Вы находитесь на странице: 1из 18
'US00893462482 2) United States Patent (10) Patent No: US 8,934,624 B2 Zweig et al. (45) Date of Patent: Jan. 13, 2015 (51) DECOUPLING RIGHTS IN A DIGITAL (68) Field of Classification Search CONTENT UNIT FROM DOWNLOAD cre GOGF 24/10; G06 2221/2137; Gok 2221/2149: HO4L 91088; HOM. 9/3297 (5) Inventors: Jonathan M. Zig, Cupertino, CA Host, 63/10; HOM 2094603; HOME 2463/10 (US) James 1. Woodyatt, San sec 38028, 44 Francisco, CA (US) See application ie for complete search history. 66) Referenees Cited (73) Assignoe: Apple Ine., Cupertino, CA (US) US. PATENT DOCUMENTS (9) Notice: Subject to any diselaimer the term of this pateat is extended or adjusted under 35 5892.900 841999 Ginter a USC. 154(b) by 0 days 6574600 BL 62003 Downs eta : SOs0971 BLY 12005 Hurtado ea nisiso (21) Appl. Nos 187938,080 Comtinved) (22) Filed: Dee, 27,2011 FOREIGN PATENT DOCUMENTS ws) Prior Publication Data ep 2oose74 1/2007 Wo woousoo) = 122001 US 2012002755921 Nov. 1, 2012 WO WORTH 11 2007 (OTHER PUBLICATIONS Related Application Data Portions of proscution history of US. App No. 1397.49, Au. + i 25,2011, Zig, Jonathan Met (63) Continuation of application No, 11/397,149, filed on Apr. 4, 20065, now Pat, No, 8,086,535 Continved) Primary Examiner — Harunut Rashid (1) Inc aacare (2006.01) (74) Attornes, Agent or Firm — Adsl LLP 6060 2038 (201201) 7) ABSTRACT. Goor 2110 (201301) - earner comet) ‘Systems and methods for enabling a user to obtain rights in a a4 leoneaiy legitimate copy of adigital content unit without downloading OAL 932 00601) the copy from digital content store are provided, The sy tems and methods provide an encrypted copy of a digital ‘cone unit oa first user and transerip the enerypted copy to ‘zencrite the legitimate copy toa second wer. The encrypted copy is enerypted with a fist encrypt key that may be ass0- ciated withthe frst user and the legitimate copy is encrypted ‘with a socond enerypt key that may be associated with the sovond user, (2 6060 20/382 (2013.01), GO6F 21/10 (2013.01); Mad 63/10 2013.01); Hod. 9088 (2013.01); Hose 9297 (2013.01); Gob 21/2137 2013.01); GO6F 2221/2149 (2013.01); HodL,2463/101 (2013.01), HOdL 2209/603 (2013.01) 380/285; 380144 14 Claims, 5 Drawing Sheets US 8,934,624 B2 Page 2 66) References Cited 20070083680 ALS 22007 Foxst a sss9 eopouesens Als 3007 Hsu al mine US. PATENT DOCUMENTS ours: Al 102007 Pweigeta Zpowoianed Ale “Gale frontal r1193 fo oopoowsors ALS 22009 Ginetta asst Seerso0 Bie 62006 Halal vi 2oHaDIO66se AL 42010 Ste ea 408/310 72is00s 2” Same Mound ea 7,249,107 B2 7/2007 Yaacovi OTHER PUBLICATIONS FSH0509 BL G20 Nicolet see Ba ern Poston of rsecuonhisry of US. App-No, 1580701 a1 2oostorssse A Some oss) 2012 Zsa Jonathan M. ct a. 3ovoissoet A Giang 70S Inert Search Rep and Writen Opinion fr FCDUS207 3ooevoent A Santa FASTA Gosrrls De 21,2007 ming at), A, 20040196972 Al | 10/2004 Zhu et a. International Preliminary Report on Patentability for PCT/UIS2007) BoowOR6EISI AI 122008 Robhincal ..... 99995999 rT Oct 2008 (sun de), Ap Ins ons ogeds4e ALS 3.2005 Karuoguz tal ASS4L1 Portions of prosecution history of EP O781 1836, Nov. 30, 2012 Joosoosit’s AI? ams Ake ost Potion ef pomcutcn oosorrris Als 200s Onall dal ist oosoatst Al> 32004 Spovopsios a." ssu aK Ube potion ef prosecution history of EP 0711836, Os. 2 3oosooks7ol AI 123005 Mocarhy el E13 tng dat) Apt ne Ioooostees Al ‘i300 Lever Sowor7sss Al* $3006 Mamie ca 7081 *ited by examiner US 8,934,624 B2 Sheet 1 of 5 Jan. 13, 2015 U.S, Patent ; wun wa wn _ quajuog que0g| |yuequ0g, sob ost gz 6 reyBia | | rev cn Ss on | sor / 008 aug UOMION, quaquog [e610 oynqusiq yue}U0D —$<— gu szb US 8,934,624 B2 Sheet 2 of 5 Jan. 13, 2015 U.S, Patent 2) Senate yuequod |e}! a wun querUog jeyBia one yromyon e0ined quejuog [eu6IG > seni qu9]U09 4987 or weIsfg 1887) quaquog [eu610 soz US 8,934,624 B2 Sheet 3 of 5 Jan. 13, 2015 U.S, Patent ee | [ {yun yua}uCo 1e1/5Ip uy poyuaseudes juaju09 jeNbip sseo0e 0} Jesn 10} Jasn ym payeroosse fey 6409p yj yun queyuco jexBip peydKioue