The explosion of the Internet has revolutionized the ways in which information is disseminated and shared. Users are no longer tied to the basic newspaper, television and radio distribution formats and their respective schedules to receive their written, auditory, or visual information. Likewise, users no longer need to obtain information or data stored in a so-called “hard” or physical format, such as on a compact disk (CD) or digital versatile disk (DVD). At any given time, massive amounts of information are exchanged electronically by millions of users worldwide using the Internet not only for communication but also for research, education, business, and entertainment. Information can now be downloaded, streamed or delivered directly to computer desktops, laptops, set-top boxes, entertainment units, personal digital assistants (“PDAs”), wireless telephones, digital music players, and other portable devices, providing virtually unlimited information access to users.
This information is often disseminated as digital content in the form of digital content “units” or files, such as audio, video, graphics, or multimedia files, that may be shared by users, devices, and networks. For example, users may now listen to audio broadcasts and live music concerts on various web sites or download and play audio files as desired. The audio files may be downloaded from digital content stores, which are basically repositories of digital content units available for user access. Often a per unit fee or subscription is charged for access to digital content units. Examples of digital content stores offering audio downloads and other multimedia services include the iTunes Music Store, operated by Apple Computer, Inc., of Cupertino, Calif., the Yahoo! Music Store, operated by Yahoo!, Inc., of Sunnyvale, Calif., the Napster™ web site operated by Napster, Inc., of Los Angeles, Calif., Rhapsody™, the Rhapsody™ music services operated by RealNetworks, Inc., of Seattle, Wash., and the eMusic web site, available from eMusic.com, Inc., of New York, N.Y., among others. Such digital content stores are now a staple of the Internet and have fundamentally altered the way digital content is distributed and enjoyed by users everywhere. The iTunes Music Store, for example, has already sold more than 1 billion audio files to users.
Likewise, digital content units may be transmitted across satellite, cable or wireless networks. Digital content units may be provided to televisions, radios and stereos, and so forth by various content providers. Digital content units may, in some cases, be stored locally by a user on a hard disk or other storage medium connected to a network. As one example, a digital video recorder may be connected to a satellite or cable network and store digital content units for later review.
The proliferation of digital content and the ease with which it is created, manipulated, copied, and distributed has led to new challenges for digital content creators, owners, and providers. Those having vested interests in the content have to be especially careful in determining the best means to effectively manage the distribution, use and monitoring of their digital content assets and protect them from piracy. Digital content assets are protected by copyright laws, but those laws merely punish, not necessarily prevent the unauthorized copy, manipulation and distribution of digital content.
To address this concern, content protection technologies have to be deployed. Content protection technologies are those technologies used to monitor and control access to digital content. For example, a digital content store such as the iTunes Music Store may deploy these technologies to ensure that digital content units obtained from its store will not be improperly resold, redistributed or copied by unauthorized users. When a user obtains one or more digital content units from a digital content store, the digital content units may be protected so that only the purchasing user is granted the right to access the digital content units. Content protection technologies employed by the digital content store can prevent the other user from accessing the digital content unit. For example, they can prevent the other user from listening to an audio file obtained by the purchasing user.
Content protection technologies typically use technical and legal mechanisms to protect digital content against unauthorized use. The technical mechanisms may involve cryptographic techniques for securing the digital content, rights thereto, and content distribution. They may also involve the use of “Digital Rights Management” (“DRM”) technologies for protecting the rights and interests in distributing or accessing the digital content. “Rights” may include, for example, the right to view the digital content unit, the right to make copies of the digital content unit, the right to redistribute the digital content unit, to publicly display the digital content unit, to modify or sample the digital content unit, to create derivative works of the digital content unit, and so forth. Essentially, “rights” as used herein may include one or more rights common under United States and foreign copyright law. Further, such rights may be restricted or unlimited. As yet another example, a right may be restricted as to the location in which the right may be exercised, the number of times the right may be exercised, to a particular timeframe in which the right may be exercised, the way in which the right may be exercised, and so on.
Cryptographic techniques apply mathematical and/or linguistic principles to secure a given digital content unit. A digital content unit may be encrypted prior to its distribution to a user, i.e., converted into an unreadable format, and decrypted to recover the digital content in its original form for the user to access. The encryption and decryption process may be controlled by the use of a key, which dictates how the unreadable format is produced and decoded. There are three broad types of cryptographic techniques available today for protecting digital content: secret key (or symmetric) techniques, public key (or asymmetric) techniques, and hash function techniques. (Although hash techniques are not cryptographic techniques per se, they are included herein for purposes of the following discussions.) These techniques may be used separately or in combination, such as in a public key/secret key hybrid technique or a key and hash technique. Such techniques may be layered, with credentials at one level protecting different credentials at another (lower) level. “Credentials” are elements or items used to access protected data, be it another credential or digital content. Keys are one example of credentials. As used herein, the term “key” is understood to have the broader meaning of a credential.
Secret key techniques involve the use of a single and secret key for both encryption and decryption. The secret key must be known to both the sender and the receiver, which may present a challenge in how the key itself is to be distributed and protected from others. Common secret key techniques include the Data Encryption Standard (“DES”) and its successor, the Advanced Encryption Standard (“AES”), among others.
