1. Field of the Invention
The present invention relates to the communication of digital information, and more particularly, to methods and systems for encrypting digital information using a location integrity attribute.
2. Description of Related Art
Rapid advances in computer, telecommunications and networking technology have enabled an avalanche of new opportunities and applications that were impossible just a few years ago. These advances are exemplified by the explosive growth in popularity of the Internet. As known in the art, the Internet is an interconnection of computer networks that enables computers of all kinds to communicate with each other and share information. Companies, individuals, government agencies, charitable organizations, and academic centers, of all sizes, regularly use the Internet to share information, deliver services, and exchange a wide range of content. The Internet functions as a distributed network of systems that is neither controlled nor managed by any one entity. Physical and logical pathways that facilitate the exchange of information connect these networks to each other.
In spite of the tremendous value that this information access has brought to society, controlling the security of the information, including confidentiality, authenticity, integrity, unauthorized us, transaction secrecy, site protection, etc., remains a significant problem. The very openness of the Internet makes it very difficult to know for certain that information is protected. As a result, Internet users must make no assumption regarding the veracity or use of data they send or receive.
The root of this problem stems from the inherent construction of the Internet. The TCP/IP protocol on which the Internet is based has the simple objective of delivery of packets of information between any computers connected to the Internet, without dictating the route the data packets take through the network. Anyone with a computer and basic Internet software can connect to the Internet as a fully capable host and offer Internet services to other users. Information traversing the Internet passes through many computers along the way, and each computer can access the information. This problem will continue to get worse in the future as new networks attach to the Internet (e.g., cellular telephone, broadband cable, laser and microwave networks, etc.) and new types of information (e.g., audio, video, etc.) are disseminated.
Cryptographic systems that historically provide information security and access control have not kept pace with the growth of the Internet. In an encryption system, the sender converts the original data, or “plaintext,” into a coded equivalent called “ciphertext” using an encryption algorithm. The ciphertext may then be decoded (or decrypted) by the receiver and thereby turned back into plaintext. The encryption algorithm uses a key, which is a binary number that is typically from forty to one hundred twenty eight bits in length. The greater the number of bits in the key, the more possible key combinations and the longer it would take to break the code. The data is encrypted, or “locked,” by combining the bits in the key mathematically with the data bits. At the receiving end, the key is used to “unlock” the code and restore the original data.
Before the Internet, cryptography relied primarily upon private key systems in which both the sender and receiver use a secret key (also known as a symmetric key) to encrypt and decrypt the plaintext information. Security depended upon the sender and the recipient knowing the private key, and has proven adequate for governments and large corporations in securing their confidential information. Private key systems have worked less well in controlling access to the volumes of information traffic on the Internet, due primarily to the difficulty of distributing the secret key among users without risking its compromise.
An alternative to such private-key systems is public-key cryptography, which uses two keys known as a private and a public key. Each party has a private key that is kept secret and not shared, and a public key that is made publicly available. The public key is used to encrypt the plaintext information, and the private key is used to decrypt the ciphertext message. The private key may not be mathematically derived from the public key. The parties to a communication may exchange their public keys over an unsecured communication channel, such as the Internet, and thereafter use the public keys to encrypt their messages. The receivers then use the private key to decrypt the message. Nevertheless, drawbacks with public-key encryption remain. Public-key encryption is computationally intensive and therefore slow to use. By some estimates, public-key systems are typically one-thousand times slower than their private-key counterparts, rendering them impractical for audio and video systems where computationally intense compression/decompression must also be performed. The distribution of the public keys presents another problem, thereby spawning the growth of companies (e.g., Verisign, Inc.) that act as centralized registrars or signing authorities to access and validate public keys. In view of these disadvantages, public key encryption is used for only small portion of total Internet communications. For most such communications, the security problem is not deemed serious enough to warrant the inconvenience and cost of public key management.
