WO1999017496A1 - Electronic publishing - Google Patents

Electronic publishing Download PDF

Info

Publication number
WO1999017496A1
WO1999017496A1 PCT/IL1998/000474 IL9800474W WO9917496A1 WO 1999017496 A1 WO1999017496 A1 WO 1999017496A1 IL 9800474 W IL9800474 W IL 9800474W WO 9917496 A1 WO9917496 A1 WO 9917496A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
output device
public key
key
encrypted form
Prior art date
Application number
PCT/IL1998/000474
Other languages
French (fr)
Inventor
Itzhak Pomerantz
Meir Zorea
Ram Cohen
Original Assignee
Aliroo Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aliroo Ltd. filed Critical Aliroo Ltd.
Priority to GB0007677A priority Critical patent/GB2346054A/en
Priority to AU94559/98A priority patent/AU9455998A/en
Publication of WO1999017496A1 publication Critical patent/WO1999017496A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)

Definitions

  • the present invention relates to publishing and more particularly to electronic publishing.
  • a first technique calls for encryption and decryption using a secret key that is known only to the publisher and is also embedded in the printer or other output device. This technique has the disadvantage that it requires that each publisher transmit to a single printer or other output devices or that multiple publishers seeking to transmit to the same printer or other output device share a single secret key.
  • the second technique uses the secret key to convert the published material to a decrypted, bit-mapped representation of the material which includes information enabling the decrypted representation to be traceable to a user.
  • This second technique has the disadvantage that it provides inadequate security, since bit-mapped representations may be reconverted into clean unencrypted form using conventional OCR techniques and the traceability can thus be defeated.
  • the present invention seeks to provide a method and system for providing secure electronic publishing which overcome limitations of the prior art.
  • decryption of the encrypted information at the computer connected to the specific output device is enabled by a preliminary decryption of the encrypted information by a secret key that is delivered to the computer subsequently to the transmission of the information.
  • the encrypting step includes two encryption steps, one encryption step using a public key and another encryption step using a secret key and wherein the decrypting step includes two decryption steps, one decryption step using the secret key and the other decryption step using a private key embedded in the output device and corresponding to the public key.
  • the secret key may be transmitted prior to, during or subsequently to the transmitting step.
  • a system for restricted electronic transmission of information comprising: an encryptor for encrypting information; a transmitter, transmitting the information following encrypting thereof over a medium which may be non-secure; a receiver, remote from the encryptor, receiving the information, following transmission thereof in encrypted form, at a computer which is only able to decrypt the information when that computer is connected to a specific output device; and a decryptor, decrypting the information, received in encrypted form, at the computer when connected to the specific output device.
  • a computer for selectably formatting the information prior to decrypting thereof.
  • customer site unit useful in any of the methods or systems described above and including an output device having embedded therein the private key.
  • Figs. 3 A, 3B, 3C, 3D and 3E are illustrations of one mode of operation of the method and system of Figs. 1 & 2;
  • Fig. 4 is a simplified functional block diagram illustration of another method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention.
  • Figs. 5 A, 5B, 5C, 5D and 5E are illustrations of the operation of the method and system of any of Figs. 1 - 4 in accordance with another embodiment of the present invention.
  • Fig. 1 is a simplified functional block diagram illustration of a method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention.
  • a clear, ready-for-print information file such as a book file 12
  • a standard file format such as Postscript or PDF
  • An output device 14 located at a customer's premises, remote from the publisher, typically includes a printing subsystem 16, such as a postscript HP Laser Jet printer and a processor 18, which may be a personal computer or any other suitable processor, or processor functionality which is incorporated in a processor present in the printing subsystem 16.
  • the private key 20 is preferably embedded in the printing subsystem, but may alternatively be embedded in any other suitable portion of the output device 14.
  • the printing subsystem 16 may be replaced by any other suitable type of output subsystem, such as a viewing subsystem, such as a display, or an audio annunciator subsystem, such as a speech generator.
  • the output device 14 may include more than one output subsystem of the type described hereinabove.
  • a known public key 22 which is typically specified on the output device 14 or available on machine readable media.
  • the public key 22 may be made readily available, i.e. as through posting on the Internet, to anyone who enters the serial number of the output subsystem, such as a printer.
  • the order normally includes the standard billing information, such as a credit card number and a signature and the public key or information, such as the serial number of the printer, enabling the publisher to readily obtain the public key.
  • the publisher using a computer 24, encrypts the clear file 12, using the public key and a conventional encryption engine which is commercially available from RSA Inc., thus providing an encrypted file 26.
  • the encrypted file is communicated to the customer's output device 14 via E-mail, FTP or any other suitable media, which may not be secure and is received at processor 18.
  • the processor employs the embedded private key 20 to decrypt the received encrypted file and then sends the decrypted information via the internal circuitry 28 of the output device 14 to the printing subsystem 16 and/or other output subsystem for output to the customer. It is appreciated that the circuitry 28 must be secure from customer access in order to preserve security.
  • FIG. 2 is a simplified functional block diagram illustration of an alternative method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention.
  • the embodiment of Fig. 2 is similar to that of Fig. 1, except in that the public key 22 is not transmitted by the customer to the publisher. Instead, the serial number 30 of the output device 14 or of the output subsystem 16 is transmitted via circuitry 36 and used to find the public key in a public key director 32.
