A digital data file encryption system and method where digital data encrypted to a high level and an encryption key are received and stored in a computer. The stored, encrypted digital data is decrypted on the basis of the encryption key and stored in a buffer of a predetermined size. Output digital data from the buffer is reencrypted to a low level of encryption and downloaded to a digital data playing device or a data storage medium. Therefore, a digital audio or video data file is prevented from being diverted in unencrypted form from a computer communication network when it is transmitted to a personal computer through the computer communication network and, in turn, downloaded to the digital data playing device. Further, the digital data playing device is prevented from rising in cost due to the use of simple encryption for data downloaded to the playing device.

Patent
   RE42107
Priority
Mar 17 1999
Filed
Oct 15 2008
Issued
Feb 01 2011
Expiry
Mar 17 2020

TERM.DISCL.
Assg.orig
Entity
Large
0
46
EXPIRED
0. 31. A method for managing digital content data, the method being performed by at least one playing device and comprising:
receiving the digital content data which has been encrypted by a predetermined encryption method from an external source device;
determining whether or not the digital content data is to be protected based on index information of the digital content data;
decrypting the digital content data;
storing the decrypted digital content data in a buffer during a duration time;
controlling a size of the buffer for storing the decrypted digital content when the digital content data is determined to be protected;
re-encrypting the stored digital content data using a different encrypting method from the predetermined encryption method, when the digital content data is to be protected, wherein the different encrypting method is selected among a plurality of predetermined encrypting methods; and
transmitting the re-encrypted digital content data to an external target device that is configured to decrypt the re-encrypted digital content.
0. 34. An apparatus for managing digital content data, the apparatus comprising:
a buffer;
a decryptor;
an encryption unit; and
a controller programmed to:
receive the digital content data which has been encrypted by a predetermined encryption method from an external source device,
determine whether or not the digital content data is to be protected based on index information of the digital content data,
control the decryptor to decrypt the digital content data,
store the decrypted digital content data in the buffer during a duration time,
control a size of the buffer for storing the decrypted digital content when the digital content data is determined to be protected, wherein the different encrypting method is selected among a plurality of predetermined encrypting methods,
control the encryption unit to re-encrypt the stored digital content data using a different encrypting method from the predetermined encryption method, when the digital content data is to be protected, and
transmit the re-encrypted digital content data to an external target device that is configured to decrypt the re-encrypted digital content.
0. 1. A method for copy protection, comprising:
generating a partially decrypted data unit, the partially decrypted data unit including two portions, one of the two portions is encrypted having a protection level different from the other of the two portions; and
transferring the partially decrypted data unit to a target device for further decrypting based on information used in the step of generating the partially decrypted data unit; and
further comprising the steps of:
registering a computer with a data server;
transferring encrypted data from the data server to the computer the computer generating the partially decrypted data unit in a first decryption unit of the computer; and
using a second decryption unit of the target device to further decrypt the partially decrypted data unit based on the information used in the step of generating the partially decrypted data unit.
0. 2. The method of claim 1, wherein the two portions having the different protection levels are spaced apart at a predetermined interval on the data unit.
0. 3. The method of claim 2, further comprising the step of storing the partially decrypted data unit in a data storage medium or a digital data player.
0. 4. The method of claim 3, further comprising the step of reading the partially decrypted stored data unit from the data storage medium or the digital data player and reproducing the data unit at the request of a user.
0. 5. The method of claim 4, further comprising the step of decrypting the data unit based on a predetermined encryption key, and outputting the decrypted data unit to an output line.
0. 6. The method of claim 2, further comprising the step of decrypting a remainder of the partially decrypted data unit in the target device.
0. 7. The method of claim 1, wherein the data unit is partially decrypted based on a predetermined encryption key.
0. 8. The method of claim 2, wherein the predetermined interval is a multiple or divisor of a buffer size.
0. 9. The method of claim 1, wherein the step of partially decrypting the encrypted data unit in the computer is performed at a plurality of locations spaced apart at a predetermined interval on the partially decrypted data unit.
0. 10. The method of claim 1, further comprising the step of storing the partially decrypted data unit in a data storage medium or a digital data player.
0. 11. The method of claim 10, further comprising the step of reading the partially decrypted stored data unit from the data storage medium and reproducing the partially decrypted data unit upon request of a user.
0. 12. The method of claim 11, further comprising the steps of:
sending the partially decrypted digital data unit to the digital data player;
decrypting the reencrypted data unit based on a predetermined encryption key; and
outputting the decrypted data unit to an output line of the digital data player.
0. 13. The method of claim 1, wherein the data unit received by the target device is partially decrypted based on a predetermined encryption key.
0. 14. The method of claim 13, further comprising the steps of:
partially decrypting the encrypted data unit in the computer is performed independently of operating the second decryption unit in the target device.
0. 15. A method for copy protection, comprising:
receiving a data unit that has been encrypted based on a predetermined encryption key;
identifying whether or not the received data unit needs to be protected;
