The DRM Stick

25 July 2008 at 0:44 | Posted in DRM (Digital Rights Management), Inventions | Leave a comment
Tags: , ,

[Category: Inventions. If you are new to my blog please read the “About itimes3” page first]

If for example you buy music at the iTunes store you cannot play it on some devices because they use a different DRM technology, and the same story is repeated when you buy digital content at other outlets. A few years ago I invented a solution which I believe is viable, although it will require cooperation between all publishers of content and all manufacturers of devices to play the content (e.g. all consumer electronics companies as well as computer manufacturers).

It will also require the creation of a standards body/organization to act as a point of contact between the industry players, as well as between the industry and the consumer. Due to these requirements, and the sheer size of the undertaking, I have not taken this invention further and decided to post it here now that I have the blog online. Similar inventions may exist or may not – I have not done research. Obviously, as you will see after reading the entire text, the invention will need to be worked out in more detail.

The solution is this: a small device containing a microchip along the lines of a mobile phone SIM-card (however in a different shape: shaped like a small stick most likely, about two centimeters long and half a centimeter wide; a few millimeters thick). Instead of buying a SIM-card at a mobile phone outlet, you buy this DRMstick (perhaps to be called “drumstick” in daily use) at any consumer appliance/electronics store, computer outlet, department store, etc. When you buy it, you get a card with five identical sticks sealed to it in a tamper-evident way, and instructions on how to use the system printed on the card. There will be a way to personalize the sticks after purchase so you can tell them apart from those of friends and family members (colour bands supplied, or using an online application to print off labels at time of registration – see below).

The stick will fit in a slot (DRM Slot), to be designed for it, which will be present in each new appliance that hits the market (much like a memory card reader on a digital camera, printer or laptop, this slot will be present on every device on the market including TV’s, computers, car stereo’s, home theatre systems, MP3 player, cellphone, etc.). The software to read the sticks will be part of the firmware of these devices (which should be upgradeable).

Upon purchasing, the owner of the set of five DRMsticks pops one of them into the DRM Slot on his or her computer and “registers” the stick online with the central database.

Once registered, music and other digital content is, at the time of purchase, “matched” to the DRMstick present in the device used to purchase the content and “locked” to this particular set of five DRMsticks (the set of sticks the owner purchased, which should be globally unique). The locking mechanism most likely uses an encryption algorithm that uses the unique electronic signature of the DRMstick as the key to encrypt the content (plus additional safety features a hacker cannot know, such as some data that may have been entered by the owner at time of registration or other not publicly available information). Bit length of the key should be sufficient to thwart brute-force attacks (perhaps 512 or 1024).

The sticks can be freely moved between any devices the owner owns, or any other devices (say he or she goes to a party and wants to play content there). During normal use, the owner will probably leave several sticks in place in devices he or she often uses: one will stay in the car stereo, another in the computer, yet another in the home theatre system, for example. The remaining one or two could then be used to “roam” between devices.

The system is to be fitted with a checking routine that should someone try to play content without the (correct) DRMstick present, a reminder window will pop up (or for audio devices, a reminder message played) stating the owner of the content (as entered during registration), so that the appropriate DRMstick can be found and entered into the device to enable the content to be played.

The DRMstick should be fitted with a small hole (the way digital cameras and some cellphones have) to attach a strap, so that the DRMstick is easier to find when not inside a device.

There should be a system that can ensure replacement DRMsticks to be provided to the rightful owner in case of loss of a number of sticks from the original set. There would be a limit to this, for example three sets of sticks in total, with the third set not being available until for example three years after the original set was purchased.

The system could be enhanced by making the DRMstick “smart” and enabling its chip to be updated over the internet, remotely disabled in case of theft of devices, etc. etc. The central administrative body would need a well designed setup to allow most actions and requirements to be executed by computers, with only the minimum human intervention, to reduce overheads.

Another feature could allow protected content to be copied to a device such as an external harddisk or a USB key and be played for a certain maximum period (such as 24 or 48 hours) without a DRMstick being required, which could be useful for presentations, parties, etc. The number of times this could be executed would need to be restricted to a specific number of times per timeframe in order to avoid abuse.

All the above details to be fine-tuned depending on eventual requirements.

If you like this idea and you work in a type of industry where this is relevant, I would be happy to discuss in more detail, answer questions or assist in other ways. For details and contact information please see the “About itimes3” page.

George Spark

Disclaimer: Any trademarks mentioned herein are the property of their respective owners.
All usage of this site is entirely at users risk.

Blog at
Entries and comments feeds.