United States Patent [191
`
`[11] Patent Number:
`
`5,319,705
`
`U8005319705A
`
`
`
`
`
` Halter et a1. [45] Date of Patent: Jun. 7, 1994
`
`[75]
`
`[54] METHOD AND SYSTEM FOR MULTIMEDIA
`ACCESS CONTROL ENABLEMENT
`Inventors: Bernard J. Halter, Longmont, C010,;
`Alphonse M. Bracco, Reston, Va.;
`Donald B. Johnson, Manassas, Va.;
`An v, Le, Manassas, Va.; Stephen M.
`Matyas, ManassaS, Va.; Rostislaw
`Prymak, deceased, late of Dumfries,
`by Nancy Prymak, administrator;
`James D. Randall, Herndon, Va.;
`John D. Wilkins, Somerville, Va.
`International Business Machines
`Corporation, Armonk, N.Y.
`
`[73] Assignee:
`
`[21] APPI- N05 954,324
`[22] Filed:
`Oct. 21’ 1992
`
`Int. Cl.5 ............................................... H04L 9/00
`[51]
`[52] US. Cl. .......................................... 380/4; 38()/21;
`380/23; 380/25; 380/295 380/435 3388(0//4590
`_
`[58] Field Of Search ................... 380/4, 21, 23, 25, 29,
`380/43’ 49’ 50; 340/825'31’ 82534
`References Cited
`IJ.S. l>x\'rlarq'r I)()(:Ilhdlilq175
`
`[56]
`
`4,168,396 9/1979 Best ......................................... 380/4
`
`4,278,837 7/l98l Best .....
`380/4
`2/1984 Best .........
`4,433,207
`380/4
`
`5/1984 Thomas .......
`. 395/425
`4,446,519
`
`4,658,093 4/1987 Hellman ..........
`380/25
`......
`.. 380/25
`4,757,534
`7/1988 Matyas et a1.
`
`........................... 380/4
`4,937,863
`6/1990 Robert et a1.
`
`4,999,806 3/1991 Chernow et a1. ................... 380/4 X
`Primary Examiner—Bernarr E. Gregory
`Attorney, Agent, or Firm—John E. Hoel.
`
`ABSTRACT
`[57]
`A method and system are disclosed for securely distrib-
`uting a plurality of software files from a software distri-
`bution processor to a user processor, while selectively
`enabling the user processor to only use a subset of a
`lesser plurality of the software files. This is achieved by
`employing a customer key which includes a clear cus-
`tomer number and a derived portion derived from‘the
`customer number. The customer key is transformed into
`a second customer key which serves as a key expression
`for encrypting a file encryption key specifically in-
`tended for a respective one of the plurality of files. A
`plurality of software files can be stored together, for
`example on a CD-ROM, with each file encrypted under
`a corresponding file encryption key. The CD-ROM can
`be distributed to many user processors. When a specific
`user processor needs to run one of the software files, a
`request Will be transmitted from the User processor to
`the software distribution processor. In response to that
`request, an encrypted file encryption key specific for
`the requested file, will be transmitted to the user proces-
`sor. This will enable the user processor to decrypt only
`the requested file from the CD-ROM. All other files on
`the CD-ROM remain in their encrypted form and can-
`not be decrypted and used by the file encryption key
`received from the software distribution processor.
`
`21 Claims, 14 Drawing Sheets
`
`Software Distribution Processor
`
`10
`
`encrypted
`cryptographic
` encrypted
`subsystem
`
`
`file
`file
`
`distribution
`generation
`170
`
`
`means
`160
`means
`
`
`
`
`
`key
`key
`
`
`
`distribution
`generation
`
`
`
`means
`180
`means
`150
`
`
`
`User Processor
`
`key distribution
`
`
`medium
`31
`
`
`
`
`cryptographic
`key recovery
`
`
`
`Subsystem
`means
`250
`
`
`encrypted file
`
`distribution
`
`
`medium
`30
`
`
`
`file recovery
`
`
`means
`260
`
`
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`June 7, 1994
`
`Sheet 1 of 14
`
`5,319,705
`
`FIG /
`
`FIG. 2
`
`Software
`
`Distribution
`
`
`Processor 10
`
`Encrypted Multimedia Files
`
`Keys
`
`
`
`
`20
`
`
`’ User
`|
`
`Processor
`
`Software
`
`Distribution
`
`Processor 10
`
`Encrypted Multimedia Files
`
`Keys
`
`Third Party
`Merchant
`
`15.
