software on the disk to be reproduced.
The operation performed at the video retail store or rental video store in processes (5) and (6) in
Next, the operation performed at the rental store will be described in detail. First, a ROM disk 844f locked with scrambling is displayed on the store shelf. When the particular ROM disk 844f is specified by a customer, a shop clerk holds in his or her hand a circular barcode reader 850 with a built-in rotary-type optical head 853 generating a spiral scanning pattern, and presses it onto the center of the disk 800 housed in a transparent case, to read the barcode formed by nonreflective portions 815 on the reflective layer in the disk 844f, thereby reading the disk ID number. The product code may be read either from the barcode of the invention formed by the nonreflective portions 815 or from the circular barcode prerecorded and pressed by the existing recording method on an inner ring portion inside the pit recording area of the master disk. These items of information are processed by the POS terminal 846, and the rental charge is settled; at the same time, the password corresponding to the disk ID number is issued in step 851g, as previously described. For rental purposes, to limit the number of days for viewing, time information, as used in step 851r, is appended to the disk ID number for encryption, and the password is thus created. This password is valid for a preset number of days, the effect being that in the case of a rental disk a rental period of 3 days, for example, can be set in the password.
In step 851i, the thus issued password for unlocking the scramble, the date of rent, the expected data of return, and the rental charge of the title are printed on a receipt 849 which is handed to the customer together with the disk. The customer takes the disk 844j and receipt 849 home. When, in step 851k, the password is input from an input section 854, such as a numeric keypad, on the information processing apparatus 676 shown in
In this case, if the password contains time information, date data from a clock section 855 is checked, and descrambling is allowed as long as the date data matches the time information. The password and its corresponding ID number are stored in a nonvolatile memory 755a in a memory 755. Once the password has been entered, the user need not reenter it to perform descrambling. In this way, the key on a disk can be locked and unlocked by electronic means, which offers an advantage for distribution business.
The foregoing embodiments have been described referring mainly to the disk ID method wherein a disk ID is appended to a disk. However, in the case of disks that do not have disk IDs, it becomes necessary to use the drive ID of the drive. The following description deals in detail with the descrambling, password creation, and checking operations when the drive ID alone is used and also when both the drive ID and disk ID are used.
In
The advantages and disadvantages of the drive ID method and the disk ID method will be described. When the disk ID is used, the password is valid only for one particular disk. The disk can be run on any drive. This method is therefore suitable for movie software and the like. However, in the case of business software for personal computers, if the software can be installed on any drive, the software on the disk may be illegally copied onto more than one computer.
That the disk can be run only on one drive is a disadvantage of the drive ID method in the case of movie software. This, however, however, becomes an advantage in the case of personal computer software. For business software that need only be installed once, the drive ID method has an advantage in that its password-protect unlocking feature prevents the software from being illegally installed on a personal computer by using other drives than the one designated drive.
However, the drive ID is written in an EPROM in the machine, and can be easily altered. If drives of the same drive ID are sold, illegal installation may be made on many machines. On the other hand, as already described, it is difficult to alter the disk ID of the present invention. In
As described above, the drive ID method and the disk ID method have their own advantages and disadvantages, and the advantages are different for different applications. It is expected that the drive ID method will be used for computer software that is installed only once, and the disk ID method for movie or music software that is reproduced many times. This requires that the reproduction apparatus be designed to support both methods. Using the flowchart of
Turning back to step 901e, if there is no drive ID, then it is checked in step 901h whether a disk ID is recorded on the disk, and if there is no disk ID, the installation stops. If a disk ID is recorded, the disk ID and the software ID are transmitted to the password issuing center. The password issuing center communicates with a credit company, and after confirming online payment by credit, creates a password in step 901j from the disk ID and software ID by using the sub secret key. The personal computer at the user end decrypts the password by using the sub public key in step 901m, and if the result checks OK, program installation or software reproduction is carried out.