One form of public-key cryptography that overcomes some of these disadvantages is PGP, which means “pretty good privacy.” PGP allows individuals to sign each other's key certificates, thereby eliminating reliance on centralized signing authorities. While PGP has achieved growing acceptance, it is still used for only a fraction of Internet traffic due to the difficulty of key distribution and management. Thus, widespread use of encryption on the Internet will only be widely accepted when it is implemented in a manner that appears transparent to the user.
Another important consideration for a communication system is the prevention of unauthorized copying of copyright-protected digital content. With conventional computing and communication systems, an unscrupulous individual can easily make and distribute an unlimited number of identical copies of a copyrighted work in digital form (e.g., music, literary works, photography, video, software, etc.). Moreover, commercially available file indexing services allow computer users to easily locate and access digital files on other user's computer systems, thereby greatly increasing the potential for widespread copyright piracy. One such service provided by Napster, Inc., of San Mateo, Calif., provides a file sharing application that works in conjunction with Napsters Web site to locate music files in the popular MP3 format residing on other computers currently logged onto the Internet. A similar service known as Gnutella provides a file sharing system that allows users to search for software and documents on the GnutellaNet, a loose federation of users and organizations that make a wide variety of information available to the world at large. Gnutella differs from Napster, which is geared to music files and provides a centralized listing, whereas the GnutellaNet is a peer-to-peer network that contains all kinds of files. While these file sharing systems also have a legitimate purpose in enabling users to share non-copyright-protected files, they are also widely used to obtain copyright-protected files in violation of copyright laws. The illicit use of these file sharing systems represents a serious threat to copyright owners.
Active policing of the Internet is not a viable solution for copyright holders. Such policing efforts are logistically difficult given the widespread and anonymous nature of Internet copyright piracy. In addition, the popular sentiment that information content exchanged on the Internet should be free makes large scale policing efforts very unattractive from a public relations standpoint. To address this problem, various digital rights management (DRM) systems have emerged for protecting the copyrights of digital content that is distributed by focusing on preventative measures. For example, a proposed DRM system for the recording industry known as the Secure Digital Music Initiative (SDMI) sets forth a set of rules for securely distributing digital music over the Internet. SDMI provides guidelines for developing compliant DRM systems, including a container format that software and hardware players must support in order to play back the material. Announced in February 1999, the SDMI is backed by the Recording Industry Association of America (RIM) and Sony, Warner, BMG, EMI and Universal, the top five music production companies.
Notwithstanding these efforts, DRM systems present at best an incomplete solution for a number of reasons. First, given the availability of pirated content on the Internet, it is far more convenient and inexpensive for a user to unlawfully download a digital file over the Internet than to purchase a legitimate copy of the material via conventional channels of trade. While the unlawfully obtained material may have reduced quality in comparison to the legitimate copy, the convenience and negligible cost often make up for this drawback. Second, most DRM technologies rely upon some form of encryption to protect the digital information. To be most effective, both parties to an encryption scheme must have a vested interest in maintaining the secrecy of the encrypted information. A legal purchaser of content has a right to view the content, but has no vested interest in ensuring that the secrecy afforded by encryption is maintained. For this reason, many DRM solutions utilize digital certificates or licenses that attempt to hide the decryption key from the user. In such systems, all copies of the content are encrypted in an identical manner, and the media player validates the user's right to display or play back the decrypted content. Since the encrypted content and decryption key are nevertheless accessible to the user albeit hidden, a sophisticated user may reverse engineer the DRM solution to strip away the encryption to thereby permit unimpeded copying and distribution of the decrypted content. Other less sophisticated ways of obtaining an unencrypted copy of the content are also available to unscrupulous users, such as videotaping each frame of a digital video data file as that content is legally displayed during playback.
Accordingly, it would be very desirable to provide a way to control the interchange of digital information that overcomes these and other drawbacks. More particularly, it would be desirable to provide an information interchange system and method that allows control over security and access to the information, and which prevents unauthorized copying of copyright-protected content.