generating an encrypted data unit having a different encryption level or method from one used to encrypt the data unit, based on a result of the identifying step; and
transferring the generated encrypted data unit having the different encryption level or method to a target device for decrypting based on information used in the step of generating the encrypted data unit; and
further comprising the steps of:
registering a computer with a data server;
transferring the data unit from the data server to the computer;
using a first decryption unit of the computer for generating the encrypted data unit having the different encryption level or method; and
using a second decryption unit of the target device for decrypting the generated encrypted data unit having the different encryption level or method based on the information used in the step of generating the generated encrypted data unit.
0. 16. The method of claim 15, wherein the generated encrypted data unit includes two portions having the different protection levels spaced apart at a predetermined interval on the data unit.
0. 17. The method of claim 16, further comprising the step of storing the generated encrypted data unit in a data storage medium or a digital data player.
0. 18. The method of claim 17, further comprising the step of reading the generated encrypted data unit from the data storage medium or the digital data player and reproducing the data unit at the request of a user.
0. 19. The method of claim 18, further comprising the step of decrypting the data unit based on a predetermined encryption key, and outputting the decrypted data unit to an output line.
0. 20. The method of claim 16, further comprising the step of decrypting the generated encrypted data unit in the target device.
0. 21. The method of claim 16, wherein the step of generating the encrypted data unit is based on a predetermined encryption key.
0. 22. The method of claim 16, wherein the predetermined interval is a multiple or divisor of a buffer size.
0. 23. A method for copy protection, comprising the steps of:
enabling a registration mode for inputting a user identification;
receiving a data unit from a storage device based on the inputted user identification information, wherein the data unit has been encrypted;
generating an encrypted data unit having a different encryption level or method from one used to encrypt the data unit; and
transferring the encrypted data unit having the different encryption level or method to a target device for decrypting based on information used in the step of generating the differently encrypted data unit; and
further comprising the steps of:
registering a computer with a data server;
transferring the data unit from the data server to the computer;
using a first decryption unit of the computer for generating the encrypted data unit having the different encryption level or method; and
using a second decryption unit of the target device for decrypting the generated encrypted data unit having the different encryption level or method based on the information used in the step of generating the generated encrypted data unit.
0. 24. The method of claim 23, wherein the step of generating the encrypted data unit is performed at a plurality of locations spaced apart at a predetermined interval on the generated encrypted data unit.
0. 25. The method of claim 24, further comprising the step of reading the generated encrypted data unit from the data storage medium and reproducing the generated encrypted data unit upon request of a user.
0. 26. The method of claim 25, further comprising the steps of:
sending the generated encrypted data unit to the digital data player;
decrypting the generated encrypted data unit based on a predetermined encryption key; and
outputting the decrypted data unit to an output line of the digital data player.
0. 27. The method of claim 23, further comprising the step of storing the generated encrypted data unit in a data storage medium or a digital data player.
0. 28. The method of claim 23, wherein the data unit received by the target device is encrypted based on a predetermined encryption key.
0. 29. The method of claim 23, wherein the step of generating the encrypted data unit is performed independently of decrypting the generated encryption unit in the target device.
0. 30. A method for encrypting a digital data file, comprising:
receiving a data file from a digital data server, the data file having been encrypted in the digital data server based on a predetermined encryption key;
decrypting the data file using the predetermined encryption key;
identifying whether or not the received data file needs to be protected;
reencrypting the decrypted data file on the basis of the identified result; and
transferring the reencrypted data file to a target device,
wherein the reencrypted data file has a different level of encryption as compared to that of the received data file that was encrypted in the digital data server; and
further comprising the steps of:
registering a computer with the digital data server;
transferring the data file from the digital data server to the computer;
using a first decryption unit of the computer for generating the reencrypted data file having the different level of encryption; and
using a second decryption unit of the target device to decrypt the reencrypted data file having the different level of encryption based on the information used in the step of reencrypting the decrypted data file.
0. 32. The method of claim 31, wherein the controlling step controls the size of the buffer to be smaller than a normal size when the digital content data is determined to be protected, the normal size being required to reproduce the digital content data.
0. 33. The method of claim 31, wherein an encryption level of the different encrypting method is lower than one of the predetermined encryption methods.
0. 35. The apparatus of claim 34, wherein the controller is further programmed to control the size of the buffer to be smaller than a normal size when the digital content data is determined to be protected, the normal size being required to reproduce the digital content data.
0. 36. The apparatus of claim 34, wherein an encryption level of the different encrypting methods is lower than one of the predetermined encryption method.
For example, the encryption/download unit 125 encrypts the raw data (deencrypted data) using an encryption key, e.g., 16 BYTES EK from the digital data playing device 130 as shown in FIGS. 2 and 5, where the encryption key is associated with a host device such as the digital data playing device130 and/or the storage medium 140.