`
`
`
`
`Encrypted Multimedia Files
`
`Keys
`
`User
`
`Processor
`
`20
`
`Pefifionerflqnfle-REX.1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`June 7,1994
`
`Sheet 2 of 14
`
`5,319,705
`
`
`
`
`
`0HLommmuoLmco_u=nwLumwomgngpom
`
`:owuznvgpmwu
`
`
`
`owfimcwwe
`
`me
`
`=o_umgm:mm
`
`
`
`omflmagma
`
`Amx
`
`covazawLumwu
`
`
`
`omfimcome
`
`kuazLucm
`
`m__$
`
`umuaxgucm
`
`w__¥
`
`cowumgmcmm
`
`
`
`oofimagma
`
`uwsamLmouazLu
`
`Emumxmazm
`
`m.Gfix
`
`
`
`m_whuuunzgucm
`
`cowu:a_Lumwc
`
`omE=_uma
`
`
`
`>Lm>oumgmpwh
`
`commzcma
`
`5535953.;
`
`S238:.
`
`LmemUOLQme:
`
`ommmzmus
`
`agm>ouwgAmx
`
`u?;amgm0ua>Lu
`
`Emumxmnzm
`
`Pefifionerflqnfle-REX.1019
`
`Petitioner Apple - Ex. 1019
`
`
`
`
`
`
`
`
`
`
`

`

`US. Patent
`
`June 7,1994
`
`Sheet 3 of 14
`
`5,319,705
`
`
`
`uLoumLuox,vgoumguxux.mpu.zu
`
`
`
`
`
`my
`
`«mamummemo
`
`
`ofiflm=o_gu:=m
`
`«muggammwa
`
`cLoumL-¥e¥
`
`
`
`mcwumgmcmo-zm¥Lam—9
`
`HNH__mymcHzmx
`
`mmuw>gmmHm<
`
`vLoqu-o¥
`
`mmfi
`
`NoH
`
`mamLmzmohexmums
`
`Lepwgmcmo2m
`
`
`
`
`
`oofiEwamzmnzmu_;qmgoouazLu
`
`
`
`ULoumL-o¥.mumu
`
`Amumuvoxm
`
`mmfi
`
`
`
`
`
`wiLm>gpwapgzLUCm
`
`modmamLO#m
`
`
`
`xmxLmummz
`
`
`
`
`
`
`
`ugoumg-o¥.ugoumg-¥u¥.mp0.20
`
`onv_uxm
`
`mmH
`
`
`
`xmxLmEoumzome_u
`
`_m:Lmu:~
`
`“Loquhwymums
`
`NHHmumxom
`
`MHHyou
`
`VHHmow
`
`mHHmumxum
`
`¥u>o
`
`a:
`
`%.bxk
`
`Pefifionerflqnfle-REX.1019
`
`Petitioner Apple - Ex. 1019
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`US. Patent
`
`June 7, 1994
`
`Sheet 4 of 14
`
`5,319,705
`
`F/G.5
` ——————_————‘
`
`KGKL
`
`KGKR
`
`KML + KGKLCV l
`
`KML + KGKRCV I
`
`KMR + KGKLCV I
`
`KMR + KGKRCV
`
`fl
`
`KML + KGKLCV a
`
`KML + KGKRCV a
`
`e*KM+C1(KGKL)
`
`_
`
`e*KM+C2(KGKR)
`
`Petitioner Apple - EX. 101,9
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`June 7, 1994
`
`Sheet 50f 14
`
`5,319,705
`
`FIG. 6
`
`KGKLCV:
`
`X'0055110003C00000'
`
`KGKRCV:
`
`X'0055110003A00000'
`
`KDCV:
`
`X'OOOO7DOOO3000OOO'
`
`Pefifionerflqnfle-REX.1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`U.S. Patent
`
`June 7, 1994
`
`Sheet 6 of 14
`
`5,319,705
`
`m(
`
`U
`4.)
`>5
`.5:
`
`OH
`
`U)
`<1)
`4.)
`>,
`.0
`
`O.
`
`—-I
`
`m
`(U
`.4.)
`>5
`.0
`
`LO
`.—1
`
`U)
`(U
`4—)
`>5
`.0
`.
`L0
`1—4
`
`Q)
`+4
`>,
`.0
`
`u—i
`
`Petitioner Apple - EX. 1019
`
`
`
`‘Ur—
`O.)
`-~
`H—
`>3
`(U
`.54
`
`'0
`Q)
`4-3
`D.
`>5
`5..
`
`UCC
`
`l)
`
`'C
`Q)
`>
`5—
`0.)