In this way, both the drive ID and disk ID can be handled. This has the effect of preventing illegal installation while allowing legitimate installation of software products having various IDs.
Thus by encrypting the disk physical ID by a one-direction encryption encoder, copy protection security can be enhanced.
As described above, according to the present embodiment, a nonreflective portion is formed on a reflective layer in an optical disk consisting of two disks laminated together, and at least its position information is encrypted and written on the same optical disk. This makes duplication much more difficult as compared to the prior art. Production of illegal copies, that is, so-called pirated disks, can thus be made virtually impossible.
As is apparent from the description so far given, the present invention has the advantage of achieving a greatly improved copy prevention capability as compared to the prior art.
Furthermore, according to the present invention, a piracy check mechanism can be incorporated into the master disk by encrypting formatted master disk physical feature information 876 in combination with public key data and software feature information, as described with reference to
In
In the above embodiment, the marking position information of the invention was written on the same disk, but the invention is not limited to the illustrated example. For example, the information may be written on a floppy disk as a different medium.
Furthermore, in the above embodiment, examples have been described wherein an elliptic function or an RSA function is applied to the digital signature or digital signature-like technique or encryption technique. However, the invention is not limited to the illustrated examples; rather, any other encryption technique may be used.
Moreover, in the above embodiment, the position information was encrypted or was provided with a digital signature, but instead, the position information itself may be written directly on the disk. In that case also, the invention is effective in preventing pirated disks from being made by copying the marking and its position information.
The optical disk of the invention has a structure such that a reflective film is sandwiched directly or indirectly between two members resistant to laser light and a marking is formed by laser on the reflective film. The above embodiment has described examples in which this structure is used for a piracy prevention technique, but it will be appreciated that such a structure may also be applied to other techniques. In the above embodiment, the optical disk of the invention has been described as being fabricated by laminating two substrates with an adhesive layer interposed therebetween. However, the adhesive layer may be omitted, or instead, a member made of a different material, such as a protective layer, may be used; that is, any suitable structure may be used as long as the reflective film is sandwiched directly or indirectly between two members resistant to laser light. Furthermore, in the above embodiment, the optical disk of the invention has been described as comprising substrates as the members that are laminated together, but other members such as protective layers may be used; that is, any member that has resistance to laser light may be used.
In the above embodiment, a combination of two kinds of cipher, secret key cipher and public key cipher, has been described as a representative example of a combination of multiple kinds of ciphers of different generations, but the invention is not limited to this particular example. For example, as an alternative combination of different generations, public key cipher having a 256-bit secret key, which is less secure but can be processed by a slow CPU, and public key cipher having a 1024-bit secret key, which provides great security but can only be processed by a high-speed CPU, may be used. In this way, with a combination of public key ciphers having different security levels, the same effect of preserving compatibility between different generations can be obtained. Furthermore, a combination of three kinds of ciphers of different generations, such as secret key cipher, low-security public key cipher, and high-security public key cipher, may also be used.