FIGS. 3A to 3E are views illustrating examples of file encryption in accordance with the present invention. For weak encryption, a strongly encrypted file as shown in FIG. 3A is partially decrypted on the basis of a predetermined encryption key and the remaining parts thereof are left strongly encrypted. As a result, a file encrypted and downloaded by the encryption/download unit 125 has striped, strongly encrypted areas as shown in FIG. 3B. Here shading denotes encrypted data and no shading denotes unencrypted data.

Alternatively, the file encrypted as shown in FIG. 3A may be totally decrypted as shown in FIG. 3C and then more weakly encrypted/downloaded as shown in FIG. 3D on the basis of the predetermined encryption key. Alternatively, the unencrypted file shown in FIG. 3C may have only portions weakly encrypted as shown in FIG. 3E. Any of the encryption schemes shown in FIG. 3B, 3D, or 3E reduce processing requirements for the digital data playing device 130 relative to a file where all of the data has been strongly encrypted. FIG. 6 also the encryption schemes of FIGS. 3B, 3D, and 3E.

The digital data playing device 130 stores the digital data file from the personal computer 120, encrypted and down-loaded in the above manner, in a memory 142 of a data storage medium 140 which may be in the form of a removable card. If the user requests the digital data playing device 130 to reproduce the digital data file stored in the memory 142, then the digital data playing device 130 reads the stored digital data file from the memory 142 and reproduces it through a decoder 132 therein. At this time, the digital data file read from the data storage medium 140 has to be decrypted for the reproduction because it is in an encrypted form. For this reason, in the digital data playing device 130, a microcomputer 131 decrypts the digital data file read from the data storage medium 140 on the basis of the encryption key used in the above encryption procedure of the encryption/download unit 125 and outputs the decrypted digital data file to an output line through the decoder 132. Because of the weak encryption shown, for example, in FIGS. 3B, 3D, and 3E, the decoder is kept low-cost. As a result, the user can listen to desired music anywhere using the digital data playing device 130 and the digital data file can be prevented from illicit diversion and distribution while being downloaded to the digital data playing device 130.

In accordance with the present invention, the above encryption method may be implemented by one program on a recording medium. The encryption program is configured to receive and store both digital data encrypted to a high level and an encryption key, decrypt the encrypted digital data according to the encryption key, store the decrypted digital data in a buffer in a predetermined unit of size, reencrypt output digital data from the buffer to a low level and download the reencrypted digital data to a digital data player or a data storage medium. This encryption program is stored on a single recording medium for use in the digital data encryption of the present invention.

FIG. 4 is a flowchart illustrating a digital data file encryption method in accordance with the present invention. A user of the present invention must have previously registered and have been assigned an ID number and password, as described earlier in the description of the related art.