`Ln
`‘1)
`L
`
`-
`C3503
`ran—4
`.—--
`H—x
`
`.0
`‘0
`
`LO U
`
`Q)
`Q:
`
`>4
`L9
`5!
`
`.
`Q:
`\
`‘l
`
`Petitioner Apple - Ex. 1019
`
`

`

`I US. Patent
`
`June 7, 1994
`
`Sheet 7 of 14
`
`5,319,705
`
`F/G.8
`
`KD
`
`KML + KDCV .
`
`KMR + KDCV n
`
`KML + KDCV I
`
`e*KM¥C3(KD)
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`4m79
`
`m
`
`4
`
`5,319,705
`
`mm.%\K
`
`nugoummox
`
`s>QQ¥ax
`umagma0Hweeks9HmmgznOH
`um>memL w“>nH
`um>memLu_m_+Louum>_ogacouu_mw%xmxumugzLucm
`
`
`
`
`
`
`mm_e
`
`.mfi.x
`
`mmuxnma
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`June 7, 1994
`
`Sheet 9 of 14
`
`5,319,705
`
`If?/62.
`
`IZ7
`
`KD
`
`KCL' I
`
`a a
`
`e*KC'(KD)
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`June 7, 1994
`
`Sheet 10 of 14
`
`5,319,705
`
`xogo:\¥o
`
`ox
`
`Hmm
`
`
`
`x»_Lm>zmxLusoumzu
`
`
`
`Aaxv.uxm.U¥
`
`xoHo:\xo
`
`mmmNewmsumo
`
`
`
`>¥_Lm>zmxmums
`
`xmxmama
`
`
`
`AQXV.0¥m,Ux
`
`umo_mgaamxmama
`
`mmm
`
`eflmm:o_gu==u
`
`_mcgmu:H
`
`NHNmumxom
`
`\\“3K
`
`mmuw>gmmHm<
`
`
`
`oomEmumxmnsmuwsaMLuouazLu
`
`
`
`
`
`Amumuvoxm.AD¥V.U¥Q.Ux
`
`mama
`
`
`
`uazLumowumomfimmomxum
`
`oflm¥u>w
`
`Pefifionerflqnfle-REX.1019
`
`Petitioner Apple - Ex. 1019
`
`
`
`
`
`
`
`
`

`

`US. Patent
`
`June 7, 1994
`
`Sheet ll-of 14
`
`5,319,705
`
`Software Distribution Processor 10:
`
`User Processor 20:
`
`FIG. /2
`
`passphrase
`302
`
`
`clear
`KGK
`
`
`instaii
`121
`
`
`
`
`
`key
`generate
`124
`
`
`customer
`ciear
`customer key:
`
`
`customer
`KC
`key
`
`
`
`verify
`
`
`221
`
`
`
`
`KGK-record
`
`customer number
`counter
`
`KC
`
`
`
`
`
`
`e*KC'(KD)
`
`
`
`
`key
`Iibrary
`
`KC,
`
`
`encrypted KD:
`e*KCKKD)
`e*KC'(KD) key
`
`generate
`
`122
`
` V K
`
`D-record
`
`
`
`KC, e*KC'(KD)
`
`[:: KD-record
`
`
`data
`encrypt
`encrypted data:
`eKD(0,data)
`with
`
`verify
`
`123
`
`
`
`
`KC, e*KC'(KD)
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`mJ
`
`11
`
`m"
`
`an
`
`teeLuS
`
`11
`
`o.
`
`5,319,705
`
`4funBibs3.5-8E
`
`3.5cm3.533.5a33cc
`
`4m:H3.59.3.8.8
`
`
`Lotm0auxLesoumsugum
`
` mu.pmuuw
`
`mm.“a:H:newmm:7...
`IIIIIIIIaBI
`
`wincm3.5S3.5w3.53
`
`Pefifionerflqnfle-REX.1019
`
`
`
`xux«buLusoumau
`
`fim>cou L253:
`v:in;9mm
`uu>.Cwa398:3
`
`
`fix“3k
`
`
`
`"MHHfixuov>mxLmsoumzuuumgmcmu
`
`
`
`
`
`Petitioner Apple - Ex. 1019
`
`
`
`

`

`U.S. Patent
`
`June 7, 1994
`
`Sheet 13 of 14
`
`5,319,705
`
`first customer
`key
`
`FIG. ,4
`
`ciear
`cust no.
`
`derived from
`cust. no.
`
`clear
`cust no.
`
`derived from
`cust. no.