Gotoh, Yoshiho, Oshima, Mitsuaki
Patent | Priority | Assignee | Title |
7310823, | Jul 06 2001 | MAXELL HOLDINGS, LTD ; MAXELL, LTD | Digital information recording apparatus and outputting apparatus |
8332950, | Mar 15 2005 | Sony Corporation | Disc manufacturing method, data recording apparatus, information recording medium, information processing apparatus and method, and computer program |
8543840, | Apr 28 2010 | Canon Kabushiki Kaisha | Data processing apparatus, data processing system, and method for controlling the same |
Patent | Priority | Assignee | Title |
4503531, | Dec 22 1981 | Pioneer Electronic Corporation | Optical disc |
4758058, | Jan 12 1987 | International Business Machines Corporation | Holographic disk scanner having special position-indicating holograms |
4961077, | Feb 19 1988 | E. I. du Pont de Nemours and Company | Method for affixing information on read-only optical discs |
5050150, | Sep 29 1989 | Kabushiki Kaisha Toshiba | Information disc apparatus |
5061341, | Jan 25 1990 | CLINICAL DIAGNOSTIC SYSTEMS INC | Laser-ablating a marking in a coating on plastic articles |
5065429, | Apr 03 1989 | LANRALD DATA MGMT NV, LLC | Method and apparatus for protecting material on storage media |
5126741, | Sep 29 1989 | Kabushiki Kaisha Toshiba | Reproduction apparatus having circuit for accurately detecting a binary waveform from a varying level analog signal |
5191611, | Apr 03 1989 | LANRALD DATA MGMT NV, LLC | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
5197060, | Jan 11 1989 | Seiko Epson Corporation | Dual substrate optical recording medium |
5309421, | Aug 24 1990 | Sony Corporation | Recording and/or reproducing apparatus for optical disk |
5371792, | Jan 31 1992 | Kabushkuki Kaisha Sega Enterprises | CD-ROM disk and security check method for the same |
5392351, | Mar 16 1992 | Fujitsu Limited | Electronic data protection system |
5400403, | Aug 16 1993 | RSA SECURITY INC | Abuse-resistant object distribution system and method |
5418852, | Mar 18 1992 | Fujitsu Limited | Unauthorized use prevention method for optical disks, optical disk having unauthorized use prevention function, and optical disk apparatus |
5457668, | Dec 27 1991 | NINTENDO CO , LTD | Data processing system with collating processing at start up for determining the presence of an improper optical CD |
5457746, | Sep 14 1993 | SPEX TECHNOLOGIES, INC | System and method for access control for portable data storage media |
5489768, | Dec 20 1991 | Eastman Kodak Company | Apparatus and method for data security in an optical disk storage system |
5502702, | Aug 09 1993 | Yamaha Corporation | Optical disc recording device using basic recording information and projection time control |
5513169, | Oct 06 1993 | Sony Corporation; Digital Audio Disc Corporation | CD-ROM with machine-readable i.d. code |
5549953, | Apr 29 1993 | National Research Council of Canada | Optical recording media having optically-variable security properties |
5982886, | Mar 18 1992 | Fujitsu Limited | Unauthorized use preventing method for optical disks, optical disk having unauthorized use prevention function, and optical disk apparatus |
CN1059222, | |||
DE4308680, | |||
EP329122, | |||
EP520619, | |||
EP545472, | |||
EP549488, | |||
EP553545, | |||
EP553545, | |||
JP1243237, | |||
JP244448, | |||
JP4338872, | |||
JP5266576, | |||
JP5325193, | |||
JP61190734, | |||
JP63164043, | |||
JP6346541, | |||
JP7325712, | |||
NL9101358, | |||
RE35839, | Jan 31 1992 | Kabushiki Kaisha Sega Enterprises | CD-ROM disk and security check method for the same |
Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
Dec 07 2001 | Matsushita Electric Industrial Co., Ltd. | (assignment on the face of the patent) | / |
Date | Maintenance Fee Events |
Sep 19 2007 | ASPN: Payor Number Assigned. |
Oct 15 2010 | R1553: Refund - Payment of Maintenance Fee, 12th Year, Large Entity. |
Date | Maintenance Schedule |
Sep 19 2009 | 4 years fee payment window open |
Mar 19 2010 | 6 months grace period start (w surcharge) |
Sep 19 2010 | patent expiry (for year 4) |
Sep 19 2012 | 2 years to revive unintentionally abandoned end. (for year 4) |
Sep 19 2013 | 8 years fee payment window open |
Mar 19 2014 | 6 months grace period start (w surcharge) |
Sep 19 2014 | patent expiry (for year 8) |
Sep 19 2016 | 2 years to revive unintentionally abandoned end. (for year 8) |
Sep 19 2017 | 12 years fee payment window open |
Mar 19 2018 | 6 months grace period start (w surcharge) |
Sep 19 2018 | patent expiry (for year 12) |
Sep 19 2020 | 2 years to revive unintentionally abandoned end. (for year 12) |