  • the remainder of the system and method of Fig. 2 is identical to that of Fig. 1.
  • the methods and systems of Figs. 1 and 2 may be operated so as to provide double encryption of the file 12.
  • the file may be encrypted additionally using a random symmetrical key selected by the publisher and kept secret by the publisher.
  • the double encrypted file is then transmitted to the customer who cannot use it until he receives from the publisher, the secret second key used in the second encryption.
  • Fig. 3A illustrates the clear file, here designated 42
  • Fig. 3B shows a first encryption 44, typically using the public key as described in hereinabove with reference to Figs. 1 & 2.
  • Fig. 3C shows a second encryption 46.
  • the remaining file is still encrypted with the public key as shown in Fig. 3D.
  • a clean file is provided, as seen in Fig. 3E.
  • FIG. 4 is a simplified functional block diagram illustration of another method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention
  • the method and system of Fig. 4 may be similar to that of Fig. 2 at the publisher side, except that the first encryption is done with a symmetric key that is provided by the customer upon ordering, and not with a public key, and the second encryption is done with a random symmetric key that is unknown at the customer side.
  • the output device 56 may be any conventional output device, and does not require any hardware modification whatsoever, provided that the output device has the facility of being able to communicate its serial number upon inte ⁇ ogation by a computer coupled thereto. This feature is now conventional in various printers, such as HP LaserJet series 5 printers available from Hewlett-Packard.
  • the customer may employ, for the first decryption of the decrypted information (stepping from Fig. 3C to Fig. 3D) and for formatting the encrypted information, a conventional PC including a display 52 and a processor and printer driver 54.
  • both the first and the second encryptions can be done while preserving the format of the original text.
  • the encrypted text can be reformatted while being encrypted, changing margins, line separations, font type and font size, for example. If a publisher chooses to encrypt the text in a way that preserves its format, then the customer can reformat the text to its needs without decrypting it, thus preparing it for printing in a desired format.
  • the customer places an order with the publisher or the publisher's distributor.
  • the order normally includes the standard billing information, such as a credit card number and a signature and the serial number of the output device, the printer or other output subsystem.
  • The, encryption is carried out by any suitable file encryption software using a key that does not have to be secret, inasmuch as the key is not sufficient for decryption.
  • a preferred file and text encryption software package is commercially available from Aliroo Ltd. of Israel under the trademark PrivaSuite.
  • the publisher using a computer 54, encrypts the clear file 62.
  • the encryption is carried out by any suitable file encryption software using a key that does not have to be secret, inasmuch as the key is not sufficient for decryption.
  • a preferred file encryption software package is commercially available from Aliroo Ltd. of Israel under the trademark PrivaSuite.
  • the encrypted file 66 is communicated via E-mail, FTP or any other suitable media, to the customer's computer 68, where it can be reformatted and decrypted and sent to the output device 50.
  • the output device 50 includes a built-in software protection dongle 70, such as a dongle commercially available from Aladdin or Micro-Macro, which is logically interconnected between the processor 68 and the output subsystem.
  • a built-in software protection dongle 70 such as a dongle commercially available from Aladdin or Micro-Macro, which is logically interconnected between the processor 68 and the output subsystem.
  • the embodiment of Fig. 4 has the advantage that it enables the received information to be displayed on the screen and formatted by a customer, using standard formatting software such as Acrobat by Adobe, in order to determine the font size, the pages to be printed, the margins and similar parameters. Printing of the information is only permitted by means of the print driver which is written to send the file only to a printer that suitably identifies itself and, if a dongle is provided, presents the dongle key which co ⁇ esponds to the printer.
  • the embodiment of Fig. 4 does not require any change in the design of the printer but does have a cryptographic weakness in that the output connection from the processor and printer driver, indicated by reference numeral 84 is accessible. If the data can be recorded from the output connection 84, the cryptographic protection is overcome.
  • each of chapters A, B and C can be identically encrypted as by the publisher's computer 12 (Fig. 1) with a public key as described hereinabove.
  • the thus encrypted file wherein a portion thereof, such as the table of contents 90 is typically not encrypted, is shown at reference numeral 100.
  • This encryption is illustrated by frames 102 formed about each of chapters 92, 94 and 96.
  • each chapter can be separately encrypted, as with a symmetric secret key, in much the same manner as described hereinabove with reference to Figs. 3 A - 3E.
  • the double encrypted file is indicated by reference numeral 104 and preferably includes an unencrypted table of contents 90.
  • the separate encryptions are indicated by respective frames 106, 108 and 110 surrounding frames 102.
  • the secret keys for the second encryption are stored in the publisher's data base and are transmitted to the customer, as and when the customer purchases a given chapter.
  • the double encryption functionality shown in Figs. 3A - 3E and 5 A - 5E enables transmission of the information to be decoupled from licensing thereof, so as to enable transmission to occur when convenient and cost effective and licensing to occur at a time convenient to the customer. It will be apparent to persons skilled in the art that the present invention is not limited to what has been particularly shown and described hereinabove. Rather the scope of the present invention includes both combinations and sub-combinations of the features described hereinabove as well as modifications and further developments thereof which would occur to a person of skill in the art upon reading the foregoing description, which are not in the prior art.