`
`
`
`350
`
`transformation
`function f 355
`
`second
`
`customer
`
`key
`
`ith file
`
`transformation
`function f 355
`
`'
`
`351
`
`
`
`
`encryption
`
`352
`means
`
`
`
`eKC2(KDi)
`
`decryption
`means
`353
`
`encrypting key
`
`KDi
`
`
`
`: encrypted
`eKC2(KDi)
`ith fiie encryption key
`
`31
`
`
`
`A plurality of fiies
`'
`
`FILEl
`FILE2
`
`FILEmax
`
`K01
`
`K02
`
`KDmax
`
`encryption
`means
`
`
`
`400
`
`decryption
`means
`354
`
`FILEi
`
`30
`
`A pluraiity of
`file encryption
`keys
`
`.
`
`.
`
`eKDl(FILE1)
`,
`eKDl(FILE2)
`
`eKDmax(FILEmax)
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`US. Patent
`
`June 7, 1994
`
`Sheet 14 of 14
`
`5,319,705
`
`FIG. /5
`
`Quantity
`
` Software
`
`
`
`
`200
`OS/2 2.0
`100
`05/2 2.0 ES (Extended Services)
`
`WordPerfect for 08/2
`500
`
`Program A
`50
`
`100
`Program 8
`
`
`
`
`
`FIG. /6
`
`Shrink-Wrapped Package
`
`500
`
`Stamped Medium 501
`
`Paper
`
`504
`.
`KC
`0009735124FF3A02
`
`052A899128C8F634
`
`BZ5071ADQC7FD3E6
`
`eKDi(Fi1e i)
`
`eKC'(KD)
`
`505
`
`503
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`1
`
`5,319,705
`
`METHOD AND SYSTEM FOR MULTIMEDIA
`ACCESS CONTROL ENABLEMENT
`
`DESCRIPTION
`1. Technical Field
`
`The invention disclosed broadly relates to data pro-
`cessing systems and methods and more particularly
`relates to cryptographic systems and methods for use in
`data processing systems to enhance security.
`2. Background Art
`The following patents and patent applications are
`related to this invention and are incorporated herein by
`reference:
`
`W. F. Ehrsam, et al., “Cryptographic Communica-
`tion and File Security Using Terminals,” US. Pat. No.
`4,386,234, issued May 31, 1983, assigned to IBM Corpo-
`ration and incorporated herein by reference.
`W. F. Ehrsam, et al., “Cryptographic File Security
`For Single Domain Networks,” US. Pat. No. 4,238,854,
`issued Dec. 9, 1980, assigned to IBM Corporation and
`incorporated herein by reference.
`W. F. Ehrsam, et al., “Cryptographic File Security
`For Multiple Domain Networks,” US. Pat. No.
`4,203,166, issued May 13, 1980, assigned to IBM Corpo-
`ration and incorporated herein by reference.
`R. M. Best, “Cryptographic Decoder for Computer
`Programs,” US. Pat. No. 4,433,207,
`issued Feb. 21,
`1984.
`
`R. M. Best, “Crypto Microprocessor that Executes
`Enciphered Programs,” US. Pat. No. 4,465,901, issued
`Aug. 14, 1984.
`Richard Johnstone., “Computer Software Security
`System,” US. Pat. No. 4,120,030, issued Oct. 10, 1978.
`S. M. Matyas, et al., “Code Protection Using Cryp-
`tography," US. Pat. No. 4,757,534, issued Jul. 12, 1988,
`assigned to IBM Corporation and incorporated herein
`by reference.
`B. Brachtl, et al., “Controlled Use of Cryptographic
`Keys Via Generating Stations Established Control Val-
`ues,” US. Pat. No. 4,850,017, issued Jul. 18, 1989, as-
`signed to IBM Corporation and incorporated herein by
`reference.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`S. M. Matyas, et al., “Secure Management of Keys
`Using Control Vectors,” US. Pat. No. 4,941,176, issued
`Jul. 10, 1990, assigned to IBM Corporation and incorpo-
`rated herein by reference.
`S. M. Matyas, et al., “Data Cryptography Operations
`Using Control Vectors,” US. Pat. No. 4,918,728, issued
`Apr. 17, 1990, assigned to IBM Corporation and incor-
`porated herein by reference.
`B. Brachtl, eta1., “Data Authentication Using Modi-
`fication Detection Codes Based on a Public One Way
`Encryption Function,” US. Pat. No. 4,908,861, issued
`Mar. 13, 1990, assigned to IBM Corporation and incor-
`porated herein by reference.
`A. S. Cutlip-Cohen, et al., “Data processing method
`to provide a generalized link from a reference point in
`an on-line book to an arbitrary multimedia object which
`can be dynamically updated”, Ser. No. 07/755,709, Sep.
