WO1999017496A1 - Electronic publishing - Google Patents
Electronic publishing Download PDFInfo
- Publication number
- WO1999017496A1 WO1999017496A1 PCT/IL1998/000474 IL9800474W WO9917496A1 WO 1999017496 A1 WO1999017496 A1 WO 1999017496A1 IL 9800474 W IL9800474 W IL 9800474W WO 9917496 A1 WO9917496 A1 WO 9917496A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information
- output device
- public key
- key
- encrypted form
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
Definitions
- the present invention relates to publishing and more particularly to electronic publishing.
- a first technique calls for encryption and decryption using a secret key that is known only to the publisher and is also embedded in the printer or other output device. This technique has the disadvantage that it requires that each publisher transmit to a single printer or other output devices or that multiple publishers seeking to transmit to the same printer or other output device share a single secret key.
- the second technique uses the secret key to convert the published material to a decrypted, bit-mapped representation of the material which includes information enabling the decrypted representation to be traceable to a user.
- This second technique has the disadvantage that it provides inadequate security, since bit-mapped representations may be reconverted into clean unencrypted form using conventional OCR techniques and the traceability can thus be defeated.
- the present invention seeks to provide a method and system for providing secure electronic publishing which overcome limitations of the prior art.
- decryption of the encrypted information at the computer connected to the specific output device is enabled by a preliminary decryption of the encrypted information by a secret key that is delivered to the computer subsequently to the transmission of the information.
- the encrypting step includes two encryption steps, one encryption step using a public key and another encryption step using a secret key and wherein the decrypting step includes two decryption steps, one decryption step using the secret key and the other decryption step using a private key embedded in the output device and corresponding to the public key.
- the secret key may be transmitted prior to, during or subsequently to the transmitting step.
- a system for restricted electronic transmission of information comprising: an encryptor for encrypting information; a transmitter, transmitting the information following encrypting thereof over a medium which may be non-secure; a receiver, remote from the encryptor, receiving the information, following transmission thereof in encrypted form, at a computer which is only able to decrypt the information when that computer is connected to a specific output device; and a decryptor, decrypting the information, received in encrypted form, at the computer when connected to the specific output device.
- a computer for selectably formatting the information prior to decrypting thereof.
- customer site unit useful in any of the methods or systems described above and including an output device having embedded therein the private key.
- Figs. 3 A, 3B, 3C, 3D and 3E are illustrations of one mode of operation of the method and system of Figs. 1 & 2;
- Fig. 4 is a simplified functional block diagram illustration of another method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention.
- Figs. 5 A, 5B, 5C, 5D and 5E are illustrations of the operation of the method and system of any of Figs. 1 - 4 in accordance with another embodiment of the present invention.
- Fig. 1 is a simplified functional block diagram illustration of a method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention.
- a clear, ready-for-print information file such as a book file 12
- a standard file format such as Postscript or PDF
- An output device 14 located at a customer's premises, remote from the publisher, typically includes a printing subsystem 16, such as a postscript HP Laser Jet printer and a processor 18, which may be a personal computer or any other suitable processor, or processor functionality which is incorporated in a processor present in the printing subsystem 16.
- the private key 20 is preferably embedded in the printing subsystem, but may alternatively be embedded in any other suitable portion of the output device 14.
- the printing subsystem 16 may be replaced by any other suitable type of output subsystem, such as a viewing subsystem, such as a display, or an audio annunciator subsystem, such as a speech generator.
- the output device 14 may include more than one output subsystem of the type described hereinabove.
- a known public key 22 which is typically specified on the output device 14 or available on machine readable media.
- the public key 22 may be made readily available, i.e. as through posting on the Internet, to anyone who enters the serial number of the output subsystem, such as a printer.
- the order normally includes the standard billing information, such as a credit card number and a signature and the public key or information, such as the serial number of the printer, enabling the publisher to readily obtain the public key.