aig sidAu08p 2o|x9p JOSN Ul WaySAs sesn uETLHOO eI5IO | ‘@o|Aap 498M OF YUN ATWO feH!6ID pardA1ous speojumop ses7) in queyUCO (ayBip poydAioue aresau88 oy ydAs9u8 Bursa yun yueyuos sidKioua axoys 3u91u00 eBid | —~ gj eo [~aiois weyuco jey6ip woy yun 1uoqU00 jeyIp seseyoind Josn US 8,934,624 B2 Sheet 4 of 5 Jan. 13, 2015 U.S, Patent | yo] peyoepe Jepeey peydAoueun enbiun eu) yy yun . {uoquoo jey6ip paydéous ey) vOld Pe ¥ wa yesn up Um payeposse Kay on yd{uoue ue pue sopeey —EEe ‘aly uo paseq fay yduoUS YUN WAyUCO [eUBIp Ut tue Bujsn yun yusquco jeyGip ee pejyeseides juaquco jey/Bip sse00e ‘yj sydAuoue 2107s ywe}UCO [e151 0 48n 40} Koy ydKsep poyesoueb ym oe yun quajuoo jeyBip paydisous ay sjdéuoep eoInap Jasn U WAYSAS Jen JUEWUCO jeV61q str wun iuna} ] * JeuBip 24) 104 1epeay onbyun 9]8010 21038 yUOqUCD (ey. er {yun ju9ju09 [ebip paydiioue ou ydAsOep 0} “ Jesn uy) Yim payejaosse Aay ydAtoep & PUE fi sepeey exp vo pase fy 998 SINE Ps ‘ioqs uEHUGD [eYbIp wo YUN ‘o|nap 498 Ul WAYSAS 198M YUATUCD | e Racers cee quejuoo reybip soseyoind 4087) ‘10}8 WwayUOO [EYBIp wos Wun quequce jey6ip syojes ssp) [—~_ on é 7 peIS cor US 8,934,624 B2 Sheet 5 of 5 Jan. 13, 2015 U.S, Patent S$ ‘Sid oes ‘o}u8 0} g 488M 104 yun WuEHUCS 1ey6Ip 40 Kdoo eyeunye] ayes0406 oF g Jo sn yum payerosse Key 1dk10Ue ym kdoo paydAsouaun s\dKioue-a eoinap g sasn u) waysAs 4esn jUe}U0D jeN6IG ‘ex \dkioap sreudaidde ‘yun Adoo ydAsoep 0} 21038 Ue]U00 warsés uonnquisip yuayuoo jeyDip a4) yA sajeorUNWILH ‘201nap gJ9SN UI WE}SAS JaSN JU9TU0D 100 02g fl [ ‘y esn Aq pepeojumop In yUoU0D jeyBIp peyduoue 14} 30 Adoo sasseace g 19S") aa aT ‘Adoo oy) ul peywesaides ueyUoo S898 0} 2i0}8 yUsIUOD [ENGI BU Woy sis uojssiuuied peyues6 si pue sysenba1 g ses7) og 70 € “Ola Ul payeasnyy sdays 0} Buypioage @10}s ju=yUO0 \ey6Ip wo4s UN yuEyUC jeHBIP peydAtoue speojumop y Jes) vais mh, US 8,934,624 B2 1 DECOUPLING RIGHTS IN A DIGITAL CONTENT UNIT FROM DOWNLOAD, (CROSS-REPERENCE TO RELATED "APPLICATIONS, ‘This application is @ continuation patent application of US. patent application Ser. No. 11/397, 149, fled Apr. 4, 2006, now issued as US. Pat. No. 8086.58, and titled “Decoupling Rights in Digital Content Unit from Downe load the disclosure of which shereby incorporated herein in FIELD OF THE INVENTION ‘The present invention relates generally to digital content protection and, more paniculrly, 10 erypiographie tech- higues for obtaining a right in a legitimate copy of a digital ‘content unit withont downloading the copy. BACKGROUND ‘The explosion ofthe Intemet has revolutionized the ways Jn hich nformations disseminated and shared. Users reno Jonger tied tothe basic newspaper, television and radio dis- 2 tebution formats and their respective schedules to receive their written, auditory, or visual information, Likewise, users no longer need to obtain information or data stoned in & so-called “hard” or physical forma, such as on @ compact «disk (CD) oF digital versatile disk (DVD), Atany given time, ‘massiveamouns of information are exchanged electronically by millions of users worldwide using the Interet not only for ‘communication but also for research, education, business, ‘and entertainment, Information can now be downloaded, streamed or delivered directly to computer desktops laptops set-cop boxes, entertainment units, personal digital assistants CPDAS", wireless telephones, digital music players and ‘ther portable devices, providing virally unlimited infor: Tis information isoften disseminated as digital content in the form of digital content “units” or files, such as aud. video, graphics, or multimedia files, that may’ be shared hy users, devices, and networks. For example, users may now listen wo audio broadcasts and live music concerts on various web sites or dawnload and play audio files as desired. The audio files may be dowloaded from digital content stores, Which are hasiealy repositories of digital content units avai able for user access. Often a per unit fee or subscription is ‘charged for accesso digital content