JP2003519942A - Method for pre-release of digital content and encryption key database used with the method - Google Patents

Abstract

(57) [Summary] A method for pre-release of digital contents is disclosed. The release time of the digital content is determined in advance, and the digital content is encrypted with the encryption key. This encrypted digital content can be decrypted (decrypted) using a decryption (decryption) key corresponding to the encryption key. The encrypted digital content is delivered to at least one content user before the release time, and the decryption key of the encrypted digital content is released to the content user at the release time. The content user can then decrypt the encrypted digital content using the released decryption key at or after the release time. The encryption key can be selected from an encryption key database with multiple entries, where each entry encrypts the release time for releasing one digital content and the digital content released at the release time. Encryption key to be encrypted.

Description

Detailed Description of the Invention

TECHNICAL FIELD The present invention relates to a framework for pre-release of digital content in encrypted form. More specifically, the present invention selects a release time of digital content, encrypts the content with an encryption key, pre-releases the selected encrypted content before the release time, and releases the encryption key at the release time. Regarding releasing to.

BACKGROUND OF THE INVENTION In many cases, by setting a release time (publication date and time) at which information is released to the public concerned (public release, public announcement, new release, release), the public concerned can be released until the release time. It is desirable to prevent anyone from obtaining and / or accessing and / or using that information. For example, in the recording industry, new recordings by artists (e.g., musical artists or groups) are typically not released to the buying public until a selected release time.

There are many reasons and reasons for using this release time. As an example, this release time is a marketing method to generate interest and expectations for information to be released (eg, new recordings by musical artists, video copies of movies for home playback) before the release time. May be used as. As another example of needing release time,
All interested information-seekers may have equal access to information (eg up-to-date government employment statistics, up-to-date quarterly reports on public bodies) at the same time. Therefore, a specific information requester obtains the information in advance so that it does not become more advantageous than other information requesters. As yet another example, an information supplier may be legally bound by contract or other means not to release information until the release time. Of course, there are many other reasons for using release time.

The use of release time for information to be released, whether the use is intentional or unintentional, results in a crammed demand for that information (
Pent-up) is common. As will be appreciated, a pent-up request for this information "explodes" at the release time, so that the information provider cannot immediately respond to the request, at least early in the release time.

If this information is to be electronically distributed as digital content in digital form, for example using a communication network such as the Internet, the content will be too few requesters too few. Requesting information / digital content from servers is common. In this case, it may happen that the communication network itself does not have the capacity or "bandwidth" to handle the requested amount of digital content to upload and / or to handle the amount of digital content to download. As will be appreciated, when this happens, it takes a long time to get the digital content. Also, as will be understood, such a situation is aggravated as the size of digital content to be downloaded increases.

More importantly, when this happens, the second digital content requestor in the second waits longer than the second digital content requester in the second time. That is, the digital content is given to the first digital content requester before the digital content requester. Similarly, the first digital content requester can download digital content using a relatively high speed access link, while the second digital content requester uses a relatively low speed access link. It is happening that digital contents can only be downloaded. In either case, the first digital content requestor can obtain the digital content first,
There is the issue of fairness, which is an advantage over the second digital content requester. It should be noted here that this fairness problem occurs even when the release time is used as described above.

Therefore, an information requester, and in particular a digital content requester, is able to receive information / release time without unduly delay, regardless of the size of the digital content or the speed of the access link through which the digital content is acquired. There is a need for a way to gain access to digital content.

SUMMARY OF THE INVENTION The above needs are achieved according to the present invention by providing a method for pre-release of digital content, wherein the release time of the digital content is predetermined and the digital content is encrypted with an encryption key. It is encrypted with.
This encrypted digital content can be decrypted (decoded) by a decryption key (also called a decryption key) corresponding to the encryption key. Encrypted digital content is
Delivered to at least one content user prior to the release time, the decryption key for the encrypted digital content is released to the content user at the release time. The content user can decrypt the encrypted digital content using the released decryption key both at the release time and after the release time. In one embodiment of the invention, the encryption key is selected from an encryption key database with multiple entries, where each entry is released at one release time of the digital content. And an encryption key for encrypting the digital content to be recorded.

As will be appreciated, decryption keys are typically much smaller in size than encrypted key digital content. Therefore, this decryption key can be downloaded at a relatively high speed or obtained by another method. In addition, encrypted information may be downloaded or otherwise obtained for a long time before the release time, which may lead to bandwidth issues, latency issues, digital content size issues such as those mentioned above. Issues, access speed issues, and other similar issues are minimized, even if not eliminated, allowing almost any digital content requester to gain access to digital content at its release time without undue delay. It is possible to obtain.

In addition to the above general description, embodiments of the present invention are described in detail below, but in order to facilitate understanding of these descriptions, the following description is made with reference to the accompanying drawings. ing. For the sake of convenience of the description of the invention, the drawings show an embodiment which is considered presently preferred. As will be understood, the present invention is
It is not limited to the specific configurations and means illustrated.

DETAILED DESCRIPTION OF THE INVENTION Referring to FIG. 1, the following description provides a brief general overview of a suitable computing environment in which the present invention and / or portions thereof may be implemented. The purpose is to show. Although not necessary, the present invention, in the general sense of computer executable instructions, such as program modules, is executed by a computer, such as a client workstation or server.
ext). Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. Moreover, it should be understood that the present invention and / or portions thereof may be practiced with other computer system configurations, including handheld devices, multiprocessor systems, microprocessor-based or Includes programmable consumer electronics, network PCs, minicomputers, mainframe computers and more. The invention may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices. The present invention further provides "enforcement architecture and method for digital rights management.
METHOD FOR DIGITAL RIGHTS MANAGEMENT) and is associated with the system and method disclosed in pending US patent application Ser. No. 09 / 290,363 (assigned to the applicant) filed April 12, 1999. It is also possible to carry out. The contents disclosed in this US patent application are incorporated herein by reference.

As shown in FIG. 1, an exemplary general purpose computing system includes a conventional personal computer 120, etc., which is a processing unit 12.
1, a system memory 122, and a system bus 123 coupling various system components including the system memory to the processing unit 121. The system bus 123 can be any of several types of bus structures, including a memory bus or memory controller employing any of a variety of bus architectures, a peripheral (peripheral) bus, and a local bus. It is included. The system memory is read only memory (read only memory ROM)
Included is 124 and random access memory RAM 125. A basic input / output system BIOS 126, consisting of the basic routines that help to transfer information between elements within a personal computer, such as during start-up, is stored in ROM 124. There is.

The personal computer 120 further includes a hard disk drive 127 for reading / writing from / to a hard disk (not shown), a magnetic disk drive 128 for reading / writing from / to a removable magnetic disk 129, and a CD-ROM or the like. It is equipped with an optical disk drive 130 for reading and writing with a removable optical disk 131 such as an optical medium. The hard disk drive 127, magnetic disk drive 128, and optical disk drive 130 are respectively a hard disk drive interface 132 and a magnetic disk drive interface 133.
, And the system bus 123 via the optical disk drive interface 134.
It is connected to the. Computer-readable media associated with each of these drives and non-volatile storage includes computer-readable instructions, data structures,
Program modules and other data are stored for personal computer 120.

Although the example environment described herein employs a hard disk, removable magnetic disk 129, and removable optical disk 131, it should be understood that it stores data that is accessible by a computer. Other types of computer-readable media that can be stored in the exemplary operating environment can also be employed. Such other types of media include magnetic cassettes,
Flash memory card, digital video disc, Bernoulli
These include cartridges, random access memory (RAM), and read only memory (ROM).

Some program modules are a hard disk, a magnetic disk 129,
It may be stored on the optical disc 131, the ROM 124 or the RAM 125, such as an operating system 135, one or more application programs 136, other program modules 137 and program data 138. is there. The user can input commands and information to the personal computer 120 through input devices such as the keyboard 140 and the pointing device 142. Other input devices (not shown) include microphones, joysticks, gamepads, satellite dishes, scanners, and the like. The above and other input devices are often connected to the processing unit 121 through a serial port interface 146 coupled to the system bus, such as a parallel port, game port, universal serial bus USB, etc. It is also possible to connect with another interface. A monitor 147 or other type of display device is also connected to the system bus 123 via an interface such as a video adapter 148. In addition to the monitor 147, personal computers are typically equipped with other peripheral (peripheral) output devices (not shown) such as speakers and printers. The exemplary system of FIG. 1 includes a host adapter 155, a Small Computer System Interface SCSI bus 1
56 and an external storage device 161 connected to the SCSI bus 156.

Personal computer 120 can operate in a networking environment that uses logical connections with one or more remote computers, such as remote computer 149. The remote computer 149 can be another personal computer, server, router, network PC, peer device or other common network node, although only the memory storage device 150 is shown in FIG. The computer 120 is typically equipped with many or all of the elements described above. The logical connection shown in FIG. 1 is a local area network (local area network).
network LAN) 151 and wide area network WAN 152
There is. Such networking environments can be found in offices and enterprises (enterprise-w
ide) Popular in computer networks, intranets, and the Internet.

When used in a LAN networking environment, the personal computer 12
0 is connected to the LAN 151 through the network interface or adapter 153. When used in a WAN networking environment, personal computer 120 is typically equipped with a modem 154 or other means for establishing communication over a wide area network 152 such as the Internet. The modem 154 includes an internal type and an external type, both of which are connected to the system bus 123 via the serial port interface 146. In a networking environment, the program modules described above with respect to personal computer 120, or portions thereof, may be stored in a remote memory storage device. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between the computers may be used.

Referring now to FIGS. 2-5, FIG. 2 illustrates a method of pre-release digital content (left side) and a method of acquiring digital content (right side) according to an embodiment of the present invention. It is shown. Note that, in these drawings, similar elements are denoted by similar reference numerals. In these methods, a content provider 10 (FIGS. 4A and 4B) seeking to deliver digital content 12 to content users 14 first determines the content release time (TR) of content 12 (see FIG. 2 step 201). This content release time (TR) can be any time that is appropriate. For example, this time could be 12 midnight on a particular day.
ght), 1 am, 9:30 am, 12:00 noon, 6:37 pm, and so on. If desired, this time (TR) can be specified in a finer or coarser granularity.

Once the release time (TR) has been determined, the content provider 10
Content 12 (see FIG. 2) using the selected encryption key (EK).
Then, the content (C) is encrypted (step 203), and the encrypted content (EK (C)) is delivered before the content release time (TR) (step 205).
. At the same time as delivering the encrypted content (EK (C)), the delivery encrypted content (EK (C
C)) is received by the content user 14 (step 209). It should be noted here that, according to the present invention, the release time (TR) is the same as the content (C) if the selection of the encryption key (EK) is based on the release time (TR). The release time (TR) does not have to be determined before it is encrypted in EK). This will be explained below. The encryption key (EK) can be any suitable encryption key, and can be used with any suitable encryption algorithm. Is possible.

In one embodiment of the invention, the encryption key (EK) is a decryption key (EK) as described below.
Asymmetric key pair containing a decryption key DK
Has become a part of. As will be understood from the following description, the encryption key (EK) and the decryption key (DK) are similar to the public key and the private key, respectively, but the decryption key (DK) Will be released at release time (TR). The encryption key (EK) can also be a symmetric key, in which case the decryption key (DK) is also the encryption key (EK). But the encryption key (EK)
However, as will be understood, if it is released before the release time (TR), as will be understood, the encryption key (EK) is actually a symmetric key. Not not.

The encrypted content (EK (C)) may be delivered to the content provider 10 by any means before the content release time (TR), if it is available.
May be delivered (step 205) and received by content user 14 (step 209). In one embodiment of the invention, content provider 10 utilizes a communication network such as the Internet. Then, the encrypted content (EK (C)) is delivered, and the content user 14 receives it.However, the encrypted content (EK (C)) can be delivered by other means. Such means include optical disk, magnetic disk, or tape method, direct transmission from content provider 10 to content user 14, electronic bulletin board method, electronic mail method, regular mail. Method, Internet Web page method, etc. Delivery and reception of the encrypted content (EK (C)) that is actually performed between Ida 10 and the content user 14, if also several intermediate distribution step is performed by interposing, Content 14
May be performed based on a request from the content provider 10 or the intermediary to the content provider 10, or may be automatically delivered from the content provider 10 or the intermediary to the content user 14. Payment for the receipt of encrypted content (EK (C)) may or may not be made.

Preferably, the distribution of the encrypted content (EK (C)) is performed with sufficient time margin (that is, with sufficient “lead time”) before the content release time (TR). Therefore, even if there is a difficulty when the content user 14 tries to obtain the encrypted content (EK (C)) by accessing the server etc., this distribution is performed relatively orderly with almost no problem. Become. This lead time can be set to any level, but as is understood, it is ideal to increase the lead time when the demand for a specific content 12 is expected to be high. is there. As you will understand, 10
If 100,000 content users 14 are expected to download a new computer game prior to release, a lead time of 100 days would result in:
An average of 1,000 downloads per day, with a lead time of 1
On day 0, there will be an average of 10,000 downloads per day.

Of course, a longer lead time is desirable because it reduces the required bandwidth. However, if the lead time is set too long, there is a high probability that a malicious individual will figure out how to decrypt the encrypted content (EK (C)) before the release time (TR). Of course, if the delivery mechanism has sufficient bandwidth to support the high download frequency, the lead time can be reduced. In any case, if you want to deliver content 12 that is relatively large in size and relatively high in demand, such as 60 minutes recording by a popular musical performer, make the lead time a month or longer. It may be desirable, and for example,
A lead time of a week or so may be desirable when delivering relatively small size and relatively high demand content 12, such as the USDA's quarterly forecast for frozen orange juice concentrate. .

When the encrypted content (EK (C)) is received by the content user, regardless of whether it occurs before or after the content release time (TR) (step 209), the content user It is preferable that 14 stores the received encrypted content (EK (C)) in an appropriate storage mechanism (storage mechanism). Any storage mechanism can be adopted, provided it is suitable. Examples of such mechanisms include magnetic disks, tapes, optical disks, hard drives, RAM, ROM, etc. As will be appreciated, the content 12 encrypted as (EK (C)) will eventually be played back or rendered on the appropriate playback or rendering device. It is an object. Encrypted content (EK (C)) (
Depending on the text, music, video, multimedia, database, plotting data, etc.), playback / rendering devices include personal computers, portable personal appliances (equipment), digital video monitors, audio digital playback systems, etc. , Or there is a combination of these.

As will be understood, the decryption key (DK) that decrypts the encrypted content (EK (C))
Are released (published) to the content user 14 at or after the content release time (TR) (step 207 in FIG. 2). Therefore, the content user 14 can receive the content decryption key (DK) at the content release time (TR) or at some time thereafter (step 2).
11). As with the delivery of encrypted content (EK (C)), the decryption key (DK) is
It can be released by any means, if appropriate. For example, the decryption key (DK) can be released by making it widely available through servers and the like. Alternatively, the decryption key (DK) can be sent to the content user 14 via an Internet web page, email message, legitimate email message, or the like.

In one embodiment of the invention, the decryption key (DK) is released to the content user 14 utilizing a communication network such as the Internet. However, like the encrypted content (EK (C)), the decryption key (DK) can be released by other means. As such means, a method using an optical disk, a magnetic disk or a tape, a method using direct transmission from the content provider 10 to the content user 14, an electronic bulletin board method, an electronic mail method, a regular mail method, an Internet Web page method ,and so on. Furthermore, as with encrypted content, the actual process of releasing the decryption key (DK) to the content user 14 may be through some intermediate release steps, or the content user 14 may use the key source ( It may be performed based on a request to the key source 16 (FIG. 5) or its intermediary, or may be automatically delivered from the key source 16 or the intermediary to the content user 14. It should be noted here that the key source 16 does not necessarily have to be the content provider 10, as will be explained in detail below.

As a matter of course, the content user 14 determines that the content release time (
TR) may attempt to obtain the decryption key (DK) from the key source 16 before, but such an attempt should fail. Among other things, the key source 16 is trusted not to release the decryption key (DK) for encrypted content (EK (C)) until the content release time (TR).

Since the release of the decryption key (DK) for the encrypted content (EK (C)) is performed at the content release time (TR), a large number of content users 14
May try to get the decryption key (DK) shortly after the release time (TR), so there may be some delay associated with it. It should be understood, of course, that decryption keys are typically much smaller in size than encrypted digital content. Therefore, even if some trouble occurs when the content user 14 tries to obtain the decryption key (DK) of the encrypted content (EK (C)) by accessing the server or the like, there is almost no problem and it is unfair. There should be no delay.

As can be understood from the above, even if the encrypted content (EK (C)) is delivered before the content release time (TR), the encrypted content (EK (C))
Even if the decryption key (DK) for is not released until the release time (TR), the content user 14 will not be able to release encrypted content (EK) after the release time (TR).
(C)) and / or decryption key (DK) after release time (TR)
Can also be received. In addition, the content user 14 has the release time (
At some point after TR, it is expected to try to obtain the decryption key (DK), so
A key source must have its decryption key (DK) at least shortly after its release time (TR).
) Is expected to be provided.

In the process of obtaining the decryption key (DK) from the key source, in one embodiment of the present invention, the content user 14 determines where the decryption key of the received encrypted digital content (EK (C)) is placed. (For example, the key source 16 / Web address of the server)
When it automatically detects it from its content and its decryption key (DK) is available,
It is possible to have appropriate hardware and / or software that automatically obtains the decryption key (DK) from where the decryption key is located. In such cases, it is preferred that the encrypted digital content (EK (C)) be used as the key source 16
To get the decryption key (DK) together with the information about. Similarly, it is preferred that the encrypted digital content (EK (C)) be transferred to the content release time (T) as shown in FIG. 4A (not shown in FIG. 4B).
R) is to be packaged with.

In one embodiment of the present invention, content user 14 obtains a decryption key (DK) from key source 16 in exchange for payment. Accordingly, as shown in FIG. 5, the key source 16 may comprise or otherwise include a payment device 18 that obtains payment from the content user 14 in exchange for sending a decryption key (DK) to the content user 14. It is also possible to connect with. The payment device 18 can be any payment device that is suitable. These include credit payment devices, debit (
Instant payment) payment device, cash payment device, bill payment device, etc. Typically, payment device 18 receives a credit, debit, or billing account number from content user 14 from content user 14 and electronically bills the account associated with that number.

Also, as shown in FIG. 5, the key source 16 may also include or be coupled with a transmission and / or release device 20 for transmitting / releasing the private key (DK) to the content user 14. It is also possible to do so. This send / release device 20 can be any device that is suitable. For example, the device 20 can send Internet web pages, email messages, legitimate email messages, etc. to the content user 14 along with the private key (DK).

Further, as shown in FIG. 5, the key source 16 may include or be coupled to a receiving device 22 for receiving a request for a decryption key (DK) from the content user 14. is there. This receiving device 22 can be any suitable device. As a typical example, the receiving device 22 sends an Internet web page or request to the content user 1
4 or from the content user 14 and so on.

The key source 16 receives the request for the decryption key (DK) from the content user 14 through the receiving device 22 (if necessary) and the payment device 18 (if necessary).
Process the payment through and send the decryption key (DK) to the content user 14 through the send / release device 20 because the content user receives the decryption key (DK) (step 211 in FIG. 2). (DK) can be stored in the corresponding location (memory location). This location depends on the application and storage location of the corresponding encrypted content (EK (C)), so unless the decryption key (DK) immediately decrypts the encrypted digital content (EK (C)). , If the decryption key (DK) immediately decrypts the encrypted digital content (EK (C)) in the long-term storage (eg, hard disk), include it in the short-term storage (eg, RAM). Can be set. In general, any storage location can be adopted if it is suitable. After that, the content user 14 decrypts the encrypted digital content (EK (C)) using the decryption key (DK) (step 213 in FIG. 2), and obtains the content 12 in the unencrypted form. Become. This content 12 can be rendered on the appropriate rendering device and / or stored in decrypted form.

Next, referring to FIG. 3, in one embodiment of the present invention, the content provider 10 uses the encryption key database 24 having a plurality of entries to generate an encryption key (
EK), where each entry contains the release time (TR) and the corresponding encryption key (EK). As will be appreciated, for each entry in the encryption key database 24, that entry's encryption key (EK) encrypts the content 12 that is to be released at that entry's release time (TR). It is for doing. Therefore, for example, the content provider 10
If you want to release one piece of content 12 at the release time (TR) of 11:00 am (1999/12/31 2300) on December 31, 1999, the content provider 10
As shown in FIG. 3, by referring to the entry of the encryption key database 24, which has its release time (TR) and, in this case, 66437G as the corresponding encryption key (EK), the encryption key is referenced. The encryption key (EK) will be used to encrypt the content 12.

In one embodiment of the invention, each entry in the encryption key database 24 contains a decryption key (DK) corresponding to an encryption key (EK). Therefore, as shown in FIG.
Content 12 is encrypted for release at a release time (TR) of 11:00 am (1999/12/31 2300) December 31, 1999, and therefore the encryption key (EK
) As the encryption key, the corresponding decryption key (DK) is 65G554.
It has become.

Preferably, the release times (TR) contained in the plurality of entries of the encryption key database 24 are regularly spaced. Therefore, as shown in FIG. 3, an hourly release time (TR) is prepared. In other words, December 31, 1999
The day is 10:00 am (1999/12/31 2200), midnight (2000/01/01), January 1st, 2000 1:00 am (2000/01/01 0100). As a matter of course, the entry can be made in units other than the hourly unit. For example, the time interval for each entry is
It can be daily, half-day, 2-day, 27-minute, 8.5-hour, and so on. Preferably, each release time (TR) is relative to a particular time zone or absolute time. For example, Eastern Time, Coordinated Universal Time
(coordinated universal time UTC).

If desired, the content provider 10 can release each decryption key (DK) at the corresponding release time (TR). Therefore, the content provider 10 can access each decryption key (DK) stored in the encryption key database 24. Alternatively, use each decryption key (DK) with the appropriate release time.
It is also possible to let the third party release the release to (TR). In such a case, the third party builds the encryption key database 24 and combines each release time (TR) with each corresponding encryption key (EK), but each corresponding decryption key (DK ) Except that the database 24 can be published to the outside.
Of course, the content provider 10 can also build the database 24 and publish it without the decryption key (DK).

Of course, the actual release of the decryption key (DK) that occurs at the release time (TR) may not actually occur at that exact release time (TR). For example, this actual release may be delayed for some reason.
Given a release time (TR), it is important to note that regardless of whether the release of the decryption key (DK) actually occurs at that release time (TR), the decryption key (DK) The actual release of is not done before its release time (TR). Accordingly, the phrase "at the release time" and its variants include "not earlier than the release time" without departing from the spirit and scope of the invention. It can be understood that the expression "" and its modified expression are included.

Therefore, any content provider 10 can consult its encryption key database 24 and select an encryption key (EK) based on a preselected release time (TR). If the content provider 10 has a release time (TR
) Even if the decryption key (DK) corresponding to the encryption key (EK) is not known, the content provider 10 does not need to have the knowledge of the decryption key (DK). The content provider 10 uses the encryption key (EK) of your choice to
2 need only be encrypted, and the corresponding decryption key (DK) must be associated with the corresponding release time (
Release to TR) can be left to a third party.

In one embodiment of the present invention, the content provider 10 uses the encryption key (EK) from the encryption key database 24, as shown in FIG.
Is encrypted only once. Therefore, only one decryption key (DK) (released at the corresponding release time (TR)) is required to decrypt the encrypted content. In another embodiment of the invention, the content provider 10
As shown in FIG. 4B (here, the encryption is performed twice), the content 12 is encrypted multiple times using the multiple encryption keys (EK) from the encryption key database 24. . Therefore, the content user 14 must obtain the corresponding decryption key (DK) in order to decrypt the encrypted content.
As will be appreciated, the release time (TR) associated with each encryption key (EK) must not be later than the release time (TR) determined for its content 12. It should also be understood that multiple layers of encryption, as shown in FIG. 4B, can also be used when one of the corresponding decryption keys (DK) is accidentally or maliciously released early. It is prevented that the content 12 is accidentally released early.

In one embodiment of the invention, content provider 10 has selected an encryption key (EK) from one of a plurality of available encryption key databases 24. More specifically, as can be understood from the above description, only one database 24 is sufficient, but for the purpose of management or security, this database 2
It is convenient to have a plurality of 4. For example, one database 24 may contain an encryption key (EK) for content for financial purposes, and another database 24 may have an encryption key (EK) for comments for entertainment purposes. Similarly, the release time (TR) may be the same or different, as shown in Figure 4B.
If the encryption keys (EK) of the above are selected from different databases 24, the encryption can be multi-layered.

As a matter of course, when the encryption key (EK) can be obtained from a plurality of databases 24, a reference (reference) pointing to the specific database 24 is incorporated in the encrypted content 12. There is a need. Therefore, content user 1
By specifying the specific database 24 and accessing the corresponding release time (TR), 2 can obtain the decryption key (DK) corresponding to the encryption key (EK). If the database 24 is accessed on a network such as an intranet or the internet, the reference is preferably a network address from which the database 24 can be accessed.

Those skilled in the relevant programming arts should understand that the programming required to implement the processes performed in connection with the present invention is relatively simple. Therefore, the present invention can be implemented by any programming.

As can be seen from the above description, according to the present invention, a new and useful method for pre-release and acquisition of digital content is provided and used together with the method. An encryption key database 24 is provided. According to this method and the database 24, the information-seeker, in particular the digital-content-seeker, can determine the size of the digital content or the speed of the access link from which the digital content is obtained. Get access to information / digital content at release time, without undue delay, regardless. Importantly, in the present invention, each encryption key database is typically a well-known trusted party (which may or may not be a content publisher). It is expected that it will be published, and that it will be widely distributed. Each decryption key (DK) has its own specified time.
It will be made widely available to (TR) but will not be announced earlier than that time. As can be understood from the above description, the above-described embodiments can be modified into various modes without departing from the concept of the present invention. Therefore, it should be understood that the invention is not limited to the specific embodiments disclosed herein, but rather within the spirit and scope of the invention as defined in the claims. It includes changes.

[Brief description of drawings]

FIG. 1 is a block diagram of a general purpose computer system that may incorporate the invention and / or some form thereof.

FIG. 2 is a flow diagram showing steps performed by a content provider during pre-release of digital content (left side) and acquisition of pre-released digital content (right side) according to one embodiment of the invention. .

FIG. 3 is a block diagram illustrating an encryption key database used in accordance with one embodiment of the present invention.

FIG. 4A is a block diagram illustrating encrypted content delivered from a content provider to content users in accordance with one embodiment of the present invention.

FIG. 4B is a block diagram illustrating encrypted content delivered from a content provider to content users according to one embodiment of the invention.

FIG. 5 is a block diagram illustrating various components used to release an encryption key to a content user according to one embodiment of the invention.

─────────────────────────────────────────────────── ─── Continued front page    (81) Designated countries EP (AT, BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, I T, LU, MC, NL, PT, SE, TR), OA (BF , BJ, CF, CG, CI, CM, GA, GN, GW, ML, MR, NE, SN, TD, TG), AP (GH, G M, KE, LS, MW, MZ, SD, SL, SZ, TZ , UG, ZW), EA (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), AE, AG, AL, AM, AT, AU, AZ, BA, BB, BG, BR, BY, B Z, CA, CH, CN, CR, CU, CZ, DE, DK , DM, DZ, EE, ES, FI, GB, GD, GE, GH, GM, HR, HU, ID, IL, IN, IS, J P, KE, KG, KP, KR, KZ, LC, LK, LR , LS, LT, LU, LV, MA, MD, MG, MK, MN, MW, MX, MZ, NO, NZ, PL, PT, R O, RU, SD, SE, SG, SI, SK, SL, TJ , TM, TR, TT, TZ, UA, UG, UZ, VN, YU, ZA, ZW F-term (reference) 5B017 AA06 BA09 CA16                 5J104 AA12 AA16 EA04 EA15 EA16                       MA05 NA02 NA27

Claims (53)

[Claims] 1. A method for pre-releasing digital content whose release time is predetermined, the method encrypting digital content with an encryption key, and the encrypted digital content corresponds to the encryption key. Content that can be decrypted by a decryption key that distributes the encryption key to at least one content user before the release time and releases the decryption key of the encrypted digital content to the content user at the release time. Is a method that is capable of decrypting encrypted digital content using a released decryption key. 2. The method of claim 1, wherein the releasing step comprises sending a decryption key to a content user. 3. The method of claim 2, wherein the releasing step sends the decryption key to the content user through a device selected from the group consisting of Internet web pages, email messages and regular email messages. A method comprising: 4. The method of claim 1, wherein the step of encrypting comprises encrypting digital content using an encryption key from an asymmetric key pair. 5. The method of claim 1, wherein the step of encrypting comprises encrypting the digital content with an encryption key that is a symmetric key, the decryption key also being the encryption key. A method characterized by the following. 6. The method of claim 1, wherein the step of encrypting comprises encrypting digital content with an encryption key selected from an encryption key database having a plurality of entries, each of The entry comprises a release time and an encryption key, the encryption key being selected from one of the entries in the database based on the release type of the entry and the predetermined release time of the digital content. . 7. The method of claim 6, wherein the step of encrypting comprises selecting an encryption key from a multiple-entry encryption key database, each entry including a release time and an encryption key. Encrypting digital content with an activation key, wherein the release times in the plurality of entries are spaced in time. 8. The method of claim 7, wherein the step of encrypting comprises encrypting digital content multiple times using multiple encryption keys from an encryption key database, each of The method characterized in that the release time corresponding to the encryption key is not later than the predetermined release time of the digital content. 9. The method of claim 6, wherein the encrypting step comprises encrypting the digital content using a plurality of encryption keys selected from a plurality of encryption key databases. A method characterized by. 10. The method of claim 6, wherein the step of encrypting comprises encrypting digital content with an encryption key selected from an encryption key database having a plurality of entries, each of The method, wherein the entry includes a release time, an encryption key, and a corresponding decryption key. 11. The method of claim 1, further comprising providing a decryption key for at least a minimum time period after the release time. 12. The method of claim 11, further comprising packaging the encrypted digital content with a release time. 13. A method of pre-releasing digital content whose release time is predetermined, the method encrypting digital content with an encryption key, and the encrypted digital content corresponds to the encryption key. A decryption key that does not release to content users until the release time, and that the encryption key is delivered to at least one content user before the release time, A method characterized in that the content user cannot decipher the encrypted digital content until the decryption key is released at the release time. 14. The method of claim 13, wherein the step of encrypting comprises encrypting digital content using an encryption key from an asymmetric key pair. 15. The method of claim 13, wherein the step of encrypting comprises encrypting digital content with an encryption key selected from an encryption key database having a plurality of entries, each of The entry comprises a release time and an encryption key, the encryption key being selected from one of the entries in the database based on the release type of the entry and the predetermined release time of the digital content. . 16. The method of claim 15, wherein the step of encrypting comprises encrypting digital content with an encryption key selected from an encryption key database having a plurality of entries, each of An entry comprises a release time and an encryption key, and the release times in the plurality of entries are regularly spaced. 17. The method of claim 16, wherein the encrypting step comprises encrypting the digital content multiple times using multiple encryption keys from an encryption key database, each encrypting the digital content multiple times. The release time corresponding to the encryption key is
A method characterized by not being later than the predetermined release time of digital content. 18. The method of claim 15, wherein the step of encrypting comprises encrypting digital content with an encryption key selected from an encryption key database having a plurality of entries, each of Entry is release time,
A method characterized by including an encryption key and a corresponding decryption key. 19. The method of claim 15, wherein the encrypting step comprises encrypting the digital content using a plurality of encryption keys selected from a plurality of encryption key databases. A method characterized by. 20. The method of claim 15, further comprising packaging the encrypted digital content with a release time. 21. A method of obtaining digital content having a predetermined release time, the method comprising first releasing digital content encrypted according to an encryption key associated with the release time. Receiving before the time, the encrypted digital content can be decrypted by the decryption key corresponding to the encryption key, and secondly, the decryption key of the encrypted digital content is received and released at the release time. Decrypting encrypted digital content using a decryption key. 22. The method of claim 21, wherein the second receiving step comprises obtaining a decryption key from a key source. 23. The method of claim 21, wherein the second receiving step automatically detects from the received digital content where the decryption key is located and makes the decryption key available. Automatically acquiring the decryption key when 24. The method of claim 21, wherein the second receiving step comprises obtaining a decryption key from a key source in exchange for payment. 25. The method of claim 21, wherein the second receiving step comprises obtaining a decryption key from a key source selected from the group consisting of Internet web pages and electronic bulletin boards. how to. 26. The method of claim 21, wherein the second receiving step comprises receiving a decryption key through a device selected from the group consisting of Internet web pages, email messages and regular email messages. A method comprising. 27. The method of claim 21, wherein the first receiving step is encrypted multiple times according to multiple encryption keys, each encryption key being associated with a particular release time. A method comprising first receiving digital content before a release time, wherein the release time associated with each encryption key is no later than the predetermined release time of the digital content. 28. The method of claim 21, wherein the first receiving step comprises receiving encrypted digital content packaged with a release time. 29. The method of claim 28, wherein the second receiving step comprises automatically obtaining a decryption key at release time. 30. An encryption key database having a plurality of entries, each entry including a release time for releasing one digital content and an encryption for encrypting digital content to be released at the release time. An encryption key database, characterized in that the encrypted digital content, including a key, is delivered to at least one content user before the release time. 31. The encryption key database of claim 30, wherein each entry further comprises a corresponding decryption key for decrypting the encrypted digital content, the decryption key being the content at release time. An encryption key database to be released to users, wherein the content user can decrypt the encrypted digital content using the released decryption key. 32. The encryption key database according to claim 30, wherein release times in the plurality of entries are spaced at regular intervals. 33. One digital content encrypted a plurality of times using a plurality of encryption keys from the encryption key database according to claim 30, and a release time corresponding to each encryption key. Is encrypted digital content characterized in that it is no later than the predetermined release time of the digital content. 34. The encrypted digital content according to claim 33,
Encrypted digital content characterized by being packaged with a release time. 35. One piece of digital content that has been encrypted multiple times using multiple encryption keys from the encryption key database of claim 30. 36. The encrypted digital content of claim 30, wherein the encrypted digital content is packaged with a release time. 37. The method of claim 30 for transmitting a decryption key to a content user.
A transmitting device, which is used in combination with the encryption key database according to 1. 38. The sending device of claim 37, including members of a group consisting of an Internet Web page sending device and an email sending device. 39. In return for transmitting the decryption key to the content user,
38. A payment device characterized in that it is used in combination with an encryption key database and a sending device according to claim 37 to obtain payments from content users. 40. A receiving device, used in combination with an encryption key database according to claim 30, for receiving a request for a decryption key from a content user. 41. The receiving device according to claim 40, including members of a group consisting of an Internet Web page transmitting device and an electronic mail transmitting device. 42. The encryption key database according to claim 30, wherein the encryption key and the decryption key are an asymmetric key pair. 43. The encryption key database according to claim 30, wherein the encryption key and the decryption key are the same key. 44. A computer-readable medium having a data structure having a plurality of entries stored therein, each entry containing data representing a release time for releasing a piece of digital content. The encrypted digital content includes a data field and a second data field containing data representing an encryption key that encrypts digital content that is to be released at release time, where the encrypted digital content is before the release time. A computer-readable medium characterized in that it is delivered to at least one content user. 45. The computer-readable medium of claim 44,
Each entry further includes a third data field containing data representing a corresponding decryption key for decrypting the encrypted digital content, the decryption key being released to the content user at the release time. The computer-readable medium, characterized in that the content user can decrypt the encrypted digital content using the released decryption key. 46. The computer-readable medium of claim 45, wherein
A computer-readable medium, wherein the encryption key contained in the second data field and the decryption key contained in the third data field are the same key. 47. The computer-readable medium of claim 44,
The computer-readable medium, wherein the release times contained in the first data fields of the plurality of entries are regularly spaced in time. 48. The method of claim 44, for transmitting the decryption key to the content user.
A transmission device for use with the computer-readable medium according to claim 1. 49. The sending device of claim 48, including members of a group of internet web page sending devices and email sending devices. 50. In return for transmitting the decryption key to the content user,
49. A payment device for use with a computer-readable medium and the sending device of claim 48 to obtain payment from a content user. 51. A receiving device for use with a computer-readable medium according to claim 44 for receiving a request for a decryption key from a content user. 52. The receiving device according to claim 51, comprising members of a group consisting of an Internet Web page sending device and an electronic mail sending device. 53. The computer-readable medium of claim 44,
A computer-readable medium characterized in that the encryption key and the decryption key are an asymmetric key pair.