An interest in the safe transmission and storage of data (collectively referred to as Managed/Secured File Transfer) is an interest shared by many sectors of industry. The secure transmission of data (i.e., digital content) representing music, movies, and documents containing, for example, financial and/or medical data is critical to the industries that rely on these forms of data. Some sectors of industry profit from the artistic expression inherent in this digital content, whereas other areas of industry profit from the facts and figures that this digital content represents. Digital content in the form of movies is responsible for an estimated six (6) percent of the Gross Domestic Product (GDP) of the United States. Digital content in representing financial and/or medical data can be even more valuable depending upon the manner (legal or illegal) in which it is used. For example, unsecured financial data can be used in furtherance of such illegal activities as insider trading.
Give the economic value associated with digital content, various legal regimes and technological apparatus and methods have been devised to protect this content during storage and/or transmission. For example, these legal regimes include copyright law (e.g., 17 USC et seq.), securities law (e.g., Sarbanes-Oxley Act (SOX)), and a host of other legal regimes (e.g., Health Insurance Portability and Accountability Act (HIPAA)).
Copyright law has been devised to provide an economic incentive for individuals to produce such things as the aforementioned music and movies by protecting these individuals' ownership rights in these artistic expressions. These protections also extend to cover other forms of digital content such as video games, computer code, pictures and other types of expressive works. Copyright law also provides various disincentives to prevent individuals from stealing or pirating these works. These disincentives come in the form of various types of criminal and civil liability associated with the illicit use or piracy of this digital content.
In general copyright owners have the right to reproduce digital content (i.e., make copies), the right to make derivative works, the right to distribute copies, the right to perform works publicly, and the right to display works publicly. These rights, however, are typically balanced against what are called the “Fair Use” rights of those individuals who purchase a license to these copyrighted works. Under the Doctrine of Fair Use, persons holding a license to a copyrighted work are free to, among other things, make copies of the work for personal, non-economic purposes. Often times, however, the law must seek a balance between the copyrights of a particular copyright owner, and the Fair Use rights of a licensee.
In addition to the above described legal regimes utilized to protect digital content, various technological apparatus and methods have been devised to protect this content. Typically, these apparatus and methods relate to various encryption techniques that are used to protect this digital content.
Encryption is the process of obscuring information to make it unreadable without special knowledge. While encryption has been used to protect communications for centuries, only organizations and individuals with an extraordinary need for secrecy have made use of it. Encryption protects information, such as digital content, by taking this content, known as plain text, and converting it into cipher text or encrypted text. The cipher text is typically generated using one of many mathematical algorithms (see, e.g., RSA (Rivest, Shamir and Adelman), DES (Data Encryption Standard), AES (Advanced Encryption Standard)). The process of converting the encrypted text back into plain text is known as decryption. Central to the encryption and decryption process is the use of various keys to encrypt and decrypt the digital content. These keys are typically mathematical values that are plugged into an algorithm and used to encrypt or decrypt digital content. Once a piece of digital content is encrypted it is, in a sense, encapsulated in a shell of numeric values that give the appearance that the digital content is in fact random and meaningless. Typically, this shell is made up of ASCII, Uni-code, or Binary values.
The algorithms used for encryption and decryption can be broken down into two flavors. Symmetric key algorithms, such as the above referenced DES and AES, use one secret or private key to encrypt and decrypt digital content. Asymmetric key algorithms, such as RSA, use two keys; a public and a private key, where the public key is used in encrypt digital content whereas the private key is used to decrypt digital content. These two approaches to encryption also vary in that systems employing an asymmetric key algorithm may use a third party (e.g., a key server) to verify the validity of a particular public key, whereas systems employing symmetric key algorithms do not use a third party verifier. Accordingly, systems employing an asymmetric system are known as a tethered systems, while systems employing a symmetric system are known as an un-tethered systems.
In some systems, a hybrid of symmetric and asymmetric encryption is employed, a system known as a Hybrid-Crypto system. Under this system, a piece of digital content may be encrypted using a symmetric key algorithm, which, in turn, is then encrypted using an asymmetric key algorithm. Alternatively, the public key may be used as a signature to verify the identity of the requestor of content.
A factor used in determining the strength or effectiveness a particular system of encryption is what is known as the key length (i.e., the key size). Specifically, the key size is the measure of the number of possible keys which can be used in a key algorithm. More to the point, the above described keys are typically in the form of a Binary value. The potential size of this Binary value will at one level dictate the effectiveness of the encryption system. The relationship between key-length size and the effectiveness of a system of encryption is better understood if one examines the various methods used to defeat a system of encryption.
Given the value of the digital content protected by the above described systems of encryption, various methods have been devised by unscrupulous persons to defeat the encryption protections afforded this digital content. The most basic method devised to defeat an encryption protection is known as a “Brute Force Attack.” In this form of attack, a party will try every possible key value in an attempt to eventually pick the correct key value. The success of such an attack is only limited by the computing power and computational complexity of the application used to engage in the attack. Put another way, the success or failure of a Brute Force Attack is proportional to the speed of the computer and application employed in the attack. Given the relationships between computing power, computational complexity and the success of a Brute Force Attack, very large key values (e.g., 128 bit or 2128 key values) are typically used to defeat a Brute Force Attack. Other types of attacks used against encrypted digital content can include “Chosen-Plain-Text Attacks” and “Known-Plain-Text Attacks,” just to name a few.