`6, 1991, assigned to IBM Corporation and incorporated
`herein by reference.
`A digital data processing system contains three basic
`elements: a processor element, a memory element, and
`an input/output element. The memory element contains
`addressable software programs and data. The processor
`element fetches and processes information stored in the
`memory element. The input/output element, under
`
`45
`
`50
`
`55
`
`65
`
`2
`control of the processor element, communicates with
`the memory element, storing and retrieving information
`from the memory element. The input/output element
`itself can consist of several different types of units capa-
`ble of supporting multimedia applications, including a
`video display,
`light pen, sound synthesizer, micro-
`phone, keyboard, mouse, printer, and communication
`adapter enabling networking communications to take
`place.
`Generation and sales of multimedia programs and
`data represents a significant business opportunity for
`companies who sell computing equipment and for com-
`panies who sell multimedia programs and data alone. A
`multimedia application can consist of a multimedia han-
`dler program that supports the presentation of one or
`more multimedia objects, where each multimedia object
`may be a separate multimedia data file. Many different
`multimedia objects, or data files, can be linked into a
`single multimedia presentation, including both text and
`non-text objects. Non-text objects includes image ob-
`jects, graphics objects, formatted data objects, font
`objects, voice objects, video objects, and animation
`objects. The multimedia handler program provides
`generalized links to arbitrary multimedia objects, such
`that the multimedia objects or data files can be updated
`dynamically. Such dynamic update capability simplifies
`the creation of a new version or edition of the multime-
`dia presentation. The concept of a generalize link is
`described in
`IBM patent
`application Ser. No.
`07/755,709.
`Delivery of multimedia programs and data files
`(termed “software”) can be done in several ways. The
`software can be bundled and sold with the hardware. It
`can be sold as a separately-priced package,
`i.e., the
`software is distributed on a physical medium such as a
`diskette or tape. It can also be distributed to each cus-
`tomer or user processor from a central software distri-
`bution processor via telephone lines, TV-cable, satellite
`or radio broadcast. More recently, software vendors
`have expressed an interest in distributing software by
`using a stamped medium such as a Compact Disk Read
`Only Memory (CD-ROM) or an Optical Read Only
`Memory (OROM). A CD-ROM can hold about 600
`megabytes of data —- enough storage to hold several
`hundred program or data files. Such a distribution
`mechanism is particularly attractive, since production
`costs decrease significantly with higher volumes. How-
`ever, when software is distributed over an open channel
`(e.g., telephone lines, TV-cable, satellite or radio broad-
`cast) or via a high-density stamped medium (e.g., CD-
`ROM or OROM), much software is literally “put into
`the hands” of tens or hundreds of thousands of others
`who did not request the software and who have no need
`or wish to see the software, but who now have easy
`access to the software and who may be tempted to
`violate licence and copyright restrictions. The net ex-
`pected result of such violations is a loss of revenues to
`software authors, publishers, and vendors. Thus, the
`distribution of software over an open channel or via a
`high-density stamped medium creates a problem quite
`unique and different from the more traditional problem
`of unauthorized copying and use of software. Although
`this is not the problem addressed by the present inven-
`tion, it is nevertheless described herein in order to con-
`trast the present invention with more traditional soft-
`ware protection methods existing in the prior art.
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`3
`The prior art describes various systems for encipher-
`ing digital
`information to improve the security and
`privacy of data transmitted over communications net-
`works. Such data may be messages transmitted during a
`communication session between two encryption proces-
`sors or it may be data contained in a data file transmitted
`from a sending processor to a receiving processor. Such
`data files can contain executable program as well as
`pure data. Examples of file encryption systems can be
`found in U.S. Pat. Nos. 4,386,234, 4,238,854, and
`4,203,166 to Ehrsam et a]. In all cases, once an en-
`crypted file is decrypted the program or data con-
`tained in the file must be protected using more tradi~
`tional access control methods. However, such access
`control methods do not prevent one user from sharing
`decrypted programs and data with other users.
`The problem of unauthorized copying and use of
`program has been addressed by the prior art. U.S. Pat.
`No. 4,120,030 to Johnstone discloses a computer soft-
`ware security system wherein the data address portions
`of a set of computer instructions are scrambled in accor-
`dance with a predetermined cipher key before the in-
`structions are loaded into an instruction memory. The
`data involved in the program is loaded into a separate
`data memory at the addresses specified in the original,
`unscrambled program. An unscrambler circuit, which
`operates in accordance with the cipher key, is coupled
`in series with the data memory address input conduc-
`tors.
