A one-two punch for data security
CableLabs has devised a technique that combines hardware keys with hard encryption to secure the downloading of digital data over cable systems. If adopted, the new system "could help change the economics of the computer industry by luring people away from floppies and CD-ROMs and onto enetworked media," says Tom Williams, Cablelabs' senior technical staff member and co-inventor of the approach, for which CableLabs sought a patent last July.
Systems like the Sega Channel are secure because a game is downloaded to random-access memory (RAM) in a game machine, where it can be played repeatedly until the game box is turned off - at which point the game vanishes from RAM.
But the move toward downloading to PCs complicates things because content piped to a PC can be stored on the hard drive and easily shared among friends or even "broadcast" over bulletin boards or the Internet.
Williams and Claude Baggett, CableLabs' director of customer premises equipment, attacked this problem by devising a variant on hardware keys. Such keys are commonly utilized to confine use of expensive software to one PC. A typical key - "really nothing more than a connector with a microprocessor in it," says Williams - plugs into the back of a PC. It holds data that is referenced periodically while it runs, verifying ownership of the software.Benefits of software downloading
- It supports distribution of more titles than can be physically accomodated on a retail store's shelves. This benefits developers battling for shelf space, as well as consumers.
- Updates and bug fixes can be distributed automatically.
- Subscribers can try a game or other program before they buy.
- By using a generic PC platform, it avoids the obsolescence associated with fixed platforms such as game boxes.
- It supports target marketing and market research because distribution can be confined to certain areas and sales measured against area demographics.
Williams' crucial idea was to have a host computer divide a downloaded program into a large block that is sent to a PC, and a small block sent to a hardware key. That key can be located inside a cable modem, in a plugin PCMCIA card (such slots are now present on many PCs) or in its own box.
"Most programs that use hardware keys just have a little loop in the code that says 'go check the hard key to see if its there, and it's the right serial number,' and it does that periodically," explains Williams.
"All a software person has to do is figure out where those little checks are and put in a JUMP statement ahead of them that jumps to where the program continues."
With this invention, the data sent to the hardware is not a static ID code, but a dynamic value returned by a particular program as it executes. This code "is the result of a subroutine that is situationally derived from the program," explains Williams.
Thus Williams' core idea, as he summarizes it, "is that a hardware key, which typically goes with one program, be made a generic device, and that it gains its authorization in a secure fashion from connection via a modem to a cable network. With a programmable, network-downloadable key, you don't need a different key for every application."Cryptography added
Williams conferred with Baggett, a cryptography expert, about ways to make the system secure. Baggett's suggestion was to hard-encrypt the data that goes to the hardware key and burn the decryption functionality into the hardware key. Baggett's preferred option for the key is an NRSS card, which is an ISO-7816 smart card which contains both the cryptographic engine, the key handling functionality and storage for the secured part of the software.
The combining of a variable key (Williams' part) plus high-grade cryptography (Baggett's part), means that "a pirate has to work like hell to beat one application, and having done so doesn't get him to square one with the next application."
Tha application developer, not the cable operator, decides which level of security to apply to a particular program: "A game dashed off quickly might be treated very differently from one that has 200 man-years devoted to it," Williams explains.
The system can work on one-wawy cable systems that are broadcasting a range of content, though two-way systems would be faster, says Williams.
An advantage of this invention over a Sega Channel-type, one-way broadcast channel is that, with popular games running 100 MB or more, 98–99 percent of the game would only have to be downloaded once, leaving only 1–2 percent to be sent out to the hardware key during each session, says Williams. Alternatively, says Baggett, samples of many applications could be distributed on CD-ROMs, with the unlocking mechanism available over cable.
As games grow more complex and subscriptions to game channels get pricier, Baggett sees "marvelous opportunities for cable operators to partner with game companies, and perhaps developers of other software."
Should this invention be patented and adopted, the main benefit to CableLabs will be to help its members to adopt a standardized security system, says Baggett.
In addition to games, this invention can support e-mail, "video magazines", and other content.