units, Pxamples of digi tal content stores offering auto downloads and other mali media service include the iTuies Musie Store, operated by Apple Computer. Ine.,of Cupertino, Cait, the Yahoo! Music Store, operated by Yahoo!, Inc. of Sunayvale, Calif, dhe Napster! wo site operated by Napster, Ine.,of Los Angeles, Cali, Rhapsoay™, the Rhapsody™ music services operated by RealNetworks, ne, of Seal, Wash. and theeMusie web site, avilable from eMusic.com, Inc. of New York, N.Y. among others. Such digital content stores are now a staple of the Internet and have fundamentally altered the way digital ‘content is distributed and enjoyed by users everywhere. The ‘Tunes Musie Store, for example, has already sold more than 1 Billion audio files to users. Likewise, digital content units may be teansmited across satelite, cable or wireless networks. Digital content units may’ be provided t0 televisions, radios and stereos, and 0 {orth by various content providers. Digital content units may, Jn some cases, be stored locally by @ user on a hard disk of 0 o 2 ther storge medium comected to @ network. AS one cxample, a digital video reconder may be connected to a stele or cable network and store digital content units for Jater review. ‘The proliferation of digital content andthe ease wth whieh itis created, manipulated, copied, and distributed has led to ‘ew challenges for digital content creators, owners, and pro- viders, Those having vested interest inthe content have to be specially careful in determining the best means weflectively ‘manage the distribution, use and monitoring of ther digital jeontent assets and protect them from pirwey, Digital content assets are protected by copyright laws, but those laws merely punish, not necessarily prevent the unauthorized copy, ‘aniplation and distribution of digital coatent. To addess this concer, content protection technologies hae to be deployed. Content protection technologies are those technologies used to monitor and control access 10 digital content. For example, a digital content store such as the iTunes Musie Store may deploy these technologies 10 censure that digital content units obtained from is store will ‘ot be improperly resold, redistributed oreopied by unauthe- rod users, When a user obiains one of more digital content ‘units roma digital content store, thedigial content units may be protected so that only the purchasing user is granted the right to aceess the digital content units. Content protection technologies employed by the digital content store can pre- vent te other usr from accessing te digital content unit. For ‘example, they can prevent the other user from listening (oan tdi ile obtained by the purchasing user. Content provetion technologies typically use technical and logal mechanisms to protect digital conten aginst unat- thorized use, The technical mechanisms may involve erypto- araphic techniques for securing the digital content, rights thereto, and content distribution. They may also involve the vse of “Digital Rights Management” (~DRM") technologies orprotecting the rights and interests in distributing oraecess- ing the digital content. “Rights” may include, for example, te right fo view the digital content unit, the right to make copies ofthe digital content unit, the right to redistribute the ital content unit, to publily display the digital content ‘unit, to modify or sample the digital content unit, to create Serivative works of the digital content unit, and so forth Essentially, “rights” as used herein may include one or more rights common under United States and foreign copyright Jaw. Further, such ighismay be stricted or unlimited. Asyet nother example, a right may be restricted as to the location in ‘whieh the right may be exercised, the number of times the right may be exeresed, toa particular timeframe in which the ight may be exercised, the way in which the right may be exercised, and so on, Cryptographic techniques apply mathematical andor lin: auistic principles to secure a given digital content