Recherche dans les collections de brevets nationales et internationales
Certains contenus de cette application ne sont pas disponibles pour le moment.
Si cette situation persiste, veuillez nous contacter àObservations et contact
1. (WO2005066952) PROCEDE DE COPIE ET DE REPRODUCTION DE DONNEES DANS UN SUPPORT DE DONNEES
Note: Texte fondé sur des processus automatiques de reconnaissance optique de caractères. Seule la version PDF a une valeur juridique

Description
METHOD OF COPYING AND REPRODUCING DATA

FROM STORAGE MEDIUM
Technical Field
[1] The present invention relates to a method of copying data from one storage medium to another storage medium and more particularly, to a data copying method in which data stored in one storage medium is encrypted and a result of encrypting is recorded on another storage medium via a host, thereby preventing the data from being hacked by unauthorized users and increasing a speed of copying the data.
Background Art
[2] In general, optical discs, which are developed as large capacity storage medias, are classified into a compact disc (CD) that stores misic data, a CD-read only memory
(CD-ROM) that stores computer data, and digital versatile disk (DVD) that stores video data.
[3] Also, such optical discs can be classified into a read-only type on which data was recorded during disc manufacture and a recordable type which allows a user to record data thereon. Further, the recordable type may be classified into a write once type and a rewritable type. Transfer of data may be made from one disc to another disc or from a hard disk installed in a user's computer to a disc. Such transfer of data is referred to as disk copy.
[4] In general, copyrighted contents is encrypted and a result of encrypting is stored in a storage medium. In detail, such contents are encrypted using a content key and a result of encrypting is stored in a storage medium. The content key is reproduced using a disk drive that reproduces the contents from the storage medium or based on information stored in the storage medium.
[5] FIG. 1 illustrates a conventional method of copying contents stored in a first disc

110 to a second disc 120. Referring to FIG. 1, the first disc 110 stores contents
E(K1, Contents) encrypted using a content key Kl. When the first disc 110 is loaded into a first drive 112, the first drive 112 reproduces the content key Kl using information stored either in the first disc 110 or the first drive 112.
[6] The information stored in the first disc 110 includes a disc identifier (ID), a random number, and a renewal key block. The disc ID denotes a disc identification number and the renewal key block denotes a set of drive keys that enable identification of
unauthorized apparatuses. The information stored in the first drive 112 includes a drive ID, which is a drive identification number, and a device key set. The device key set indicates a set of keys that are provided only to authorized apparatuses for identification of unauthorized apparatuses.
[7] After reproducing the content key Kl, the first drive 112 decrypts the contents
E(K1, Contents), which has been encrypted and stored in the first disc 110, using the content key Kl, thereby obtaining decrypted contents 134. The decrypted contents 134 is sent to a second drive 122 via a host 130.
[8] The second drive 122 reproduces a content key K2 based on information stored in a second disc 120 and information stored in the second drive 122. The information
stored in the second disc 120 and the information stored in the second drive 122 are equivalent to that stored in the first disc 110 and that stored in the first drive 112, respectively. Accordingly, a detailed description thereof will be omitted here.
[9] Next, the second drive 122 encrypts the decrypted contents 134 using the content key K2, thereby obtaining encrypted contents E(K2, Contents) VIA. The encrypted contents E(K2, Contents) VIA is recorded on the second disc 120.
[10] As described above, the encrypted contents E(K1, Contents) stored in the first disc