Abstract

This application discloses a method for restricted electronic transmission of information including the steps of encrypting information (#26) using a public key portion (#22) of a private/public key, transmitting the information following encrypting thereof over a medium which may be non-secure, receiving the information, following transmission thereof, at an output device (#14) in encrypted form, decrypting the information, received in encrypted form, at the output device using a private key portion (#20) of the private/public key; and following decryption in the output device, outputting the information (#28) in non-encrypted form. A system for restricted electronic transmission of information is also disclosed.

Description

ELECTRONIC PUBLISHING FIELD OF THE INVENTION The present invention relates to publishing and more particularly to electronic publishing.
BACKGROUND OF THE INVENTION
Electronic publishing which has seen a substantial increase in popularity with the advent of the Internet, has encountered a serious problem of unauthorized publication over the Internet. Although copyright laws prohibit such unauthorized publications and downloads, in practicality, it is impossible to enforce copyright effectively in respect of a work which has been published on the Internet for unrestricted download.
Various techniques have been proposed for protecting electronically published materials. One example of such a technique appears in U.S. Patent 5,509,074 entitled "Method of protecting electronically published materials using cryptographic protocols". U.S. Patent 5,509,074 describes two alternative techniques for restricting the printing or display of electronically distributed publications.
A first technique calls for encryption and decryption using a secret key that is known only to the publisher and is also embedded in the printer or other output device. This technique has the disadvantage that it requires that each publisher transmit to a single printer or other output devices or that multiple publishers seeking to transmit to the same printer or other output device share a single secret key.
The second technique uses the secret key to convert the published material to a decrypted, bit-mapped representation of the material which includes information enabling the decrypted representation to be traceable to a user. This second technique has the disadvantage that it provides inadequate security, since bit-mapped representations may be reconverted into clean unencrypted form using conventional OCR techniques and the traceability can thus be defeated. SUMMARY OF THE INVENTION
The present invention seeks to provide a method and system for providing secure electronic publishing which overcome limitations of the prior art.
There is thus provided in accordance with a preferred embodiment of the present invention a method for restricted electronic transmission of information including the steps of encrypting information using a public key portion of a private/public key, transmitting the information following encrypting thereof over a medium which may be non-secure; receiving the information, following transmission thereof, at an output device in encrypted form; decrypting the information, received in encrypted form, at the output device using a private key portion of the private/public key; and following decryption in the output device, outputting the information in non-encrypted form.
There is also provided in accordance with a preferred embodiment of the present invention a method for restricted electronic transmission of information including the steps of encrypting information, transmitting the information following encrypting thereof over a medium which may be non-secure; receiving the information, following transmission thereof in encrypted form, at a computer which is only able to decrypt the information when that computer is connected to a specific output device; decrypting the information, received in encrypted form, at the computer when connected to the specific output device; and following decryption, outputting the information in non-encrypted form at the output device.
Alternatively or additionally, decryption of the encrypted information at the computer connected to the specific output device is enabled by a preliminary decryption of the encrypted information by a secret key that is delivered to the computer subsequently to the transmission of the information.
Preferably the encrypting step includes two encryption steps, one encryption step using a public key and another encryption step using a secret key and wherein the decrypting step includes two decryption steps, one decryption step using the secret key and the other decryption step using a private key embedded in the output device and corresponding to the public key. The secret key may be transmitted prior to, during or subsequently to the transmitting step.
Preferably, there is also provided the step of selectably formatting the information before or after the first decryption step and prior to the second decryption step.
In accordance with a preferred embodiment of the present invention, the another encryption step includes a plurality of separate encryption steps for separate portions of the information.