One problem that is common to the above referenced attacks is determining whether the characters revealed after engaging in an attack are the sought after plain text, or whether the characters are encrypted text. That is, when one, for example, gets back the value “the”, after mounting such an attack, is this actual plain text or is it encrypted text? This is particularly a problem for Chosen-Plain-Text Attacks and Known-Plain-Text Attacks where a comparison is made between a known plain text value and the encrypted text to measure the success of an attack. The success of such an attack is dependent on the ability of the person who is engaging in such an attack to have readily available the entire encrypted digital content that he/she is seeking to decrypt. Put another way, the success or failure of an attack typically can only be determined when the attack results are analyzed within the context of the entire piece of digital content.
One practical embodiment of these encryption techniques is Digital Rights Management (DRM) techniques and related software. Generically speaking DRM is an umbrella term referring to any of several technical methods used to control or restrict the use of digital content and media containing this content. For example, some DRM software and techniques restrict the ability of a licensee to copy a piece of digital content. And again, some DRM software and techniques prevent certain types of digital content (e.g., music or video) as embodied in a particular type of media (e.g., a CD or DVD) from being played on a particular type of device (e.g., a personal computer). As with the above described copyright regime, the challenge to DRM technology is to balance the copyrights of the author of an expressive work against the Fair Use rights of the licensee. Put another way, while it is technologically feasible to, for example, prevent someone from making a copy a piece of digital content, this technological ability should not be used to infringe on a licensee's right to make a copy for personal use (i.e., their Fair Use rights).
DRM systems are employed to protect digital content (e.g., music) that is distributed over computer networks, or online over the Internet. The susceptibility of, for example, digital content in the form of digital audio to unauthorized copying, and the ability to create perfect duplicates, raises the specter of even more significant losses to the music industry, and has been the single greatest factor in the music industry's reluctance to make music available for purchase over the Internet. Thus, a distribution system using a computer network must be demonstratively secure from a large variety of attacks, including those described above, and misuses in order to preserve the music owner's intellectual property rights, including copyrights.
At least three types of risks are present in the distribution of music over a computer network. First, there is a considerable security risk in simply maintaining digital content in a computer system connected to public networks such as the Internet for access by consumers. For example, in order to effectively enable purchasers to review and purchase digital content, the content distributor's computer system storing such content must be networked. However, given the commercial value of such digital content, whether audio data, video data, software, financial documents or the like, such sites would be likely targets of computer-based attacks. Further, the very presence of an online commerce system is itself an inducement to crackers to attempt to break the security controls of such a system and gain access thereto. Thus, an online distribution system for digital content must be secure from such direct attacks. Further, if the online distribution system is compromised, it is desirable that the underlying content itself be secure against unauthorized copying, distribution, display, etc.
Additionally, the protocols and transmission mechanisms by which an online digital-content distribution system delivers content to a legitimate purchaser must also be secure, to prevent unauthorized users from intercepting deliveries of the digital content over the network.
Finally, once the digital content has been delivered to a user, it must be made secure against unauthorized duplication by the user or by others.
These constraints on a digital-content distribution system are in conflict with many of the features consumers want in terms of flexibility and ease of use. In particular, with regard to the purchase of audio data, such as songs and related media (e.g., the lyrics, graphics, liner notes which typically accompany conventional retail forms of audio), consumers want to be able to sample audio products prior to purchasing. It is desirable for such an online music-distribution system then to provide some mechanism by which users can play limited portions of songs and view related media without having to purchase the song. In addition, a consumer should be able to pass on preview music to other potential new customers.
Purchasers of music in traditional forms such as CDs or cassettes are accustomed to simple, easy to use consumer devices, such as portable CD players or tape players. For the successful distribution of music over the Internet, the security requirements must not unduly interfere with consumers' ease of use of the system. A consumer should be able to purchase and play back audio easily and securely. However, the security measures, particularly the encryption mechanisms, should make the purchased audio unusable outside of the specific applications or devices designed to cooperate with the distribution or network system.
Consumers are accustomed to being able to play music purchases anywhere they can carry a CD and CD player. Consumers will expect similar portability when purchasing digital media over the Internet. Accordingly, a desirable online music distribution system should allow a consumer to play back purchased audio not merely on a single computer, but on any platform equipped with an appropriately licensed playback application or device and the licensee's personal identification. In short, a DRM system must be able to protect digital content and the rights of its authors, but at the same time allow for those who purchase such content to exercise their Fair Use rights.
The present invention addresses some of the above described problems. Specifically, it allows for an apparatus, system and method to securely encrypt digital content, but at the same time it allows for persons who use, or are licensees of this content to be able to exercise their Fair Use rights.