`
`U.S. Pat. No. 4,168,396 to Best discloses a micro-
`processor for executing computer programs which
`have been enciphered during manufacture to deter the
`execution of the programs in unauthorized computers.
`U.S. Pat. No. 4,278,837 to Best discloses a crypto-
`microprocessor chip that uses a unique cipher key or
`tables for deciphering a program so that a program that
`can be executed in one chip cannot be run in any other
`microprocessor. U.S. Pat. No. 4,433,207 to Best dis-
`closes an integrated circuit decoder for providing micro
`computer users with access to several proprietary pro-
`grams that have been distributed to users in cipher. The
`decoder chip can decipher a program when an enci-
`phered key called a “permit code” is presented to the
`decoder chip.
`U.S. Pat. No. 4,446,519 to Thomas discloses a method
`for providing security for computer software by pro-
`viding each purchaser of a software package with an
`electronic security device which must be operatively
`connected to the purchaser’s computer. The software
`sends coded interrogation signals to the electronic secu-
`rity device which processes the interrogation signals
`and transmits coded response signals to the software.
`The programs will not be executed unless the software
`recognizes the response signals according to prese-
`lected security criteria.
`U.S. Pat. No. 4,757,534 to Matyas, et al., discloses a
`cryptographic method for discouraging the copying
`and sharing of purchased software programs while al-
`lowing an encrypted program to be run on only a desig-
`nated computer or, alternatively, to be run on any com-
`puter but only by the user possessing a designated smart
`card. Each program offering sold by the software ven-
`dor is encrypted with a unique file key and then written
`on a diskette. A user who purchases a diskette having
`written thereon an encrypted program must first obtain
`a secret password from the software vendor. This pass-
`word will allow the encrypted program to be recovered
`at a prescribed, designated computer having a properly
`
`10
`
`15
`
`25
`
`35
`
`45
`
`55
`
`65
`
`5,319,705
`
`4
`implemented and initialized encryption feature. The
`encryption feature decrypts the file key of the program
`from the password, and when the encrypted program is
`loaded at the proper computer, the program or a por-
`tion of it is automatically decrypted and written into a
`protected memory from which it can only be executed
`and not accessed for non-execution purposes.
`As the reader will see from the cited prior art, the
`traditional problem of unauthorized copying and use of
`programshasbeentomakeithard,orinsomecases
`difficult, to copy part or all of the program once it has
`been decrypted within the secure cryptographic proces-
`sor. This can be done by executing the program on the
`decryption chip itself or by transferring the decrypted
`program, or a designated portion of the decrypted pro-
`gram, from the secure cryptographic processor to a
`protected memory it is executed. Problems associated
`with software distribution over an open channel or
`using high-density stamped media are overlooked or
`neglected.
`OBJECTS OF THE INVENTION
`
`It is therefore an object of the invention to provide an
`improved method of multimedia software distribution
`over an open channel or using high-density stamped
`media.
`It is another object of the invention to provide a
`cryptographic method for the protection of multimedia
`program and data files distributed over an open channel
`or using high-density stamped media.
`It is another object of the invention to provide a
`means for controlling access to multimedia programs
`and data files distributed over an open channel or using
`high-density stamped media so that an authorized user
`can access (i.e., decrypt and recover) files he/she has
`purchased and licensed but an unauthorized user cannot
`access (i.e., decrypt and recover) files he/she has not
`purchased and licensed.
`It is another object of the invention to provide a
`means for using cryptographic keys — consisting of
`customer and data keys — to control access to en-
`crypted multimedia files.
`It is another object of the invention to provide a
`means for associating and tracing a customer key to a
`particular customer or user, thereby discouraging users
`from sharing keys or posting them on a computer bulle-
`tin board.
`It is another object of the invention to provide a
`means for tracing customer keys to customers by assign-
`ing a unique customer number to each customer and by
`making the customer number a sub-portion of the clear
`customer key.
`It is another object of the invention to provide a
`means whereby encrypted multimedia files cannot be
`decrypted except at a user processor with a capability
`for multimedia file recovery, as specified by the inven-
`tion. That is, an encrypted file and the keys needed for
`decrypting the file are not, by themselves, enough to
`decrypt the file.
`‘
`It is another object of the invention to provide a
`multimedia file recovery procedure that makes use of a
`copyright-protected function which is new and unique
`to the file recovery procedure (i.e., the function does
`not exist in any book or printed literature to which a
`user can easily be directed), which is complex (i.e., one
`cannot easily provide a written description of the func-
`tion except by directly copying it), and which is of
`modest size (i.e., if the function is copied, and possibly
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`5
`posted on a computer bulletin board, it will be conspicu-
`ous because of its size).
