Free file-exchange services like Napster have been trampling down copyrights. We need a system that can distribute information safely and efficiently, and protect copyrights at the same time, satisfying both consumers and content holders alike. The technology, which protects contents from illegal use and is the core of safe electronic commerce system, is Digital Rights Management (DRM). DRM is basically a technology that encrypts contents and enables only those people who have playback keys to use the contents. In the last few years, some companies, many of which are in the United States, have been promoting their own DRM technology. None of these companies, however, were decisively supported by consumers and content holders as the existing DRM technologies were not convenient enough to replace the free file-exchange services.

It is DRM technology, which uses the public key cryptosystem, the core technology of certification, and it is assumed to use the super-distribution model that promotes distribution by free exchange of encrypted contents among users. It is also possible to set up different usage conditions, such as designating a set number of uses or a set amount of time, in order to provide convenience for consumers. Keitaide-Music is a technology equipped with UDAC-MB for mobile phones.

The DRM technology encrypts the contents and enables only the people with decryption keys to play the contents. Measures are also taken so that the keys won't be stolen during communication and users can't make unauthorized copies. In UDAC-MB, encrypted music contents and playback license keys (decryption keys) are delivered separately. In Keitaide-Music, for example, as shown in the figure, the encrypted music contents and the playback license key are distributed from the distribution server to the Secure Multimedia Card (SMMC) in the mobile phone. While encrypted contents are stored in conventional flash memory, which can be accessed without restrictions, the decryption key is stored in a safe area called a Tamper Resistant Module, which is a protected area against internal analysis and tampering. Tamper Resistant technologies consist of software and hardware. As for hardware, there are technologies to physically and logically protect against internal analysis and/or tampering of semi-conductor chips, for example, by applying a solid and highly adhesive coat in the inside of the chips. If the surface is peeled, the internal circuit will be completely destroyed. Dummy wiring can also be used. As for electronic attacks, data input/output is only possible when a secure connection is established with authentification by the public key cryptosystem. This technology is already in use for IC cards for handling accounting and has been doing well. Thus, when music is played, the music contents and the license key in the memory card are secretly changed into analogue signals in the TRM area of decryption and the decoder chip. Eventually, the music is played as analogue sound through loud speakers, which is called the analogue hole. Music can only be played in actual time, so large-scale leakage is impossible.

In cryptographs, there are common-key cryptosystems, in which the same key is used for data encryption and decryption, and public key cryptosystems, which use different keys. In a public key cryptosystem, a pair of keys, a private key and a public key, are used. When a message is sent, it is encrypted using the private key, and when it is received, it is decrypted using the public key. In reverse, the data encrypted with the public key can only be decrypted using the private key, which is the pair of the public key. Thus, when encrypted with the sender's public key, only the sender can decrypt the message. If the message has a digital signature made by the private key of the sender, and the receiver tries to decrypt the digital signature with the public key of the sender, when the decryption is completed, it is certified that the message was sent by the authentic owner of the keys. If the data are tampered with on the way, they can't be decrypted correctly. So, the system can also be used to protect against and detect tampering. Therefore, the public key cryptosystem is used for user authentification for safe electronic commerce. The public key, however, needs to be proved authentic. For that purpose, a reliable third party certification authority, which issues certificates, is used. The certification authority will be authenticated by a superior certification authority. The RSA cryptosystem is well known for encryptions for the common-key cryptosystem, but Keitaide-Music uses the elliptic curve cryptosystem because it is faster in processing cryptographs and can shorten the keys.

In order to prove the public key is authentic, the public key and related information are hushed to check for tampering, and then signed. (Hushing is procedure for a one-way function compressing the input data to fixed-length data. If the original data and the hush procedure are the same, the same result is obtained. Tampering produces a different output. The signature is encrypted with the private key of the certification authority). The resulting data are attached to the original data, and this is called a certificate.