Thereafter, acccording to the present invention as shown in FIG. 4, upon receiving a digital data file download request from a personal computer at Step 410, a server identifies the user at Step 420 to determine whether the user is legitimate. At this time, the server identifies the user on the basis of an ID code and password which are assigned from the server to the user, as stated previously. If the user is identified to be legitimate, the server downloads a desired digital data file encrypted to a high level and an encryption key to the personal computer at Step 430. Upon downloading the desired digital data file from the server, the personal computer determines at Step 440 whether a copyright of the downloaded file must be protected. If the downloaded digital data file need not be protected in copyright, then it is decrypted and downloaded directly to a digital data player at Step 510. In this case, because no copyright problem is caused even when the downloaded file is hacked/diverted, there is no necessity for encrypting the downloaded file to send it to the digital data player.

On the other hand, in the case where it is determined at the above Step 440 that the copyright of the downloaded file must be protected, the personal computer first checks the capacity of the downloaded file at Step 450 and then sets an effective capacity of a buffer in accordance with the checked result ate Step 460. Then, the personal computer decrypts the downloaded file according to the encryption key at Step 470 and stores the decrypted file in the buffer at Step 480 in such a manner that the decrypted file cannot be normally reproduced even when it is hacked in process of being downloaded to the digital data player. The digital data file stored in the buffer is encrypted to a low level at Step 490. This low level encryption does not require a separate microprocessor which is typically used for the high level encryption or powerful encryption, thereby avoiding an increase in cost of the associated playing device. Then, the digital data file encrypted to the low level is downloaded to the digital data playing device at Step 500.

With reference to FIG. 5, there is shown in block form an alternative embodiment of the digital data file encryption system in accordance with the present invention. This second embodiment is substantially the same in construction as the first embodiment, with the exception that a plurality of digital data servers 110A-110C are provided. Because of the provision of the plurality of digital data servers, the personal computer 120 performs the decryption operation, not using the single encryption key as shown in FIG. 2, but using a plurality of encryption keys supplied respectively from the digital data servers. Then, the personal computer 120 reproduces the decrypted, or non-processed, digital data files or downloads them (with or without encryption) to the digital data playing device 130 for storing in the storage medium 140 in the same manner as stated previously.

FIG. 6 is a diagram illustrating the digital data file encryption method shown in FIG. 4, and the flow of the data file among the components of the digital data file encryption apparatus shown in FIGS. 2 and 5. After the user registers with a data file supplier (Step 400), and is assigned an ID number and password (Step 401), the user is authorized by the digital data server to receive data files upon request. The request by the user is fulfilled by the digital data server downloading the data file (Step 430), the file having been encrypted to a high level by the predetermined encryption key. The data file is received and stored in the personal computer (Step 431), partially decrypted (Step 470) and then stored by changing the size of the buffer (Step 480).

If the downloaded digital data file need not be protected in copyright, then it is decrypted and downloaded directly to a digital data player at Step 510. In this case, because no copyright problem is caused even when the downloaded file is hacked/diverted, there is no necessity for encrypting the downloaded file to send it to the digital data player. On the other hand, in the case where it is determined at the above step 440 that the copyright of the downloaded file must be protected, the digital data file stored in the buffer is encrypted to a low level at step 490. As described above with reference to FIGS. 3B, 3D, and 3E, any of the encryption schemes 3B, 3D, and 3E may be used. This low level encryption does not require a separate microprocessor which is typically used for the high level encryption or powerful encryption, thereby avoiding an increase in cost of the associated playing device. Then, the digital data file encrypted to the low level is downloaded to the digital data playing device at step 500.

According to the present invention, a digital data file downloaded from a single server is decrypted, stored in the buffer in a predetermined unit of size, encrypted in a somewhat simple manner and downloaded to the digital data player. Digital data files downloaded from a plurality of servers are decrypted in individual decryption manners, encrypted in the simple manner as mentioned above and downloaded to the digital data player. Therefore, it is possible to reliably protect the copyright of a given digital data file without increasing the cost of the digital data player due to the decryption function.

Although the preferred embodiments of the present invention have been disclosed for illustrative purposes, those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.