- the publisher using a computer 24, encrypts the clear file 12, using the public key and a conventional encryption engine which is commercially available from RSA Inc., thus providing an encrypted file 26.
- the encrypted file is communicated to the customer's output device 14 via E-mail, FTP or any other suitable media, which may not be secure and is received at processor 18.
- the processor employs the embedded private key 20 to decrypt the received encrypted file and then sends the decrypted information via the internal circuitry 28 of the output device 14 to the printing subsystem 16 and/or other output subsystem for output to the customer. It is appreciated that the circuitry 28 must be secure from customer access in order to preserve security.
- FIG. 2 is a simplified functional block diagram illustration of an alternative method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention.
- the embodiment of Fig. 2 is similar to that of Fig. 1, except in that the public key 22 is not transmitted by the customer to the publisher. Instead, the serial number 30 of the output device 14 or of the output subsystem 16 is transmitted via circuitry 36 and used to find the public key in a public key director 32.
- the remainder of the system and method of Fig. 2 is identical to that of Fig. 1.
- the methods and systems of Figs. 1 and 2 may be operated so as to provide double encryption of the file 12.
- the file may be encrypted additionally using a random symmetrical key selected by the publisher and kept secret by the publisher.
- the double encrypted file is then transmitted to the customer who cannot use it until he receives from the publisher, the secret second key used in the second encryption.
- Fig. 3A illustrates the clear file, here designated 42
- Fig. 3B shows a first encryption 44, typically using the public key as described in hereinabove with reference to Figs. 1 & 2.
- Fig. 3C shows a second encryption 46.
- the remaining file is still encrypted with the public key as shown in Fig. 3D.
- a clean file is provided, as seen in Fig. 3E.
- FIG. 4 is a simplified functional block diagram illustration of another method and system for restricted electronic transmission of information constructed and operative in accordance with a preferred embodiment of the present invention
- the method and system of Fig. 4 may be similar to that of Fig. 2 at the publisher side, except that the first encryption is done with a symmetric key that is provided by the customer upon ordering, and not with a public key, and the second encryption is done with a random symmetric key that is unknown at the customer side.
- the output device 56 may be any conventional output device, and does not require any hardware modification whatsoever, provided that the output device has the facility of being able to communicate its serial number upon inte ⁇ ogation by a computer coupled thereto. This feature is now conventional in various printers, such as HP LaserJet series 5 printers available from Hewlett-Packard.
- the customer may employ, for the first decryption of the decrypted information (stepping from Fig. 3C to Fig. 3D) and for formatting the encrypted information, a conventional PC including a display 52 and a processor and printer driver 54.
- both the first and the second encryptions can be done while preserving the format of the original text.
- the encrypted text can be reformatted while being encrypted, changing margins, line separations, font type and font size, for example. If a publisher chooses to encrypt the text in a way that preserves its format, then the customer can reformat the text to its needs without decrypting it, thus preparing it for printing in a desired format.
- the customer places an order with the publisher or the publisher's distributor.
- the order normally includes the standard billing information, such as a credit card number and a signature and the serial number of the output device, the printer or other output subsystem.
- The, encryption is carried out by any suitable file encryption software using a key that does not have to be secret, inasmuch as the key is not sufficient for decryption.
- a preferred file and text encryption software package is commercially available from Aliroo Ltd. of Israel under the trademark PrivaSuite.
- the publisher using a computer 54, encrypts the clear file 62.
- the encryption is carried out by any suitable file encryption software using a key that does not have to be secret, inasmuch as the key is not sufficient for decryption.
- a preferred file encryption software package is commercially available from Aliroo Ltd. of Israel under the trademark PrivaSuite.
- the encrypted file 66 is communicated via E-mail, FTP or any other suitable media, to the customer's computer 68, where it can be reformatted and decrypted and sent to the output device 50.
- the output device 50 includes a built-in software protection dongle 70, such as a dongle commercially available from Aladdin or Micro-Macro, which is logically interconnected between the processor 68 and the output subsystem.