unit. A gta content unit may be encrypted prior tits distribution to-a wer, je, converted into an unreadable format, and decrypted to recover the digital eontent in tsoriginal form for the iser to aocess, The encryption and decryption process may be controlled bythe use ofa key, which dictates how the ‘unreadable format is produced and decoded. There are three broad types of eryptograpic techniques available today for protecting digital content: secret key (or symmetrie) tech- higues, public key (or asymmetric) techniques, and sh function techniques. (Although hash technigaes are not eryp- ‘ographic techniques per se, they are included herein for purposes of the following discussions.) These techniques ‘may he used separately or in combination, such as ina public kreyisccret key hybrid technique ora key and hash technique ‘Such technigues may be layered, with eredentials atone level US 8,934,624 B2 3 protecting differeat credentials at another (lower) level. “Cre- ‘dental ae elements o items sed to access protects das, be it another credential or digital content. Keys are one ‘example of credentials. As used hersin, the term "key" is, understood 10 have the broader meaning ofa credential ‘Score key techniques involve the use af a single and secret key for both encryption and decryption, The secret key must be known fo both the sender and the receiver, which may presenta challenge in how the key itself isto be distributed land protected from others. Commoa secret key technigues Include the Data Eneryption Standard (“DES”) and its sve- cessor, the Advanced Encryption Standard AES"), among, others Public key techniques involve the useof wo keys—one for ‘encryption and the other for deeryption—that are generally ‘mathematically elated so that knwleige oF onekey does not allow the other key fo be easily determined. One key is des- Jnateda public key and may be distributed and advertised 10 snyone while the other key is private and secret key known ‘only tits holder. One advantage of public key techniques is that they may be used to authenticate the sender ofa digital ‘content unit. For example, if Alice enerypts digital content unit using her private key and sends the encrypted digital ‘content unit to Bob, Bob may decrypt the encrypted digital ‘content unit using only Alice's public key, confinning that Alice was the one who sent the encrypted digital content unit to Bob. Common publie key technigues include the Public Key Cryptographic Standards (“PXCSs”) and the RSA algo- rithm, designed by RSA Security, Ine. of Bedford, Mass ash techniques are one-way eryptographic techniques ‘involving the generation of a mathematical funtion derived from the digital content in a given digital content unit refered to a8 a hash function, that makes it dificult fr the ‘digital content to be recovered. These techniques are typically used to provide a measure of the integrity ofa file, Le, 10 verify whether a given digital content unit as been altered. Since swo different digital content unis typically do not gen- ‘erate the same hash function, knowing the hash function fora Particular digital content permits comparison of the hashed ‘content tothe unhashed conten. This, in ten, may’ give an indication of whether the digital content unit ns been modi fie. ash functions may be used together with secret key and public key technigues asa way to further ensure the integrity ‘ofa digital content unt, Common hash funetions include the Message Digest (*MD") algorithms such ax MD2, MDS and RIPEMD as well asthe Secure Hash Algorithm ("SHA"), ‘An example of 3 common content protection technology relying oneryptograpic techniques to protect digital content includes the Content Protection Tor Prerecorded Media (CCPPM)techoology forprotecting digital content stored on prerecorded digital veratile disks ("DVD"). CPPM selec- tively eneryptsdise sectors that ean only be decrypted during playback by licensed products, such as DVD players. Critical Information, eg, decryption keys, required to unlock the