Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection
Reexamination Certificate
1999-01-15
2002-12-24
Smithers, Matthew (Department: 2132)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
By stored data protection
Reexamination Certificate
active
06499106
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a secure method and system for information distribution. More particularly, the present invention relates to an information distribution system that uses a fixed media to store and transfer encrypted data to remote destinations and a security agent to provide access to the data.
2. Description of the Related Art
Advances in technologies that provide increased capability for rapid digital data file transport have greatly simplified the sharing of electronic documents such as software, data, pictures, and other information over a network. The growth of the Internet has provided millions of people with the ability to distribute files to others they have never met. For many organizations and industries, the Internet has become the primary means for sharing information. Furthermore, the ability to provide almost instant access to information to millions of users has revolutionized the way many businesses are run. As an example, many software vendors distribute updates of their software through the Internet or other on-line services. Other users retrieve stock quotes or news stories, or conduct research over the Internet.
The ease in which electronically published works can be “perfectly” reproduced and distributed is a major concern. The transmission of digital works over networks is commonplace. Computer bulletin boards accessible via the Internet and commercial networks such as CompuServ and Prodigy allow for the posting and retrieving of digital information. Information services such as Dialog and LEXIS/NEXIS provide databases of current information on a wide variety of topics. Another factor which will exacerbate the situation is the development and expansion of the National Information Infrastructure (NII). It is anticipated that, as the NII grows, the unauthorized transmission and reproduction of digital works over networks will increase many times over.
Thus, a fundamental issue facing the publishing and information industries as they consider electronic publishing is how to prevent the unauthorized and unaccounted distribution or usage of electronically published materials. Electronically published materials are typically distributed in a digital form and recreated on a computer based system having the capability to recreate the materials. Audio and video recordings, software, books and multimedia works are all being electronically published. Companies in these industries receive royalties for each accounted for delivery of the materials, e.g. the sale of an audio CD at a retail outlet. Any unaccounted distribution of a work results in an unpaid royalty (e.g. copying the audio recording CD to another digital medium.) Thus, what is needed is a means to easily distribute digital information without losing control over the number of copies that have been distributed.
It is well known to all who practice in the art that distribution over networks has several major deficiencies. In particular, (1) large digital information files (greater that 1,000 megabytes) cannot yet be economically transported over currently available networks, (2) electronic files are easily corrupted, and (3) while a network may provide a secure connection and document encryption and authentication, the benefits of having limited, specifically identifiable copies fixed in a particular media are lost when an electronic copy of a document is transferred over a network.
A typical CD stores approximately 680 megabytes of data. A company equipped with a CD-R writing drive can easily create multiple volume CD collections of data. Thus, a two CD volume data collection could easily include more than 1,000 megabytes of information. While OC-12 transfer rates of 622.08 megabits per second will eventually become a reality, OC-12 lines are not commercially feasible at present. More realistically, T1 and DS-1 technology provide a possible alternative. However, even at T1 or DS-1 transfer rates of 1.544 megabits per second, a 1,000 megabyte collection of data would take almost two hours to transfer under ideal conditions. Currently, T1 lines are expensive to operate and cost precludes their use by many businesses. Two channel ISDN lines are less expensive to operate but are prohibitively slow for such large transfers. It would take approximately twenty four hours to transfer 1,000 megabytes of data on such an ISDN line.
Further, electronic files are easily corrupted and even secure systems connected to network can be attacked and breached with subsequent corruption of a file or files. In addition, one user could masquerade as the creator of a file posting a corrupted version of the file on the Internet to be accessed by other trusting and unsuspecting users. In the current environment, users who receive files from sources on the Internet are unable to verify that the file they received is uncorrupted or whether the file is truly a file created by the presumed creator.
Early technical approaches to verifying the integrity of electronic files focused on verifying the transmission of the potentially large files in a bilateral communications environment. In such an environment, the sender of the document desires to verify to the receiver of a document, the source and original content of the transmitted document. Such approaches used “private key” cryptographic schemes for message transmission between a limited universe of individuals who are known to one another and who alone know the decrypting key. Encryption of the message ensures against tampering, and the fact that application of the private key reveals the “plaintext” of the transmitted message serves as proof that the message was transmitted by an individual in the defined universe.
An advance in the art was effected with the application of “public key” cryptography as disclosed and implemented by Rivest et al. in U.S. Pat. No. 4,405,829, issued Sep. 20, 1983. This scheme expands the defined universe to a substantially unlimited number of system subscribers who are unknown to one another, but for a public directory. However, a recipient's trust in the integrity of a document is still based on a verifiable bilateral communication of the potentially large document.
Another advance in the art was effectuated by Haber and Stornetta as disclosed in U.S. Pat. Nos. 5,136,646 and 5,136,647, both issued Aug. 4, 1992. Their inventions disclose methodologies for fixing the time and content of an electronic file. Their process generally works as follows: (1) the creator of an electronic file would, using a one-way hash function, reduce the file to a hash value of set size, (2) the creator of the file would then send the hash value to a third party time stamping agency (TSA), (3) the TSA adds time data to the hash value to create a receipt, (4) the TSA then applies a cryptographic signature, using the well known public key cryptographic scheme, to the combined hash value and time data to create digital certificate establishing the temporal existence of the file, (5) the TSA then sends the digital certificate back to the creator of the file, and (6) the creator of the file stores the certificate for later proof of the file's temporal existence.
In order to prove that the certificate was in fact created by the TSA, the TSA's public key would be used to verify that the file was signed by some entity using TSA's private key, and since TSA is the only entity that should have access to the private key, it can be presumed that the TSA is the entity that created the certificate. Haber and Stornetta's methodologies use public key cryptographic procedures to verify the bilateral communications between the TSA and the creator (i.e. author) of the file. However, even though this prior art procedure would establish the temporal existence of the file, it does not prevent malicious users modifying files and then time stamping the new corrupted file or from masquerading as a legitimate author. This problem is best illustrated using the example of software updates available on the Inte
Guico Henry Theo F.
Yaegashi Akira
Smithers Matthew
Sony Corporation
Sony Electronics Inc.
LandOfFree
Method and apparatus for secure distribution of information... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for secure distribution of information..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for secure distribution of information... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2994952