- a built-in software protection dongle 70 such as a dongle commercially available from Aladdin or Micro-Macro, which is logically interconnected between the processor 68 and the output subsystem.
- the embodiment of Fig. 4 has the advantage that it enables the received information to be displayed on the screen and formatted by a customer, using standard formatting software such as Acrobat by Adobe, in order to determine the font size, the pages to be printed, the margins and similar parameters. Printing of the information is only permitted by means of the print driver which is written to send the file only to a printer that suitably identifies itself and, if a dongle is provided, presents the dongle key which co ⁇ esponds to the printer.
- the embodiment of Fig. 4 does not require any change in the design of the printer but does have a cryptographic weakness in that the output connection from the processor and printer driver, indicated by reference numeral 84 is accessible. If the data can be recorded from the output connection 84, the cryptographic protection is overcome.
- each of chapters A, B and C can be identically encrypted as by the publisher's computer 12 (Fig. 1) with a public key as described hereinabove.
- the thus encrypted file wherein a portion thereof, such as the table of contents 90 is typically not encrypted, is shown at reference numeral 100.
- This encryption is illustrated by frames 102 formed about each of chapters 92, 94 and 96.
- each chapter can be separately encrypted, as with a symmetric secret key, in much the same manner as described hereinabove with reference to Figs. 3 A - 3E.
- the double encrypted file is indicated by reference numeral 104 and preferably includes an unencrypted table of contents 90.
- the separate encryptions are indicated by respective frames 106, 108 and 110 surrounding frames 102.
- the secret keys for the second encryption are stored in the publisher's data base and are transmitted to the customer, as and when the customer purchases a given chapter.
- the double encryption functionality shown in Figs. 3A - 3E and 5 A - 5E enables transmission of the information to be decoupled from licensing thereof, so as to enable transmission to occur when convenient and cost effective and licensing to occur at a time convenient to the customer. It will be apparent to persons skilled in the art that the present invention is not limited to what has been particularly shown and described hereinabove. Rather the scope of the present invention includes both combinations and sub-combinations of the features described hereinabove as well as modifications and further developments thereof which would occur to a person of skill in the art upon reading the foregoing description, which are not in the prior art.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0007677A GB2346054A (en) | 1997-09-30 | 1998-09-28 | Electronic publishing |
AU94559/98A AU9455998A (en) | 1997-09-30 | 1998-09-28 | Electronic publishing |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
IL12187697A IL121876A0 (en) | 1997-09-30 | 1997-09-30 | Electronic publishing |
IL121876 | 1997-09-30 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1999017496A1 true WO1999017496A1 (en) | 1999-04-08 |
Family
ID=11070695
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IL1998/000474 WO1999017496A1 (en) | 1997-09-30 | 1998-09-28 | Electronic publishing |
Country Status (4)
Country | Link |
---|---|
AU (1) | AU9455998A (en) |
GB (1) | GB2346054A (en) |
IL (1) | IL121876A0 (en) |
WO (1) | WO1999017496A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7080079B2 (en) * | 2000-11-28 | 2006-07-18 | Yu Philip K | Method of using the internet to retrieve and handle articles in electronic form from printed publication which have been printed in paper form for circulation by the publisher |
US7890428B2 (en) * | 2005-02-04 | 2011-02-15 | Microsoft Corporation | Flexible licensing architecture for licensing digital application |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5142579A (en) * | 1991-01-29 | 1992-08-25 | Anderson Walter M | Public key cryptographic system and method |
US5150411A (en) * | 1990-10-24 | 1992-09-22 | Omnisec | Cryptographic system allowing encrypted communication between users with a secure mutual cipher key determined without user interaction |