`It is another object of the invention to provide a
`means for cryptographic keys to be self-authenticating
`based on authentication information stored within the
`keys themselves. This will help to minimize cases of
`incorrectly initialized keys and incorrectly decrypted
`files.
`
`It is another object of the invention to provide a key
`management scheme that supports software distribution
`from both a central software distribution facility and
`from merchants who contract with the software vendor
`and receive the necessary pre-calculated keys to be
`given to customers who purchase multimedia software.
`SUMMARY OF THE INVENTION
`
`These and other objects, features, and advantages are
`accomplished by the invention disclosed herein.
`Unlike much of the prior art, the present invention
`does not solve, or attempt to solve, the traditional prob-
`lem of unauthorized copying and use of programs. That
`is, the invention does not solve the problem of copying
`software once it has been received and decrypted at a
`user processor. An assumption is made that ordinary
`software licences and copyright protection law are
`sufficient to deter such unauthorized copying and use of
`programs once they have been received and decrypted.
`Instead,
`the invention describes a cryptographic
`means for protecting software distributed over an open
`channel or via a high-density stamped medium. For
`software files purchased by a user, the method provides
`an easy means to decrypt and recover the software files
`at a user processor. The method is based on the use of
`encryption keys issued to the user by the software distri-
`bution processor. These encryption keys, when initial-
`ized in the user processor, enable file recovery to take
`place. The method is also such that it is difficult for a
`user to circumvent security and decrypt an encrypted
`file without possessing a customer-unique key (called a
`customer key) and without possessing the correct en-
`crypted file key needed to “unlock” or decrypt the
`encrypted file.
`Each multimedia file is encrypted with a secret data
`key (KD). The same data key can encrypt multiple files
`if there is some logical association of the files (e.g., files
`are grouped and sold as a unit).
`The encrypted files are distributed over an open
`channel or via high-density stamped media. Those
`skilled in the art will recognize that the invention is not
`limited to only these two methods of software distribu-
`tion, but that the invention is aimed at solving a problem
`particular to these two methods of software distribu-
`tion.
`Each customer who purchases multimedia software is
`given a unique customer key. The customer key con-
`tains a customer-unique customer number, which is
`assigned and provided to the customer using means
`outside the scope of the present invention. The inven-
`tion permits multiple customer numbers and customer
`keys to be provided to a single customer. For example,
`a large customer like General Motors may have many
`customer numbers, so that software orders can be
`placed by many groups or areas within a single large
`corporation or business.
`When a customer purchases multimedia software
`from a software distribution facility, the customer pro-
`vides his/her customer number. The customer key is
`produced from a set of variables consisting of an as-
`
`5
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`65
`
`5,319,705
`
`6
`'signed customer number, a counter (arbitrarily set to
`zero), and a secret key-generating key (KGK) known
`only to the software distribution center. A special copy-
`right-protected function (f) is then used to derive a
`variant customer key (KC') from the customer key. The
`data key(s) associated with the multimedia file(s) pur-
`chased by the customer are then encrypted with the
`variant customer key. The clear customer key and the
`encrypted file key(s) are provided to the customer (e.g.,
`transmitted electronically from the software distribu-
`tion processor to the user processor, written on a dis-
`kette and mailed to the customer, or orally transmitted
`over a telephone). At the user processor, the keys and
`encrypted file(s) are initialized and made available to
`the file recovery program. The file recovery program
`decrypts and recovers the file(s). When a customer
`purchases additional software, he/she will receive one
`or more encrypted data keys to permit the encrypted
`files to be recovered. As the clear customer key will be
`the same as before, a clear customer key may or may not
`be provided. The system will be able to recover the
`previously entered customer key to avoid having the
`user being required to re-enter it. Altemately, the user
`can enter it, as desired.
`When software is purchased from an independent
`merchant, the customer will receive a pre-generated
`customer key issued in advance to the merchant. The
`pre-generated customer keys are supplied to the mer-
`chant by the software distribution center (e.g., IBM
`software distribution center). For example, a merchant
`who orders 200 08/2 licenses would receive 200 CD-
`ROMs and 200 shrink-wrapped license packets. Each
`license packet would have a sheet of paper with a cus-
`tomer key printed on it. The customer keys given to
`each merchant are produced from a set of variables
`consisting of an assigned customer number given to the
`merchant, an incrementing counter associated with the
`merchant, and a secret key-generating key. When the
`keys are generated for a merchant, the counter is incre-
`mented for each license issued and thus, the merchant
`would receive 200 different customer keys. In this case,
`the software distribution center must only keep track of
`the number of keys issued to each merchant. The mer-
`chant’s customer number, at the front of the customer
`key, would be the same for each generated key.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`These and other objects, features, and advantages of
`the invention will be more fully appreciated with refer-
`ence to the accompanying figures.