Public key techniques involve the use of two keys—one for encryption and the other for decryption—that are generally mathematically related so that knowledge of one key does not allow the other key to be easily determined. One key is designated a public key and may be distributed and advertised to anyone while the other key is a private and secret key known only to its holder. One advantage of public key techniques is that they may be used to authenticate the sender of a digital content unit. For example, if Alice encrypts a digital content unit using her private key and sends the encrypted digital content unit to Bob, Bob may decrypt the encrypted digital content unit using only Alice's public key, confirming that Alice was the one who sent the encrypted digital content unit to Bob. Common public key techniques include the Public Key Cryptographic Standards (“PKCSs”) and the RSA algorithm, designed by RSA Security, Inc., of Bedford, Mass.
Hash techniques are one-way cryptographic techniques involving the generation of a mathematical function derived from the digital content in a given digital content unit, referred to as a hash function, that makes it difficult for the digital content to be recovered. These techniques are typically used to provide a measure of the integrity of a file, i.e., to verify whether a given digital content unit has been altered. Since two different digital content units typically do not generate the same hash function, knowing the hash function for a particular digital content permits comparison of the hashed content to the unhashed content. This, in turn, may give an indication of whether the digital content unit has been modified. Hash functions may be used together with secret key and public key techniques as a way to further ensure the integrity of a digital content unit. Common hash functions include the Message Digest (“MD”) algorithms such as MD2, MD5 and RIPEMD as well as the Secure Hash Algorithm (“SHA”).
An example of a common content protection technology relying on cryptographic techniques to protect digital content includes the Content Protection for Prerecorded Media (“CPPM”) technology for protecting digital content stored on prerecorded digital versatile disks (“DVD”). CPPM selectively encrypts disc sectors that can only be decrypted during playback by licensed products, such as DVD players. Critical information, e.g., decryption keys, required to unlock the digital content stored in the prerecorded DVDs is located in protected regions of the discs accessible only to the licensed products and under carefully regulated circumstances. Without these keys the encrypted digital content is unusable. Performing bit-for-bit duplication or simply copying files from the protected DVD to a writable DVD, hard drive or other storage medium is prohibited unless the DVD's key is known. Writable DVD products employ several safety safeguards to prevent valid decryption keys from ever being written to these discs. In addition, software for watching DVDs is generally “trusted,” such that it does not allow a user to watch an unauthorized copy of a DVD (i.e. one lacking the decryption key).
Additional examples of common content protection technologies relying on cryptographic techniques include the “Fairplay” scheme used by digital content stores, such as the iTunes Store. Digital content stores may use a hybrid of secret key and public key techniques to protect their digital content, or may employ multiple keys. They may also use hash techniques in combination with, say, a hybrid secret key/public key technique.
For example, in the Fairplay system, two keys are used to protect a digital content unit. When a user obtains a digital file from the iTunes Store (possibly through purchase), the user downloads an encrypted audio file that has been encrypted with a random key. The random key is stored in a header of the digital content unit; this header is encrypted with an encryption key specifically linked to the user. Thus, the user's key may be used to decrypt the header of the digital content unit and retrieve the random key, which may then decrypt the remainder of the digital content unit. In this manner, each digital content unit is randomly encoded throughout the majority of its length with a different random key. This makes it difficult for a third party who obtains copies of multiple digital content units associated with a single, legitimate user to guess or derive that legitimate user's personal key. This, in turn, may reduce the unauthorized copying and/or distribution of digital content units.
Because digital content files may be storage and bandwidth intensive, downloads of a digital content unit from a digital content store may take substantial time depending on the characteristics of the network and user demand for the digital content unit during the downloads. For example, a 6 gigabyte movie stored on a DVD may require multiple hours to download across a typical high-speed Internet connection. Users having access to an already legitimately-obtained copy of a given digital content unit, e.g., Bob in the example above having access to the audio file obtained by Alice, may be enticed to find a way to circumvent the content protection technologies and illegally copy without incurring the costs and download time required for purchasing their own copy from the digital content store. By contrast, copying one or more digital content units from a storage medium (including, for example, a CD, DVD, hard disk, flash memory, portable hard disk and so forth) directly to a second storage medium associated with a computer is typically much faster than downloading the same digital content unit(s) across a network connection. Likewise, digital content may be rapidly shared between computers across a wired or wireless local area network (LAN).
In addition to enhancing currently available content protection technologies to protect digital content units from illegal break-ins, it would also be desirable to provide users having access to already legitimately-obtained copies of digital content units a legal right to play, view, or manipulate those copies. Besides savings in download times (and potentially monetary costs) for those users having access to already legitimately-obtained copies, such measure may diminish desire to produce illegal copies of digital content units obtained from a digital content store.
There is therefore a need to provide systems and methods for granting users a legal right to own a copy of a digital content unit without having to obtain or download another copy of the same digital content unit from a digital content store.
There is yet a further need to provide systems and methods for decoupling the purchasing of rights in a copy of a digital content unit from the downloading of the digital content unit.