There is also provided in accordance with a preferred embodiment of the present invention a system for restricted electronic transmission of information comprising: a public key encryptor, encrypting information using a public key portion of a private/public key; an information transmitter, transmitting the information following encrypting thereof over a medium which may be non-secure; a customer site receiver, remote from the encryptor, receiving the information, following transmission thereof, at an output device in encrypted form; a decryptor, decrypting the information, received in encrypted form, at the output device using a private key portion of the private/public key.
There is additionally provided in accordance with a preferred embodiment of the present invention a system for restricted electronic transmission of information comprising: an encryptor for encrypting information; a transmitter, transmitting the information following encrypting thereof over a medium which may be non-secure; a receiver, remote from the encryptor, receiving the information, following transmission thereof in encrypted form, at a computer which is only able to decrypt the information when that computer is connected to a specific output device; and a decryptor, decrypting the information, received in encrypted form, at the computer when connected to the specific output device.
Preferably, the encryptor is operative to carry out two encryption steps, one encryption step using a public key and another encryption step using a secret key and wherein the decryptor is operative to carry out two decryption steps, one decryption step using the secret key and the other decryption step using a private key embedded in the output device and corresponding to the public key.
In accordance with a preferred embodiment of the invention, there is also provided a computer for selectably formatting the information prior to decrypting thereof.
There is preferably also provided a customer site unit useful in any of the methods or systems described above and including an output device having embedded therein the private key.
BRIEF DESCRIPTION OF THE DRAWINGS
The present invention will be understood and appreciated more fully from the following detailed description, taken in conjunction with the drawings in which:
Fig. 1 is a simplified functional block diagram illustration of a method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention;
Fig. 2 is a simplified functional block diagram illustration of an alternative method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention;
Figs. 3 A, 3B, 3C, 3D and 3E are illustrations of one mode of operation of the method and system of Figs. 1 & 2;
Fig. 4 is a simplified functional block diagram illustration of another method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention; and
Figs. 5 A, 5B, 5C, 5D and 5E are illustrations of the operation of the method and system of any of Figs. 1 - 4 in accordance with another embodiment of the present invention.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
Reference is now made to Fig. 1, which is a simplified functional block diagram illustration of a method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention. In the embodiment of Fig. 1, a clear, ready-for-print information file, such as a book file 12, in a standard file format, such as Postscript or PDF, is stored in a publisher's database. An output device 14, located at a customer's premises, remote from the publisher, typically includes a printing subsystem 16, such as a postscript HP Laser Jet printer and a processor 18, which may be a personal computer or any other suitable processor, or processor functionality which is incorporated in a processor present in the printing subsystem 16.
A private key 20, forming part of a private/public key encryption/decryption system, such as that available from RSA Inc. and described at www.rsa.com, is embedded in the output device 14, in a manner such that it cannot be accessed by any user, including the customer. The private key 20 is preferably embedded in the printing subsystem, but may alternatively be embedded in any other suitable portion of the output device 14.
In accordance with an alternative embodiment of the present invention, the printing subsystem 16 may be replaced by any other suitable type of output subsystem, such as a viewing subsystem, such as a display, or an audio annunciator subsystem, such as a speech generator. As a further alternative, the output device 14 may include more than one output subsystem of the type described hereinabove.
Associated with the private key embedded in the output device is a known public key 22 which is typically specified on the output device 14 or available on machine readable media. Alternatively or additionally, the public key 22 may be made readily available, i.e. as through posting on the Internet, to anyone who enters the serial number of the output subsystem, such as a printer.