110 is decrypted, re-encrypted, and then copied to the second disc 120. A reason for re-encrypting the decrypted content 134 using the content key K2 is to enable a new drive, other than the first and second drives 112 and 122, to reproduce the content key K2 and decrypt the encrypted contents E(K2, Contents) stored in the second disc 120, using the content key K2. In other words, since a content key is reproduced using disc information, the new drive cannot decrypt the encrypted contents E(K2, Contents) stored in the second disc 120 using the previous key Kl.
[11] In the conventional data copying method, contents that are not encrypted are,
however, transmitted from the first drive 112 to the host 130 and then to the second drive 122, thus guaranteeing security for the contents. For instance, such contents may be intercepted or hacked by unauthorized users who access the host 130.
[12] Further, the conventional data copying method is disadvantageous in that in a considerable amount of time is required in copying contents from one storage medium to another storage medium since the contents must be encrypted, decrypted, and re- encrypted.
Disclosure of Invention
Technical Solution
[13] The present invention provides a method of copying data from one storage medium to another storage medium while providing security for the data when the data is sent via a host and reducing a time required for data copy.
Advantageous Effects
[14] according to the present invention, encrypted data stored in a storage medium is sent to a host without decrypting the encrypted data, thereby preventing the data from being hacked by unauthorized users.
[15] Also, encrypted data is copied from a first storage medium to a second storage medium without decrypting the encrypted data, thereby increasing a speed of copying the encrypted data.
Description of Drawings
[16] FIG. 1 illustrates a conventional method of copying data stored in one storage medium to another storage medium;
[17] FIG. 2 illustrates a method of copying data stored in one storage medium to another storage medium, according to an embodiment of the present invention;
[ 18] FTG. 3 is a flowchart illustrating the method of FIG. 2;
[19] FIG. 4 illustrates a method of generating respective content keys using a first drive and a second drive, according to an embodiment of the present invention;
[20] FIG. 5 illustrates a data structure of one recordable disc on which data stored in another disc is copied, according to an embodiment of the present invention;
[21] FIG. 6 illustrates a method of reproducing data copied to a storage medium using a drive, according to an embodiment of the present invention; and
[22] FIG. 7 is a flowchart illustrating a method of reproducing data copied to a storage medium, according to an embodiment of the present invention.
Best Mode
[23] According to an aspect of the present invention, there is provided a method of copying encrypted data stored in a first storage medium to a second storage medium the method comprising recording the encrypted data stored in the first storage medium on the second storage medium; reproducing a first content key, which is used to
encrypt the encrypted data, using a first drive into which the first storage medium is loaded; encrypting the first content key; sending the encrypted first content key to a second drive into which the second storage medium is loaded; and recording the
encrypted first content key on the second storage medium.
[24] Encrypting the first content key is performed using a public key infrastructure.
[25] Encrypting the first content key and sending the encrypted first content key to the second drive comprise encrypting the first content key using a public key of the second drive; sending the encrypted first content key to the second drive; and decrypting the encrypted first content key using a private key of the second drive, the private key corresponding to the public key of the second drive.
[26] Encrypting the first content key comprises reproducing a second content key based on disc information stored in the second storage medium; and encrypting the first
content key using the second content key.
[27] The method farther includes recording a copy flag in a predetermined section of the second storage medium.
[28] According to another aspect of the present invention, there is provided a method of reproducing data, which is encrypted using an encrypted first content key, from a first storage medium the method comprising reproducing a second content key using disc information stored in the first storage medium; decrypting the encrypted first content key using the second content key; and decrypting the encrypted data using the
decrypted first content key, wherein the first content key is encrypted using the second content key, which can be reproduced using the disc information stored in the first storage medium and stored in the first storage medium.
Mode for Invention
[29] Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings.
[30] FIG. 2 illustrates a method of copying data from a first disc 210 to a second disc
250, according to an embodiment of the present invention. The first disc 210 stores disc information 212 and encrypted contents E(K1, Contents) 214. The disc information 212, which is used to reproduce a content key Kl 262, includes a disc
identifier (ID) and a renewal key block. The contents E(K1, Contents) 214 is encrypted using the content key Kl 262. Drive information 222 stored in a first drive 220
includes a drive ID, a device key set, and an encrypted media key.
[31] When the first disc 210 is loaded into the first drive 220, a key generating unit 260 of the first drive 220 reproduces the content key Kl 262. Next, a key encrypting unit
270 of the first drive 220 encrypts the content key Kl 262 using a public key
K_p b_dev2 264 of a second drive 240, thus obtaining an encrypted content key