Generally, a certificate proves that the public key is authentic as the user authentification for safe electronic commerce, and the certificates are issued by certification authorities. UDAC certification authorities don't necessarily certificate users though. In UDAC, the distribution server, the memory card to hold the key, and the decryption decoder must be safe enough so that the keys won't leak out. So the UDAC certification authorities issue certificates when those devices satisfy the UDAC security guidelines. If a device fails to satisfy the security guideline after a certificate is issued, the UDAC will issue a certificate revocation list to the server, etc., and will stop distribution to the device. The certificate revocation list uses a signature from the private key of the certification authority in order to avoid forgery.

In UDAC-MB, safe distribution, move, and playback of licenses are executed in the procedure shown in the figure Step 1: The receiver (a memory card or decoder chip), which requires acquiring a content license, sends the the public key certificate to the server or the memory card of the sender. This certificate contains a public key assigned to each production lot, which is encrypted (signed) by the private key of the certification authority. The sender first checks the certificate. Decrypting the data using the public key of the certification authority (called a root public key), if it is decrypted properly and the signature is ascertained, proves that this public key is authentic, as well as the devices. As the public key uses the production lot, there are n devices with the same public key. Therefore, it is necessary to establish a connection with a specific device. Step 2: So, the sender (source), which gives the license will create a Session key 1 (a temporarily created random number), encrypt the Session key 1 using the public key of the receiver (destination), and send it to the receiver. Step 3: When the receiver decrypts the message, the Session key 1 will be obtained. Then the receiver creates a Session key 2 (a new random number), encrypts it with the Session key 1, and returns it to the sender. When the sender decrypts it with the Session key 1, the Session key 2 will come out. Now the receiver and the sender share the Session key 2 on a one-on-one basis, instead of n keys. As the connection is generated every time by creating session keys, the system is protected against replay attacks, which consist of intercepting and recording the data flowing on the network followed by sending out the same messages repeatedly, and spoofing, which means overseeing a link between two points that is disguised to be one end of the connection or by sending out commands predicting responses. (Generation of UDAC secure connection) Step 4: Then, the sender encrypts the private key (license) of the content and access conditions using the Session key 2 and the public key of the receiver, and sends them to the receiver. The private key is stored in the Tamper Resistant Module (TRM). Keitaide-Music has adopted 2 Key Triple DES for encrypting contents. DES is a block Cipher (encrypting plain text by splitting it into blocks) of 56-bit key length. It was selected as the United States data encryption standard in 1977, but is easily decrypted now due to computer performance improvements. Therefore, the Triple DES algorithm has come into use. In Triple DES, two or three DES keys are used to encrypt plain text, a midway result is decrypted, and encrypted again to make the final cipher text, which is much more difficult to decipher.

The Secure MultiMediaCard maintains compatibility with standard multimedia cards and uses public key infrastructure (PKI). It has also achieved a security level that can hold out against electronic attacks from hackers by protecting confidential information such as private keys with hardware. The Secure MultiMediaCard is used as the memory for Keitaide-Music and is adopted as the MMCA standard for protecting and distributing contents. http://www.mmca.org/press/SuperDistribution-Final.PDF The Tamper Resistant Module (TRM), which is constructed with hardware, is used in order to achieve a solid security level. The TRM prevents illegal access to the confidential information in the card and tampering with the software. The licenses are stored in the TRM area protected by hardware, and the contents are stored in the flash memory area, which users can freely access. Equipping the card with a cryptographic engine makes it possible to use PKI, which is extensively adopted in IC cards as the open standard of data security, and safe data processing is achieved. Furthermore, since the card is equipped with encryption/decryption/authentification functions, cryptographic processing at the download terminal is unnecessary. As the method is appropriate for mobile devices, which require low electricity consumption, the card can be used from personal data storage, which needs strong security, to access corporate databases and distribute digital contents such as music, games, maps, pictures, video clips, and karaoke.

Copyright© 2002 Keitaide-Music Consortium.