When a customer wishes to order an electronic copy of a book or other information, the customer places an order with the publisher or the publisher's distributor. The order normally includes the standard billing information, such as a credit card number and a signature and the public key or information, such as the serial number of the printer, enabling the publisher to readily obtain the public key.
The publisher, using a computer 24, encrypts the clear file 12, using the public key and a conventional encryption engine which is commercially available from RSA Inc., thus providing an encrypted file 26. The encrypted file is communicated to the customer's output device 14 via E-mail, FTP or any other suitable media, which may not be secure and is received at processor 18. The processor employs the embedded private key 20 to decrypt the received encrypted file and then sends the decrypted information via the internal circuitry 28 of the output device 14 to the printing subsystem 16 and/or other output subsystem for output to the customer. It is appreciated that the circuitry 28 must be secure from customer access in order to preserve security.
Reference is now made to Fig. 2, which is a simplified functional block diagram illustration of an alternative method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention. The embodiment of Fig. 2 is similar to that of Fig. 1, except in that the public key 22 is not transmitted by the customer to the publisher. Instead, the serial number 30 of the output device 14 or of the output subsystem 16 is transmitted via circuitry 36 and used to find the public key in a public key director 32. The remainder of the system and method of Fig. 2 is identical to that of Fig. 1.
In accordance with another embodiment of the present invention, the methods and systems of Figs. 1 and 2 may be operated so as to provide double encryption of the file 12. In addition to the encryption described hereinabove, the file may be encrypted additionally using a random symmetrical key selected by the publisher and kept secret by the publisher. The double encrypted file is then transmitted to the customer who cannot use it until he receives from the publisher, the secret second key used in the second encryption.
When the customer completes a purchase transaction, which may take place following transmittal of the file to the customer, the publisher communicates the secret second key to the customer, enabling him to decrypt the second encryption, typically using an ordinary computer which is used for receiving the encrypted file and is external to the output device. That computer will then send the decrypted information to the processor 18 of the output device, for the second decryption.
The methodology described hereinabove may be visualized by reference to Figs. 3A, 3B, 3C, 3D and 3E. Fig. 3A illustrates the clear file, here designated 42, Fig. 3B shows a first encryption 44, typically using the public key as described in hereinabove with reference to Figs. 1 & 2. Fig. 3C shows a second encryption 46. Upon carrying out of the first decryption, typically in an ordinary PC that is external to the output device, the remaining file is still encrypted with the public key as shown in Fig. 3D. Upon further decryption using the private key, a clean file is provided, as seen in Fig. 3E.
Reference is now made to Fig. 4, which is a simplified functional block diagram illustration of another method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention;
The method and system of Fig. 4 may be similar to that of Fig. 2 at the publisher side, except that the first encryption is done with a symmetric key that is provided by the customer upon ordering, and not with a public key, and the second encryption is done with a random symmetric key that is unknown at the customer side. On the customer side, in the embodiment of Fig. 4, the output device 56 may be any conventional output device, and does not require any hardware modification whatsoever, provided that the output device has the facility of being able to communicate its serial number upon inteπogation by a computer coupled thereto. This feature is now conventional in various printers, such as HP LaserJet series 5 printers available from Hewlett-Packard.
The customer may employ, for the first decryption of the decrypted information (stepping from Fig. 3C to Fig. 3D) and for formatting the encrypted information, a conventional PC including a display 52 and a processor and printer driver 54.
One of the present inventors has developed a technique whereby formatted alphanumeric text, such as RTF test in Windows, can be encrypted in such a way that the encrypted text preserves the format and text attributes of the original text. This technique is described and claimed in PCT Application PCT/IL96/00088, filed August 26, 1996, published as WO 97/09817 on March 1, 1997, the disclosure of which is hereby incorporated by reference.