E(K_pub_dev2, Kl) 272. The public key K_pub_dev2 264 of the second drive 240 is transmitted from the second drive 240 to the first drive 220, using a public key infrastructure (not shown).
[32] The encrypted content key E(K_pub_dev2, Kl) 272 is sent to the second drive 240 via a host 230.
[33] Also, the encrypted contents E(K1, Contents) 214 stored in the first disc 210 is se- quentially transmitted to the first drive 220, the host 230, and the second drive 240, and then is recorded on the second disc 250. During the transmission, the encrypted contents E(K1, Contents) 214 is neither decrypted nor encrypted. In particular, since the encrypted contents E(K1, Contents) 214 is transmitted to the host 230, thereby preventing it from being hacked by unauthorized users.
[34] When the second disc 250 is loaded into the second drive 240, the second drive 240 reproduces a content key K2 282 using disc information 252 and drive information
242. Unlike the first drive 220, the content key K2 282 reproduced by the second drive 240 is not used in encrypting contents. That is, since the encrypted content E(K1,
Contents) stored in the first disc 210 is recorded as encrypted contentsE( 7, Contents) 254 on the second disc 250 without a decrypting process, an additional encrypting process is not required, and thus, the content key K2 282 is not used.
[35] The encrypted content key E(K_pub_dev2, Kl) 272, which is encrypted by the first drive 220 using the public key 264 of the second drive 240, is transmitted to a key decrypting unit 290 of the second drive 240. The key decrypting unit 290 decrypts the encrypted content key E(K_pub_dev2, Kl) 272 using a private key 284 of the second drive 240, thus obtaining a content key Kl 291 of the first drive 220.
[36] The content key Kl 291 is transmitted to a key encrypting unit 292 of the second drive 240. Next, the key encrypting unit 292 obtains an encrypted content key E(K2, Kl) 294 of the first drive 220 by encrypting the content key Kl 291 using the content key K2 282, of the second drive 240, which is reproduced by a key generating unit
280. The encrypted content key E(K2, Kl) 294 is recorded on the second disc 250.
[37] Before being recorded on the second disc 250, the encrypted contents E(K1,
Contents) 254 has already been encrypted using the content key Kl 262 of the first drive 220 and not the content key K2 282 of the second drive 240. Thus, a third drive (not shown), which will reproduce the encrypted contents E(K1, Contents) 254 from the second disc 250, mist be informed that the encrypted contents E(K1, Contents) 254 was encrypted using the content key Kl 262, not the content key K2 282. Therefore, the second disc 250 farther stores a disc copy flag 296 that represents such information. The disc copy flag 296 is recorded in a lead-in section of the second disc
250. For instance, when the disc copy flag 296 is set to a predetermined value, e.g., 1, it must be understood that the contents E(K1, Contents) 254 is encrypted using the content key Kl 262 content key reproduced from the first disc 210, not the second disc 250 that stores the contents E(K1, Contents) 254.
[38] FTG. 3 is a flowchart illustrating the method of FIG. 2. Referring to FIG. 3, the first drive 220 reproduces the content key Kl 262 (step 310). Next, the first drive 220
encrypts the content key Kl 262 using the public key K_p b_dev2 264 of the second drive 240 (step 320). The public key K_pub_dev2 264 of the second drive 240 is
transmitted from the second drive 240 to the first drive 220 using the public key infrastructure before encrypting the content key Kl 262.
[39] After step 320, the content E(K1, Contents), which is encrypted and recorded on the first disc 210, and the encrypted content key E(K_p b_dev2,Kl) 272 of the first drive 210 are transmitted to the second drive 240 via the host 230 (step 330).
[40] Next, the second drive 240 reproduces the content key K2 282 (step 340).
[41] Next, the second drive 240 restores the content key Kl 291 of the first drive 220 by decrypting the encrypted content key E(K_pub_dev2,Kl) 272 of the first drive 220 using the private key K_pή_dev2 284 of the second drive 240 (step 350).
[42] The restored content key Kl 291 of the first drive 220 is encrypted using the
content key K2 282 (step 360).
[43] Next, the second drive 240 sets the disc copy flag 296, which is recorded in the lead-in section of the second disc 250, to 1 (step 370).
[44] Next, the second drive 240 records the encrypted content E(K1, Content) transmitted from the host 230 and the encrypted content key E(K2,K1) on the second disc 250 (step 380).
[45] Returning to FIG. 2, the first drives 220 reproduces the content key Kl 262 using the drive information 222 and the disc information 212 stored in the first disc 210, and the second drive 240 reproduces the content key K2 282 using the drive information
242 and the disc information 252 stored in the second disc 250.
[46] A method of generating a content key using a drive, according to an embodiment of the present invention, will now be described with reference to FIG. 4. FIG. 4 illustrates a method of generating a content key K using a drive 410 based on information
cont
stored in a disc 420 loaded into the drive 410. The content key K conesponds to the
cont
content key Kl 262 of the first drive 220 of FIG. 2 or the content key K2 282 of the s econd drive 240 of FIG. 2. If the content key K is the content key Kl 262, it can be
cont
used to encrypt contents, and if the content key K is the content key K2 282, it can
cont
be used to encrypt a content key that is used to encrypt contents.
[47] In FIG. 4, a device identifier ID 402, a device key set K 404, a recording
d vwe d v
random number Seed 409, and a media key K 406 conespond to the disc in- rec m
formation 222 or 242 of FIG. 2. A renewal key block 422, an encrypted disk key K
ed

424, and a recording random number Seed 428 conespond to the disc information 212 or 252 of FIG. 2. Here, a device denotes a recording/reproducing apparatus that includes a disk drive.
[48] The device identifier ID 402 is an identification number of a disk drive (not
device
shown), and the device key set K 404 is a set of keys that are stored in series in the
d v
disk drive during disk manufacture so as to prevent the disk drive from being illegally copied. The renewal key block 422 is information that is provided to authorized disc drives by a content provider so as to allow only the authorized disk drives to generate the media key K 406. That is, the renewal key block 422 and the device key set K
m dev

404 prevent the media key K 406 from being reproduced by unauthorized disk drives.
m
When an illegally copied disc drive is detected, the renewal key block 422 is updated and provided to authorized disc drives, thereby preventing the illegally copied disk drive from reproducing information stored in the disc 420.
[49] The media key K 406 is generated in the drive 410, using the device identifier ID
m
402, the device key set K 404, and the renewal key block 422 that is read from device dev
the disc 420. Also, a media key generation algorithm does not allow an illegally copied disk drive to reproduce the media key K 406. Such a media key generation algorithm
m
is well known to an ordinary skilled person in the art, and thus, a detailed description thereof will be omitted here.
[50] The encrypted disk key K 424, which is encrypted and stored in the disc 420, is
ed
used to protect a copyright of content or provide information regarding a disk manufacturer. A disk key K 408 is encrypted using the media key K 406 and stored in
d m
the disc 420 by a disk manufacturer. The disk key K 408 is encrypted in the drive 410
d
using the media keyK 406.
m
[51] The recording random number Seed 409 is a random number generated for every
rec
transaction. The recording random number Seed 409 is generated in the drive 410 to
rec
be used in reproducing the content key K and recorded in the disk 420 so that a
cont
drive other than the drive 410 can reproduce the content key K
cont
[52] A disk identifier ID 426, which is a disk identification number, is recorded in a
disc
lead-in section of the disk 420.
[53] All or parts of the above disc information and drive information may be used to generate the content key K . Whether the disc information or the drive information
cont
will be used to generate the content key K is determined by an encrypting policy.
cont
For instance, when the information regarding the disk manufacturer is not required in determining whether the content key K is available or not, the encrypted disk key ID
cont
426 is neither stored in the disk 420 nor used in generating the content key K
disc cont [54] Authorized devices are given the same device key set K 404 and media key K
dev m