US5377268A (en) * | 1991-03-18 | 1994-12-27 | Pitney Bowes Inc. | Metering system with remotely resettable time lockout |
US5568554A (en) * | 1995-01-31 | 1996-10-22 | Digital Equipment Corporation | Method for improving the processing and storage performance of digital signature schemes |
US5761305A (en) * | 1995-04-21 | 1998-06-02 | Certicom Corporation | Key agreement and transport protocol with implicit signatures |
-
1997
- 1997-09-30 IL IL12187697A patent/IL121876A0/en unknown
-
1998
- 1998-09-28 GB GB0007677A patent/GB2346054A/en not_active Withdrawn
- 1998-09-28 AU AU94559/98A patent/AU9455998A/en not_active Abandoned
- 1998-09-28 WO PCT/IL1998/000474 patent/WO1999017496A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5150411A (en) * | 1990-10-24 | 1992-09-22 | Omnisec | Cryptographic system allowing encrypted communication between users with a secure mutual cipher key determined without user interaction |
US5142579A (en) * | 1991-01-29 | 1992-08-25 | Anderson Walter M | Public key cryptographic system and method |
US5377268A (en) * | 1991-03-18 | 1994-12-27 | Pitney Bowes Inc. | Metering system with remotely resettable time lockout |
US5568554A (en) * | 1995-01-31 | 1996-10-22 | Digital Equipment Corporation | Method for improving the processing and storage performance of digital signature schemes |
US5761305A (en) * | 1995-04-21 | 1998-06-02 | Certicom Corporation | Key agreement and transport protocol with implicit signatures |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7080079B2 (en) * | 2000-11-28 | 2006-07-18 | Yu Philip K | Method of using the internet to retrieve and handle articles in electronic form from printed publication which have been printed in paper form for circulation by the publisher |
US7890428B2 (en) * | 2005-02-04 | 2011-02-15 | Microsoft Corporation | Flexible licensing architecture for licensing digital application |
Also Published As
Publication number | Publication date |
---|---|
AU9455998A (en) | 1999-04-23 |
IL121876A0 (en) | 1998-02-20 |
GB2346054A (en) | 2000-07-26 |
GB0007677D0 (en) | 2000-05-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5509074A (en) | Method of protecting electronically published materials using cryptographic protocols | |
US7337332B2 (en) | Transferring electronic content | |
US5541993A (en) | Structure and method for secure image transmission | |
US6885748B1 (en) | System and method for protection of digital works | |
US6378070B1 (en) | Secure printing | |
US8862517B2 (en) | Digital rights management of content when content is a future live event | |
EP0929023B1 (en) | Secure printing | |
EP1451725B1 (en) | Secure printing of a document | |
US20050268089A1 (en) | Printing system and method that support security function | |
EP1536305A1 (en) | Secure transmission of electronic documents | |
EP1146715A1 (en) | System and method for protection of digital works | |
KR950035289A (en) | Communication | |
WO1997009817A3 (en) | Document processing | |
EP1146411B2 (en) | System and method for protection of digital works | |
JP2004157864A (en) | Content distribution system | |
US20040083392A1 (en) | Digital information protecting method and system | |
JP2008011092A (en) | Encrypted-content retrieval system | |
US20050114684A1 (en) | Contents use frequency limiting method, contents using terminal apparatus, contents using system, computer program and computer readable memory medium | |
WO1999017496A1 (en) | Electronic publishing | |
US7519820B2 (en) | Image forming system and image forming method | |
JP3885882B2 (en) | Image forming apparatus and image forming system | |
JP4420622B2 (en) | How to send and receive data | |
KR100352344B1 (en) | Apparatus and method for preventing disclosure through user-authentication at a printing node | |
JP2002351743A (en) | Document distribution system | |
JPH1165932A (en) | Data printing device and method therefor |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AT AU AZ BA BB BG BR BY CA CH CN CU CZ CZ DE DE DK DK EE EE ES FI FI GB GD GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
ENP | Entry into the national phase |
Ref country code: GB Ref document number: 200007677 Kind code of ref document: A Format of ref document f/p: F |
|
NENP | Non-entry into the national phase |
Ref country code: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09509619 Country of ref document: US |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: CA |