It is appreciated that both the first and the second encryptions can be done while preserving the format of the original text. Moreover, the encrypted text can be reformatted while being encrypted, changing margins, line separations, font type and font size, for example. If a publisher chooses to encrypt the text in a way that preserves its format, then the customer can reformat the text to its needs without decrypting it, thus preparing it for printing in a desired format. When a customer wishes to order an electronic copy of a book or other information, the customer places an order with the publisher or the publisher's distributor. The order normally includes the standard billing information, such as a credit card number and a signature and the serial number of the output device, the printer or other output subsystem. The, encryption is carried out by any suitable file encryption software using a key that does not have to be secret, inasmuch as the key is not sufficient for decryption. A preferred file and text encryption software package is commercially available from Aliroo Ltd. of Israel under the trademark PrivaSuite.
The publisher, using a computer 54, encrypts the clear file 62. The encryption is carried out by any suitable file encryption software using a key that does not have to be secret, inasmuch as the key is not sufficient for decryption. A preferred file encryption software package is commercially available from Aliroo Ltd. of Israel under the trademark PrivaSuite. The encrypted file 66 is communicated via E-mail, FTP or any other suitable media, to the customer's computer 68, where it can be reformatted and decrypted and sent to the output device 50.
The processor 68 polls the output device 56 for the known serial number thereof or for a secret serial number that is embedded therein and uses that number to decrypt the file using suitable decryption software, preferably PrivaSuite. The decrypting software does not accept the decryption key from any source other than a serial number reported by the output device 50.
In accordance with a preferred embodiment of the present invention, the output device 50 includes a built-in software protection dongle 70, such as a dongle commercially available from Aladdin or Micro-Macro, which is logically interconnected between the processor 68 and the output subsystem.
The embodiment of Fig. 4 has the advantage that it enables the received information to be displayed on the screen and formatted by a customer, using standard formatting software such as Acrobat by Adobe, in order to determine the font size, the pages to be printed, the margins and similar parameters. Printing of the information is only permitted by means of the print driver which is written to send the file only to a printer that suitably identifies itself and, if a dongle is provided, presents the dongle key which coπesponds to the printer. The embodiment of Fig. 4 does not require any change in the design of the printer but does have a cryptographic weakness in that the output connection from the processor and printer driver, indicated by reference numeral 84 is accessible. If the data can be recorded from the output connection 84, the cryptographic protection is overcome.
Reference is now made to Figs. 5A, 5B, 5C, 5D and 5E which are illustrations of operation of the method and system of any of Figs. 1 - 4 in accordance with an additional embodiment of the present invention. A document 88 is shown to have a table of contents 90 and typically three chapters, A, B and C, indicated by respective -reference numerals 92, 94 and 96. The document can be distributed and licensed in accordance with any of the methods described above and using any of the systems described hereinabove.
Thus, each of chapters A, B and C can be identically encrypted as by the publisher's computer 12 (Fig. 1) with a public key as described hereinabove. The thus encrypted file, wherein a portion thereof, such as the table of contents 90 is typically not encrypted, is shown at reference numeral 100. This encryption is illustrated by frames 102 formed about each of chapters 92, 94 and 96.
If it is desired to separately license each of the chapters A, B and C, each chapter can be separately encrypted, as with a symmetric secret key, in much the same manner as described hereinabove with reference to Figs. 3 A - 3E. The double encrypted file is indicated by reference numeral 104 and preferably includes an unencrypted table of contents 90. The separate encryptions are indicated by respective frames 106, 108 and 110 surrounding frames 102. The secret keys for the second encryption are stored in the publisher's data base and are transmitted to the customer, as and when the customer purchases a given chapter.
Decryption of the individual chapters using the secret keys and using the private key take place as illustrated in Figs. 5D and 5E.
It is appreciated that the double encryption functionality shown in Figs. 3A - 3E and 5 A - 5E enables transmission of the information to be decoupled from licensing thereof, so as to enable transmission to occur when convenient and cost effective and licensing to occur at a time convenient to the customer. It will be apparent to persons skilled in the art that the present invention is not limited to what has been particularly shown and described hereinabove. Rather the scope of the present invention includes both combinations and sub-combinations of the features described hereinabove as well as modifications and further developments thereof which would occur to a person of skill in the art upon reading the foregoing description, which are not in the prior art.