406 of the drive information. Only the disk key ID 426 and recording random
disc
number Seed 428 of the disc information can be used to identify the disk 420.
rec
Therefore, even if the disk 420 is loaded into a drive other than the drive 410, the content key K can be reproduced when the drive other than the drive 410 is
cont
determined to be authentic.
[55] FIG. 5 illustrates a data structure of a recordable disc 500 to which encrypted
content E(K, Contents) is copied from the original disc (not shown), according to an embodiment of the present invention. Referring to FIG. 5, a copy flag 510 indicates that the encrypted content E(K, Contents) recorded on the disc 500 is encrypted using a content key K of the original disc, not a content key Kp of the disc 500. A drive (not shown), which will reproduce the encrypted content E(K, Contents) from the disc 500, refers to the copy flag 510. Here, the content key Kp of the disc 500 is reproduced based on disc information stored in the disc 500 by a disc drive (not a disc drive used for data copy), and the content key K of the original disc is reproduced based on disc information stored in the original disc.
[56] The copy flag 510 and the encrypted key E(Kp,K) 520 are stored in a predetermined section of the disc 500. In this embodiment, the predetermined section may be a lead- in section or a reserve section of the disk 500.
[57] FIG. 6 is a diagram illustrating a method of reproducing encrypted contents E(K1,

Contents) 616 from a disc 610 to which information stored in the original disc is
copied, using a drive 620 other than a drive used for data copy. The disc 610 is a
copied disc conesponding to the disc 250 of FIG. 2.
[58] Unlike conventional disc copy methods, the disc 610 farther stores a copy flag 612 and encrypted content keys E(K2,K1) 614, in addition to the encrypted contents
E(K1, Contents) 616.
[59] The drive 620 includes a key generating unit 622, a key decrypting unit 624, and a content decrypting unit 626. When the disc 610 is loaded into the drive 620, the key generating unit 622 reproduces a content key K2 based on disc information stored in the disc 610 and drive information regarding the drive 620.
[60] The key decrypting unit 624 reads the encrypted content key E(K2,K1) 614 from the loaded disc 610 and reproduces a decrypted content key Kl by decrypting the encrypted content key E(K2,K1) 614 using the content key K2.
[61] The content decrypting unit 626 reads the encrypted content E(K1, Contents) 616 from the disc 610, generates decrypted contents 632 by decrypting the encrypted content E(K1, Contents) using the decrypted content key Kl, and sends the decrypted contents 632 to a host 630.
[62] As described above, FIG. 6 illustrates a method of decrypting and reproducing the contents E(K1, Contents) encrypted using a content key of the original disc, not the content key Kl of the disc 610, i.e., a copied disc. Let us assume that the copy flag 612 is set to 1 when the contents E(K1, Contents) is encrypted using a content key of the original disc, not the content key Kl of the disc 610, and is set to 0 otherwise. If the copy flag 612 is set to 0, i.e., when the disc 610 is not a copied disc, the drive 620 reproduces the content key K2 and decrypts the encrypted contents E(K1, Contents) using the content key K2 as described with reference to FIG. 1.
[63] FIG. 7 is a flowchart illustrating the method of FIG. 6. Referring to FIG. 7, the disc

610, which is a copied disc, is loaded into the drive 620, the drive 620 reads disc information from the disc 610 and reproduces the content key K2 of the disc 610 based on the disc information and its drive information (step 710) as described with reference to πG. 1.
[64] Next, the drive 620 checks the copy flag 612 stored in a predetermined section of the disc 610 (step 720). If the copy flag 612 is set to 0, the drive 620 decrypts the encrypted contents E(K1, Contents) stored in the disc 610 using the content key K2
(step 735) and sends a result of decrypting to the host 630 (step 760).
[65] If the copy flag is set to 1, the drive 620 reads the encrypted content key E(K2,K1) and the encrypted contents E(K1, Contents) from a predetermined section of the disc
610 (step 730).
[66] Next, the drive 620 reproduces the content key Kl by decrypting the encrypted content key E(K2,K1) read in step 730, using the content key K2 reproduced in step
710 (step 740).
[67] Next, the drive 620 obtains the decrypted contents 632 by decrypting the encrypted contents E(K1, Contents) using the content key Kl (step 750) and sends the decrypted contents 632 to the host 630 (step 760).
[68] In the present invention, a storage medium includes a write-once storage medium or a rewritable storage medium such as a compact disc (CD), a digital versatile disc
(DVD), and a blue-ray disc.
[69] While this invention has been particularly shown and described with reference to exemplary embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.