`FIG. 1 is a block diagram illustrating multimedia
`software distribution from a software distribution pro-
`cessor to a user processor.
`FIG. 2 is a block diagram illustrating multimedia
`software distribution from a software distribution pro-
`cessor to a merchant processor and from the merchant
`processor to a user processor.
`FIG. 3 is a block diagram further amplifying and
`illustrating multimedia software distribution from a
`software distribution processor belonging to a software
`vendor to a user processor belonging to a user.
`FIG. 4 is a block diagram illustration of crypto-
`graphic subsystem 100 at software distribution proces-
`sor 10.
`FIG. 5 is a block diagram illustration of the method
`for encrypting a key-generating key using a variant key
`produced from the master key KM and a control vector
`associated with the key-generating key.
`
`Petitioner Apple - EX. 1019
`
`Petitioner Apple - Ex. 1019
`
`

`

`7
`FIG. 6 contains a specification for the control vectors
`KGKLCV and KGKRCV associated with the left and
`
`right 64‘bit parts of key-generating key KGK.
`FIG. 7 is a block diagram illustration of a KGK re-
`cord.
`
`5
`
`FIG. 8 is a block diagram illustration of the method
`for encrypting a data key using a variant key produced
`from the master key KM and a control vector associ-
`ated with the data key.
`FIG. 9 is a block diagram illustration of a KD-record.
`FIG. 10 is a block diagram illustration of the method
`for encrypting a data key with a variant customer key
`KC’.
`
`FIG. 11 is a block diagram illustration of crypto-
`graphic subsystem 200 at user processor 20.
`FIG. 12 is a block diagram illustration of the se-
`quence of API-callable services that must be performed
`to accomplish software distribution from software dis-
`tribution center 10 to user processor 20.
`FIG. 13 is a block diagram illustration of the process
`for producing a customer key with the Generate Cus-
`tomer Key (GCK) internal function 113 available in
`cryptographic subsystem 100 of software distribution
`processor 10, as shown in FIG. 4.
`FIG. 14 is a block diagram illustration of software
`distribution from a software distribution processor 10 to
`a user processor 20.
`FIG. 15 is an example list of software to be purchased
`from a software vendor.
`
`FIG. 16 is an illustration of a shrink wrapped package
`containing a stamped medium and a piece of paper on
`which is printed a clear customer key KC and an en-
`crypted ith file key e‘KC’(KDi), where RC is the vari-
`ant customer key produced from KC.
`DESCRIPTION OF THE BEST MODE FOR
`CARRYING OUT THE INVENTION
`
`The invention describes a method for multimedia
`
`software distribution in situations where a user pur-
`chases software directly from a software vendor or
`where a user purchases software from an independent
`merchant who purchases the software from a software
`vendor.
`FIG. 1 is a block diagram illustrating multimedia
`software distribution from a software distribution pro-
`cessor 10 belonging to a software vendor such as IBM
`to a user processor 20 belonging to a user. The pur-
`chased/licensed multimedia software is distributed as
`one or more encrypted multimedia files and a set of
`cryptographic keys that permit the encrypted multime-
`dia files to be decrypted and recovered at the user pro
`cessor.
`
`FIG. 2 is a block diagram illustrating multimedia
`software distribution from a software distribution pro-
`cessor 10 belonging to a software vendor to a third
`party merchant 15 and thence from the third party
`merchant 15 to a user processor 20 belonging to a user.
`In this case, the merchant purchases software from the
`software vendor at a wholesale price for subsequent
`re-sale to users at a retail price. The merchant is a cus-
`tomer of the software vendor and the user is a customer
`of the merchant.
`FIG. 3 is a block diagram further amplifying and
`illustrating multimedia software distribution from a
`software distribution processor 10 belonging to a soft-
`ware vendor (e.g., IBM) to a user processor 20 belong-
`ing to a user. The multimedia programs and files distrib-
`uted via this method shall be referred to as files or multi-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`65
`
`5,319,705
`
`media files. Software distribution processor 10 contains
`a cryptographic subsystem 100 for performing data
`encryption and other key management services, a key
`generation means 150 for generating keys, an encrypted
`file generation means 160 for encrypting files, a