Claims

C L A I M S
1. A method for restricted electronic transmission of information including the steps of: encrypting information using a public key portion of a private/public key; transmitting the information following encrypting thereof over a medium which may be non-secure; receiving the information, following transmission thereof, at an output device in encrypted form; decrypting the information, received in encrypted form, at the output device using a private key portion of the private/public key; and following decryption in the output device, outputting the information in non- encrypted form.
2. A method for restricted electronic transmission of information including the steps of: encrypting information; transmitting the information following encrypting thereof over a medium which may be non-secure; receiving the information, following transmission thereof in encrypted form, at a computer which is only able to decrypt the information when that computer is connected to a specific output device; decrypting the information, received in encrypted form, at the computer when connected to the specific output device; and following decryption, outputting the information in non-encrypted form at the output device.
3. A method according to either of claims 1 and 2 and wherein the encrypting step includes two encryption steps, one encryption step using a public key and another encryption step using a secret key and wherein the decrypting step includes two decryption steps, one decryption step using the secret key and the other decryption step using a private key embedded in the output device and corresponding to the public key.
4. A method according to claim 3 and wherein the secret key is transmitted prior to the transmitting step.
5. A method according to claim 3 and wherein the secret key is transmitted during the transmitting step.
6. A method according to claim 3 and wherein the secret key is transmitted following the transmitting step.
7. A method according to any of the preceding claims and also comprising the step of selectably formatting the information prior to decrypting thereof.
8. A method according to claim 3 and wherein the another encryption step includes a plurality of separate encryption steps for separate portions of the information.
9. A system for restricted electronic transmission of information comprising: a public key encryptor, encrypting information using a public key portion of a private/public key; an information transmitter, transmitting the information following encrypting thereof over a medium which may be non-secure; a customer site receiver, remote from the encryptor, receiving the information, following transmission thereof, at an output device in encrypted form; a decryptor, decrypting the information, received in encrypted form, at the output device using a private key portion of the private/public key.
10. A system for restricted electronic transmission of information comprising: an encryptor for encrypting information; a transmitter, transmitting the information following encrypting thereof over a medium which may be non-secure; a receiver, remote from the encryptor, receiving the information, following transmission thereof in encrypted form, at a computer which is only able to decrypt the information when that computer is connected to a specific output device; and a decryptor, decrypting the information, received in encrypted form, at the computer when connected to the specific output device.
11. A system according to either of claims 9 and 10 and wherein the encryptor is operative to carry out two encryption steps, one encryption step using a public key and another encryption step using a secret key and wherein the decryptor is operative to carry out two decryption steps, one decryption step using the secret key and the other decryption step using a private key embedded in the output device and corresponding to the public key.
12. A system according to claim 11 and wherein the secret key is transmitted prior to the transmitting step.
13. A system according to claim 11 and wherein the secret key is transmitted during the transmitting step.
14. A system according to claim 11 and wherein the secret key is transmitted following the transmitting step.
15. A system according to any of the preceding claims 9 - 14 and also comprising the a computer for selectably formatting the information prior to decrypting thereof.
16. A system according to claim 11 and wherein the another encryption step includes a plurality of separate encryption steps for separate portions of the information.
17. A customer site unit useful in a method according to any of claims 1 - 8 and including an output device having embedded therein the private key.
18. A customer site unit useful as part of a system according to any of claims 9 - 16 and including an output device having embedded therein the private key.
19. A customer site unit useful as part of a system according to any of claims 9 - 16 and also including a software dongle.
20. A system according to any of claims 9 - 10 and also comprising a software dongle in said output device.
PCT/IL1998/000474 1997-09-30 1998-09-28 Electronic publishing WO1999017496A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB0007677A GB2346054A (en) 1997-09-30 1998-09-28 Electronic publishing
AU94559/98A AU9455998A (en) 1997-09-30 1998-09-28 Electronic publishing

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IL12187697A IL121876A0 (en) 1997-09-30 1997-09-30 Electronic publishing
IL121876 1997-09-30

Publications (1)

Publication Number Publication Date
WO1999017496A1 true WO1999017496A1 (en) 1999-04-08

Family

ID=11070695

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL1998/000474 WO1999017496A1 (en) 1997-09-30 1998-09-28 Electronic publishing

Country Status (4)