Jung, Han, Kang, Myeong-Joon, Cha, Ghun-Up

Patent Priority Assignee Title
Patent Priority Assignee Title
4907275, May 20 1987 Hitachi, Ltd. Encryption apparatus
5323464, Oct 16 1992 IBM Corporation Commercial data masking
5539827, May 05 1993 SAGETECH INC Device and method for data encryption
5659618, Sep 29 1995 NXP B V Multi-size cryptographic key system
5867579, Oct 27 1994 PIRACY PROTECTION LLC Apparatus for data copyright management system
5889860, Nov 08 1996 SUNHAWK CORPORTION, INC , A WASHINGTON CORPORATION Encryption system with transaction coded decryption key
5917915, Jun 24 1994 Sony Corporation Scramble/descramble method and apparatus for data broadcasting
5991399, Dec 18 1997 HONEYMAN CIPHER SOLUTIONS LLC Method for securely distributing a conditional use private key to a trusted entity on a remote system
5999622, Nov 22 1995 Microsoft Technology Licensing, LLC Method and apparatus for protecting widely distributed digital information
6003135, Jun 04 1997 SPEX TECHNOLOGIES, INC Modular security device
6021199, Nov 14 1996 Kabushiki Kaisha Toshiba Motion picture data encrypting method and computer system and motion picture data encoding/decoding apparatus to which encrypting method is applied
6170060, Oct 03 1997 Audible, Inc Method and apparatus for targeting a digital information playback device
6289454, Jun 29 1998 III Holdings 6, LLC Memory configuration which support multiple cryptographical algorithms
6330675, Feb 13 1998 Microsoft Technology Licensing, LLC System and method for secure transfer of digital data to a local recordable storage medium
6367019, Mar 26 1999 Microsoft Technology Licensing, LLC Copy security for portable music players
6385596, Feb 06 1998 Microsoft Technology Licensing, LLC Secure online music distribution system
6389534, Jun 30 1997 Meta Platforms, Inc Cryptographic policy filters and policy control method and apparatus
6577735, Feb 12 1999 HEWLETT-PACKARD DEVELOPMENT COMPANY, L P System and method for backing-up data stored on a portable audio player
6751321, Apr 24 1997 Kabushiki Kaisha Toshiba Digital data reproduction device
6950941, Sep 24 1998 SAMSUNG ELECTRONICS CO , LTD Copy protection system for portable storage media
20010016836,
20010042043,
20020077984,
20050021477,
CN1205479,
JP10013784,
JP10013808,
JP10178421,
JP1246979,
JP2000187935,
JP4302595,
JP6189262,
JP6326882,
JP7295892,
JP7297951,
JP8006879,
JP8055164,
JP8069419,
JP8077706,
JP8107412,
JP8125651,
JP8130516,
JP8329011,
KR19970057968,
KR1998081704,
WO27067,
////
Executed onAssignorAssigneeConveyanceFrameReelDoc
Apr 25 2000CHA, GHUN-UPLG Electronics IncASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0246120536 pdf
Apr 25 2000KANG, MYEONG-JOONLG Electronics IncASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0246120536 pdf
Apr 25 2000JUNG, HANLG Electronics IncASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS 0246120536 pdf
Oct 15 2008LG Electronics Inc.(assignment on the face of the patent)
Date Maintenance Fee Events
Feb 04 2014ASPN: Payor Number Assigned.
Jun 11 2018REM: Maintenance Fee Reminder Mailed.
Dec 03 2018EXP: Patent Expired for Failure to Pay Maintenance Fees.


Date Maintenance Schedule
Feb 01 20144 years fee payment window open
Aug 01 20146 months grace period start (w surcharge)
Feb 01 2015patent expiry (for year 4)
Feb 01 20172 years to revive unintentionally abandoned end. (for year 4)
Feb 01 20188 years fee payment window open
Aug 01 20186 months grace period start (w surcharge)
Feb 01 2019patent expiry (for year 8)
Feb 01 20212 years to revive unintentionally abandoned end. (for year 8)
Feb 01 202212 years fee payment window open
Aug 01 20226 months grace period start (w surcharge)
Feb 01 2023patent expiry (for year 12)
Feb 01 20252 years to revive unintentionally abandoned end. (for year 12)