Country Link
AU (1) AU9455998A (en)
GB (1) GB2346054A (en)
IL (1) IL121876A0 (en)
WO (1) WO1999017496A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7080079B2 (en) * 2000-11-28 2006-07-18 Yu Philip K Method of using the internet to retrieve and handle articles in electronic form from printed publication which have been printed in paper form for circulation by the publisher
US7890428B2 (en) * 2005-02-04 2011-02-15 Microsoft Corporation Flexible licensing architecture for licensing digital application

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5142579A (en) * 1991-01-29 1992-08-25 Anderson Walter M Public key cryptographic system and method
US5150411A (en) * 1990-10-24 1992-09-22 Omnisec Cryptographic system allowing encrypted communication between users with a secure mutual cipher key determined without user interaction
US5377268A (en) * 1991-03-18 1994-12-27 Pitney Bowes Inc. Metering system with remotely resettable time lockout
US5568554A (en) * 1995-01-31 1996-10-22 Digital Equipment Corporation Method for improving the processing and storage performance of digital signature schemes
US5761305A (en) * 1995-04-21 1998-06-02 Certicom Corporation Key agreement and transport protocol with implicit signatures

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5150411A (en) * 1990-10-24 1992-09-22 Omnisec Cryptographic system allowing encrypted communication between users with a secure mutual cipher key determined without user interaction
US5142579A (en) * 1991-01-29 1992-08-25 Anderson Walter M Public key cryptographic system and method
US5377268A (en) * 1991-03-18 1994-12-27 Pitney Bowes Inc. Metering system with remotely resettable time lockout
US5568554A (en) * 1995-01-31 1996-10-22 Digital Equipment Corporation Method for improving the processing and storage performance of digital signature schemes
US5761305A (en) * 1995-04-21 1998-06-02 Certicom Corporation Key agreement and transport protocol with implicit signatures

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7080079B2 (en) * 2000-11-28 2006-07-18 Yu Philip K Method of using the internet to retrieve and handle articles in electronic form from printed publication which have been printed in paper form for circulation by the publisher
US7890428B2 (en) * 2005-02-04 2011-02-15 Microsoft Corporation Flexible licensing architecture for licensing digital application

Also Published As

Publication number Publication date
AU9455998A (en) 1999-04-23
IL121876A0 (en) 1998-02-20
GB2346054A (en) 2000-07-26
GB0007677D0 (en) 2000-05-17

Similar Documents

Publication Publication Date Title
US5509074A (en) Method of protecting electronically published materials using cryptographic protocols
US7337332B2 (en) Transferring electronic content
US5541993A (en) Structure and method for secure image transmission
US6885748B1 (en) System and method for protection of digital works
US6378070B1 (en) Secure printing
US8862517B2 (en) Digital rights management of content when content is a future live event
EP0929023B1 (en) Secure printing
EP1451725B1 (en) Secure printing of a document
US20050268089A1 (en) Printing system and method that support security function
EP1536305A1 (en) Secure transmission of electronic documents
EP1146715A1 (en) System and method for protection of digital works
KR950035289A (en) Communication
WO1997009817A3 (en) Document processing
EP1146411B2 (en) System and method for protection of digital works
JP2004157864A (en) Content distribution system
US20040083392A1 (en) Digital information protecting method and system
JP2008011092A (en) Encrypted-content retrieval system
US20050114684A1 (en) Contents use frequency limiting method, contents using terminal apparatus, contents using system, computer program and computer readable memory medium
WO1999017496A1 (en) Electronic publishing
US7519820B2 (en) Image forming system and image forming method
JP3885882B2 (en) Image forming apparatus and image forming system
JP4420622B2 (en) How to send and receive data
KR100352344B1 (en) Apparatus and method for preventing disclosure through user-authentication at a printing node
JP2002351743A (en) Document distribution system
JPH1165932A (en) Data printing device and method therefor

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AT AU AZ BA BB BG BR BY CA CH CN CU CZ CZ DE DE DK DK EE EE ES FI FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

ENP Entry into the national phase

Ref country code: GB

Ref document number: 200007677

Kind code of ref document: A

Format of ref document f/p: F

NENP Non-entry into the national phase

Ref country code: KR

WWE Wipo information: entry into national phase

Ref document number: 09509619

Country of ref document: US

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA