WO2013079923A2 - A method of securing electronic information - Google Patents

A method of securing electronic information Download PDF

Info

Publication number
WO2013079923A2
WO2013079923A2 PCT/GB2012/052920 GB2012052920W WO2013079923A2 WO 2013079923 A2 WO2013079923 A2 WO 2013079923A2 GB 2012052920 W GB2012052920 W GB 2012052920W WO 2013079923 A2 WO2013079923 A2 WO 2013079923A2
Authority
WO
WIPO (PCT)
Prior art keywords
information
electronic information
data
storage device
encryption
Prior art date
Application number
PCT/GB2012/052920
Other languages
French (fr)
Other versions
WO2013079923A3 (en
Inventor
Paul WHIPP
Original Assignee
Evanidus Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Evanidus Limited filed Critical Evanidus Limited
Priority to GB1408847.0A priority Critical patent/GB2510764A/en
Publication of WO2013079923A2 publication Critical patent/WO2013079923A2/en
Publication of WO2013079923A3 publication Critical patent/WO2013079923A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1011Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1013Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to locations

Definitions

  • This invention relates to a method of securing electronic information by encryption and a device for storing encrypted electronic information.
  • Ebooks are offered to the public in a limited number of ways. Typically users buy a book such that they can download and keep the book to read as many times as they like in perpetuity. A second model that is becoming prevalent is the rental model, where a book is downloaded to an e-book reader and kept for a limited period of time before it is deleted from the reader device. There are two problems with these models. Firstly, users and publishers would like different ways in which to consume the book. Typically a user will read a book only once, and perhaps over a long period of time, such that these models do not match the mode of consumption. Secondly, the ebooks as currently distributed are easy to copy and redistribute at little or no cost. This makes them a common target for piracy and casual copying. Both of these issues lead to a loss of revenue for the original creators and distributors of the ebook.
  • ebooks can be encrypted so that an appropriate key must be used to render the ebook comprehensible.
  • the key is usually stored in some hidden location on the device or is held in a dedicated piece of hardware that must be accessed by the device. Once the key is applied to the ebook, the entire book is unencrypted presenting an opportunity for copying the book. When the ebook has been consumed, it typically remains on the ereader and can be re-read.
  • a method of securing electronic information comprising encrypting electronic information with computing apparatus using an encryption key based on information data associated with a storage device, such as a device with a memory store.
  • a storage device such as a device with a memory store.
  • the encryption carried out is specific to each storage device concerned and decryption can only occur by knowing the information data. If electronic information encrypted in this way is copied to another device, access to the encrypted information is prevented as the key is only derivable from information associated with the original device. There is no way to precisely replicate this information on another device as it is unique to a specific storage device.
  • the information data may comprise any data specific to a storage device, such as electronic addresses, geographic location identifiers, passwords, memory location identifiers such as inodes or inode numbers, variables associated with the specific state of one or more files, question responses of a user, user name and the like. Multiple pieces of information data may be used.
  • the information data comprises a memory location identifier representing a position in an electronic memory of the storage device where purchased electronic information, such as music, audio-visual material, or written material such as an ebook, is to be stored.
  • the memory location identifier may be an inode or inode number.
  • the method may also comprise storing encrypted information on the storage device at a position associated with the location identifier.
  • the storage device will be a customer device such as an ereader, PC, net book, laptop, smartphone or any other electronic storage means.
  • Encrypting typically takes place on a computer server.
  • information data unique to a customer device will be used by a computer server to encrypt the electronic information held by the merchant before downloading the encrypted electronic information to the customer.
  • invention also lies in a method of securing electronic information comprising: communicating information data from a storage device to computing apparatus, such as that associated with a merchant or a plurality of merchants,
  • the method further comprises decrypting the encrypted information at the storage device using the information data to provide the key for decryption.
  • Encryption may be performed using a recursive encryption technique, where electronic information is encrypted in portions, such as portions corresponding to book chapters, with desirably each portion having a different encryption key.
  • portions are converted into consecutive segments or sections where each segment contains one portion of content and an encrypted block.
  • An encrypted block is decrypted to obtain the next portion plus a subsequent encrypted block.
  • the encryption is carried out from an end portion and segment back towards a start portion and segment.
  • decryption is performed on successive segments in turn, with a preceding decrypted data portion overwritten or deleted as the next portion is decrypted.
  • This may be achieved by using a memory location state variable so that the successive segment is stored at, and so overwrites, the preceding segment by virtue of being allocated an identical memory state variable. In this way, a user using the storage device only ever has access to one data portion at a time and cannot return to a preceding data portion once the next data portion is accessed.
  • each data portion contains some data that overlaps with the adjoining portion so that, for example, where a book is being read, a first data portion will be viewed as chapter 1 and chapter 2 and when a user decides to access the second data portion, the user will see chapters 2 and 3.
  • the method also may further comprise modifying the electronic information into a plurality of portions containing overlapping information before encryption takes place.
  • computing apparatus comprising an input device for receiving a location identifier, or data, from a storage device, such as a storage device associated with a customer, processing apparatus operatively coupled to the input device to receive a location identifier from the customer and to encrypt electronic information by generating a key based on the unique location information, and output apparatus operatively coupled to the processing apparatus for sending encrypted data to a storage device.
  • a storage device such as a storage device associated with a customer
  • processing apparatus operatively coupled to the input device to receive a location identifier from the customer and to encrypt electronic information by generating a key based on the unique location information
  • output apparatus operatively coupled to the processing apparatus for sending encrypted data to a storage device.
  • the invention also lies in a computer-readable medium adapted to store computer- executable code to secure electronic information, wherein the computer-executable code comprises computer code for:
  • the invention also lies in a storage device bearing secure electronic information encrypted using an encryption key generated from a location identifier providing information about where electronic information is stored.
  • the secure electronic information may be encrypted by a recursive encryption technique.
  • the device may further comprise computer-executable code to decrypt stored electronic information using a decryption key based on a location identifier providing information about where electronic information is stored.
  • the code may further undertake sequential decryption of portions of electronic information, deleting a preceding portion before decrypting a successive portion.
  • Figure 1 is a schematic diagram illustrating use of the present invention
  • Figure 2 is a flow diagram of steps in connection with the invention
  • Figure 3 is a flow diagram of steps associated with encrypting information for storage on a user device
  • FIGS. 4(a), (b) and (c) are explanatory diagrams for illustrating the encryption technique in accordance with the invention.
  • FIG. 1 Diagrams illustrating use of the present invention are shown in Figures 1 and 2.
  • a customer wishing to purchase electronic information, such as an ebook, from an online retailer communicates with the retailer's computer server 10 using an electronic device 11 such as a computer or an ebook reader 16 to select and purchase one or more ebooks, step 20.
  • the online retailer confirms the transaction to the customer and communicates the purchase to an encryption server 12, step 22.
  • Encryption server 12, if required, can be part of the retailer's server 10 or can be a server used by a plurality of retailers and includes an input device 13 for receiving signals from server 10 and a customer device 16 and which is operatively coupled to a processor 14 for performing encryption, with an output device 15 for downloading information to an external device.
  • ebook reader 16 can be the same device and can be a dedicated device such as an ebook reader or devices such as smart phones, netbooks, laptops and PCs.
  • Synchronisation takes place between ebook reader 16 and encryption server 12 using outline steps shown in Figure 3.
  • 32, encryption server 12 and ebook reader 16 establish a connection, step 34, and reader 16 sends information data specific to reader 16 to the encryption server 12.
  • This information data can be any appropriate device specific accessible information that uniquely identifies the device.
  • the information data will include data conveyed as an inode or inode number so as to include reserved locations defining where downloaded ebooks can be stored on ereader 16.
  • An inode is a data structure on a traditional Unix-style file system such as UFS which stores basic information about a regular file, directory, or other file system object.
  • This basic information describing the file itself is known as "metadata" and includes such information as the size of the file, its physical location on a storage medium, the file's owner and group, access permissions, time stamps giving information on creation, modification and last access, and other information.
  • the inode and its associated inode number uniquely identifies the device because it is extremely unlikely that any two devices will be able to place the same ebook in exactly the same location (i.e. at the same inode number) on their storage media.
  • information data is stored by structures equivalent to an inode, such as a stat data.
  • the required information data from the device 16 can be conveyed in an object known as a library card during step 36.
  • the library card will be installed on device 16 when the appropriate ereader software plugin is installed.
  • server 12 encrypts the purchased ebook with encryption at least partly based on the information data carried by the library card, step 40.
  • encryption can be conducted using an inode number.
  • the library card is typically a software file and can include functions allowing it to reserve inode locations for ebooks and to support synchronisation of device 16 with server 12.
  • the encryption process usually also selects an inode location from reserved locations defined by the library card so that each encrypted ebook can be stored at a different inode location on device 16. The selected locations are stored on the library card as part of the encryption process.
  • encryption server 12 communicates with ereader 16 to return the library card with the now defined location(s) where the encrypted book or books are to be stored and also to return the encrypted book or books.
  • Each encrypted book is stored on the device 16 at a position reserved by the library card, steps 42 and 44.
  • the software required to decrypt the ebook is also downloaded from server 12 to ereader 16 as server 12 returns the library card and ebook.
  • the encrypted ebook can only be accessed in sections, with one section deleted as the next section is decrypted and accessed.
  • the recursive encryption process of the present invention facilitates the production of ebooks where as the ebook is consumed, portions of it that are no longer required are deleted from the ereader ensuring that the book can only be consumed once.
  • Figure 4(a) shows a diagrammatic representation of an ebook 50 containing five chapters, A, B, C, D and E with the ebook stored on the retailer's folder containing one file for each chapter.
  • the contents of the folder can be encrypted with any algorithm that transforms its contents using a key such that the same key can be used to reverse the transformation.
  • the key could be an arbitrary number added to the letter codes (this is known as rotating the letters and is a common 'schoolboy' encryption technique). For example, we could choose the key 2 and it would rotate A to C, B to D etc.
  • the key is supplied. It could be a random string, the number 2 as discussed above, or it could be something like c578c273cedba32e28b f97b9a4ba28a3flfa98f6165181c 751e6a805ed7de6f which i s a special string made to uniquely 'summarise' arbitrary digital content using a hashing algorithm called SHA2.
  • the device 16 can decrypt the entire book and get the book back into a state that a user can read by:
  • recursive encryption is applied to an ebook using a key based on information data derived from device 16 on which the ebook will be stored.
  • Recursive encryption takes a symmetric encryption process and applies it recursively to sections of the book for which deletion is required after reading.
  • the inventive encryption method Rather than using a supplied key, the inventive encryption method generates the keys needed to encrypt and decrypt the sections dependent on the information data relating to the device.
  • the encryption can be dependent on the location or the inode number on the device where the ebook will reside, explained in more detail below.
  • any information specific to device 16 that can be conveyed to server 12 can be used for encryption as long as the decryption process on the device can also access the information to generate the correct decryption key.
  • Examples of information that can be used for encryption/decryption are a user's name, random text string specific to a device, password, and/or user's response to one or more questions.
  • the key can only be generated correctly if all the pieces of information are correct on the device at the time of decryption.
  • Any encryption function can be used, including but not limited to Blowfish.
  • Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. In the recursive encryption process of the present invention, the encryption key is not supplied or stored anywhere.
  • SHA2 is a family of two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-byte (256 bits) words where SHA-512 uses 64- byte (512 bits) words. There are also truncated versions of each standardized, known as SHA-224 and SHA-384. These were also designed by the NSA.
  • the encryption server by way of a functional subsystem known as a bundler, applies encryption to the ebook before it is downloaded by the user.
  • an ebook 50 of Figure 4(a) containing 5 chapters A, B, C, D, E with unencrypted content are reconfigured into overlapping sections.
  • Each section contains some information common to the preceding section, typically by including two chapters in each section, see Figure 4(b) where, for example section 1 contains chapter A and B, and section 2 contains chapters B and C.
  • This preparation step typically takes place by analysing the ebook and breaking it down into the portions desired, typically using an automated process on the encryption server.
  • the sections will be consumed one after the other by a reader and the overlapping content ensures continuity as a reader consumes the book.
  • the encryption is generated from towards the end of the book.
  • the last section in the book is section 5 (not shown). This is an empty folder, although an ebook author could choose to leave something in it if they wanted to, for example written material they didn't mind being kept in perpetuity.
  • sections 1 to 5 as generalised sections 1 to N where N is any whole integer, the last section can be represented as:
  • section 4 containing information DE
  • this section can be represented in general as: alphabet book (sectionN- 1)
  • a functional subsystem on server 12 otherwise known as a bundler, needs to generate a key which is done dependent on a set of state variables such as specified by the library card and will be described in more depth below.
  • the bundler (and a decrypter used for decrypting the ebook on reading by a user and described below) generates its keys using the state of information carried in the ebook folder:
  • the bundler adds information from the library card to the ebook folder, discussed in more detail below.
  • the bundler process starts its work with the last but one section of the book, sectionN- 1, and the last section, sectionN, so that a key k N is generated dependent on the N-l portion content, and information data specific to device 16 such as location information denoted by inode number and/or other informational data relating to the device 16 and carried by the library card:
  • the bundler uses this key to encrypt the last section:
  • block N ENCRYPT(sectionN, k N ) where block N is a block that needs to be decrypted to access and read the data in the successive portion and then it places block N in sectionN-1 so that the block will need to be decrypted to access the last section.
  • sectionN-1 in this case section 4, can be considered as:
  • section N When a user reads the encrypted book, block N will need to be decrypted to obtain the next section.
  • the last section, section N will not require an encrypted block because there are no more data portions after it. However it will usually be encrypted with k N to prevent access until sectionN-1 has been read and then overwritten.
  • the bundler continues with the recursion for sectionN-2 by adding the encrypted section just created to the unencrypted sectionN-2.
  • the combined file is then further encrypted using a second key k N -i generated with a second set of state variables.
  • the first key and second key are different.
  • k N- i GENERATE KEY(sectionN-2) and so creates another blocking section at the end of section N-2 which can only be unlocked by use of the key k N -i, with the blocking section represented as
  • blockN-1 ENCRYPT(sectionN- 1 , k N- i)
  • the first section, section 0, is not encrypted although if desired, the ebook could be further encrypted by conventional DRM (or other) means. To pass beyond this first section, decryption of block 1 will be required.
  • each section positioned between the initial section and the end section, section N has been encrypted using a key dependent on but modified over the key for the preceding section.
  • Each key used differs from the other keys.
  • the encrypted ebook is then passed to ereader 16 and is typically stored at a set location or inode defined by the library card.
  • a functional subsystem for reversing the encryption known as a decrypter, is downloaded from server 12 to the customer device 16.
  • the folder now stored on device 16 is uncompressed by the decrypter using UNPACK(ebook_file, location) and the decrypter decrypts it so that it can be read.
  • the decrypter is a functional subsystem that takes a recursively encrypted ebook section and replaces it with the next section.
  • the GENERATE KEY functional part of the invention writes additional information to the section which is required to generate the correct key, as discussed above.
  • This information is unique to device 16 and can include the location (i.e. inode number) of the ebook on the user's device as obtained from the library card and which is unique to the user's device.
  • a user cannot copy sections to another device and decrypt them as the key information and device data would no longer match, making it impossible to generate an appropriate decryption key for the copy.
  • a library card comprising information data is sent to the bundler at the start of the encryption process so that the information data can be used in the GENERATE KEY function to encrypt the sections appropriately.
  • the GENERATE KEY function can use one or more items of information carried by the library card to complicate the encryption.
  • the information will typically be personal data about the user or the device.
  • location information carried by the library card such as the inode number, is particularly important information because it ensures that copies of the section cannot support the decryption of the next section because it is impossible to replicate the locational information on another device and so another device cannot generate the correct key.
  • the decrypter uses a similar key generation algorithm to the one used by the bundler.
  • the decrypter has access to the library card with the information that was used in the encryption. This provides the functional part required to run the decryption, and which must necessarily undo the encryption.
  • the decrypter looks at the first section 58:
  • Generation of the key can be achieved by modifying the information carried by the library card, for example the material at the inode location, by addition or removal of content.
  • each subsequent section is decrypted using a key generated from the preceding section, and/or the location information, and/or device data and/or state of file.
  • the key ki is generated and used to decrypt block 1 and supply the second section but in doing so overwrites the first section, sectionO, by ensuring that the next section is stored at the same location or inode number as the previous section.
  • this is done by using a memory location state variable, such as an inode or inode number, to ensure that the new recently generated version of the file with decrypted and encrypted elements overwrites the pre-existing version of the file.
  • alphabet_ebook file DECRYPT(blockl, ki)

Abstract

There is provided a method of securing electronic information comprising encrypting electronic information with computing apparatus (11) using an encryption key based on information data associated with a storage device (16). The information data comprises a memory location identifier representing a position in an electronic memory of the storage device (16) where purchased electronic information is to be stored. Recursively encrypted information is stored on the storage device (16) at a position associated with the memory location identifier. The information data is used to provide a key for decryption. Decryption is performed on successive data portions of the electronic information in turn, with a preceding decrypted data portion overwritten or deleted as a next data portion is decrypted.

Description

Title: A Method of Securing Electronic Information
Field of the invention
This invention relates to a method of securing electronic information by encryption and a device for storing encrypted electronic information.
Background to the invention
Increasingly information such as music, audio-visual and written material is available for purchase in electronic form. An increasing number of publications such as books are supplied in digital form. These are usually downloaded from the internet as ebooks and read using appropriate ereader software.
Ebooks are offered to the public in a limited number of ways. Typically users buy a book such that they can download and keep the book to read as many times as they like in perpetuity. A second model that is becoming prevalent is the rental model, where a book is downloaded to an e-book reader and kept for a limited period of time before it is deleted from the reader device. There are two problems with these models. Firstly, users and publishers would like different ways in which to consume the book. Typically a user will read a book only once, and perhaps over a long period of time, such that these models do not match the mode of consumption. Secondly, the ebooks as currently distributed are easy to copy and redistribute at little or no cost. This makes them a common target for piracy and casual copying. Both of these issues lead to a loss of revenue for the original creators and distributors of the ebook.
To make it harder to copy ebooks, ebooks can be encrypted so that an appropriate key must be used to render the ebook comprehensible. The key is usually stored in some hidden location on the device or is held in a dedicated piece of hardware that must be accessed by the device. Once the key is applied to the ebook, the entire book is unencrypted presenting an opportunity for copying the book. When the ebook has been consumed, it typically remains on the ereader and can be re-read.
Summary of the invention In accordance with one aspect of the present invention, there is provided a method of securing electronic information comprising encrypting electronic information with computing apparatus using an encryption key based on information data associated with a storage device, such as a device with a memory store. By using unique device- specific information data, the encryption carried out is specific to each storage device concerned and decryption can only occur by knowing the information data. If electronic information encrypted in this way is copied to another device, access to the encrypted information is prevented as the key is only derivable from information associated with the original device. There is no way to precisely replicate this information on another device as it is unique to a specific storage device.
The information data may comprise any data specific to a storage device, such as electronic addresses, geographic location identifiers, passwords, memory location identifiers such as inodes or inode numbers, variables associated with the specific state of one or more files, question responses of a user, user name and the like. Multiple pieces of information data may be used.
Preferably the information data comprises a memory location identifier representing a position in an electronic memory of the storage device where purchased electronic information, such as music, audio-visual material, or written material such as an ebook, is to be stored. The memory location identifier may be an inode or inode number. The method may also comprise storing encrypted information on the storage device at a position associated with the location identifier. Typically the storage device will be a customer device such as an ereader, PC, net book, laptop, smartphone or any other electronic storage means.
Encrypting typically takes place on a computer server. Thus during purchase of electronic information, such as an ebook from a merchant, information data unique to a customer device will be used by a computer server to encrypt the electronic information held by the merchant before downloading the encrypted electronic information to the customer. Thus invention also lies in a method of securing electronic information comprising: communicating information data from a storage device to computing apparatus, such as that associated with a merchant or a plurality of merchants,
encrypting electronic information, such as a purchased ebook, on the computing apparatus using an encryption key generated from the information data, transmitting encrypted information to the storage device,
storing the encrypted information on the storage device.
Preferably the method further comprises decrypting the encrypted information at the storage device using the information data to provide the key for decryption.
Encryption may be performed using a recursive encryption technique, where electronic information is encrypted in portions, such as portions corresponding to book chapters, with desirably each portion having a different encryption key. In such a recursive encryption technique, the portions are converted into consecutive segments or sections where each segment contains one portion of content and an encrypted block. An encrypted block is decrypted to obtain the next portion plus a subsequent encrypted block. The encryption is carried out from an end portion and segment back towards a start portion and segment.
Preferably decryption is performed on successive segments in turn, with a preceding decrypted data portion overwritten or deleted as the next portion is decrypted. This may be achieved by using a memory location state variable so that the successive segment is stored at, and so overwrites, the preceding segment by virtue of being allocated an identical memory state variable. In this way, a user using the storage device only ever has access to one data portion at a time and cannot return to a preceding data portion once the next data portion is accessed. Where such deletion occurs upon decryption, desirably each data portion contains some data that overlaps with the adjoining portion so that, for example, where a book is being read, a first data portion will be viewed as chapter 1 and chapter 2 and when a user decides to access the second data portion, the user will see chapters 2 and 3. Thus the method also may further comprise modifying the electronic information into a plurality of portions containing overlapping information before encryption takes place. In accordance with another aspect of the invention, there is provided computing apparatus comprising an input device for receiving a location identifier, or data, from a storage device, such as a storage device associated with a customer, processing apparatus operatively coupled to the input device to receive a location identifier from the customer and to encrypt electronic information by generating a key based on the unique location information, and output apparatus operatively coupled to the processing apparatus for sending encrypted data to a storage device.
The invention also lies in a computer-readable medium adapted to store computer- executable code to secure electronic information, wherein the computer-executable code comprises computer code for:
encrypting electronic information based on a location identifier associated with a storage device.
The invention also lies in a storage device bearing secure electronic information encrypted using an encryption key generated from a location identifier providing information about where electronic information is stored.
The secure electronic information may be encrypted by a recursive encryption technique.
The device may further comprise computer-executable code to decrypt stored electronic information using a decryption key based on a location identifier providing information about where electronic information is stored. The code may further undertake sequential decryption of portions of electronic information, deleting a preceding portion before decrypting a successive portion.
The invention will now be described by way of example, and with reference to, the accompanying drawings in which:
Figure 1 is a schematic diagram illustrating use of the present invention;
Figure 2 is a flow diagram of steps in connection with the invention; Figure 3 is a flow diagram of steps associated with encrypting information for storage on a user device; and
Figures 4(a), (b) and (c) are explanatory diagrams for illustrating the encryption technique in accordance with the invention.
Description
Diagrams illustrating use of the present invention are shown in Figures 1 and 2. A customer wishing to purchase electronic information, such as an ebook, from an online retailer communicates with the retailer's computer server 10 using an electronic device 11 such as a computer or an ebook reader 16 to select and purchase one or more ebooks, step 20. The online retailer confirms the transaction to the customer and communicates the purchase to an encryption server 12, step 22. Encryption server 12, if required, can be part of the retailer's server 10 or can be a server used by a plurality of retailers and includes an input device 13 for receiving signals from server 10 and a customer device 16 and which is operatively coupled to a processor 14 for performing encryption, with an output device 15 for downloading information to an external device. After payment has been made, the customer synchronises their ebook reader 16 with encryption server 12, step 24, for example by launching their ereader and encryption server 12 encrypts the ebook in a manner specific to the invention, step 26. Once encryption is completed, server 12 begins the process of downloading the purchased book in encrypted form to ebook reader 16, step 28. The customer can then decrypt and access one encrypted section of the ebook at a time, the previous section deleted as the next section is decrypted before reading, step 30. Whilst shown separately to computer 12, ebook reader 16 can be the same device and can be a dedicated device such as an ebook reader or devices such as smart phones, netbooks, laptops and PCs.
Synchronisation takes place between ebook reader 16 and encryption server 12 using outline steps shown in Figure 3. At the start of the synchronisation process, 32, encryption server 12 and ebook reader 16 establish a connection, step 34, and reader 16 sends information data specific to reader 16 to the encryption server 12. This information data, or state variables, can be any appropriate device specific accessible information that uniquely identifies the device. Typically the information data will include data conveyed as an inode or inode number so as to include reserved locations defining where downloaded ebooks can be stored on ereader 16. An inode is a data structure on a traditional Unix-style file system such as UFS which stores basic information about a regular file, directory, or other file system object. This basic information describing the file itself is known as "metadata" and includes such information as the size of the file, its physical location on a storage medium, the file's owner and group, access permissions, time stamps giving information on creation, modification and last access, and other information. The inode and its associated inode number uniquely identifies the device because it is extremely unlikely that any two devices will be able to place the same ebook in exactly the same location (i.e. at the same inode number) on their storage media. For non-Unix systems, information data is stored by structures equivalent to an inode, such as a stat data. The required information data from the device 16 can be conveyed in an object known as a library card during step 36.
Generally the library card will be installed on device 16 when the appropriate ereader software plugin is installed. Once the library card has been transmitted to encryption server 12, server 12 encrypts the purchased ebook with encryption at least partly based on the information data carried by the library card, step 40. In its simplest form, encryption can be conducted using an inode number. The library card is typically a software file and can include functions allowing it to reserve inode locations for ebooks and to support synchronisation of device 16 with server 12. The encryption process usually also selects an inode location from reserved locations defined by the library card so that each encrypted ebook can be stored at a different inode location on device 16. The selected locations are stored on the library card as part of the encryption process.
Once encryption is completed, encryption server 12 communicates with ereader 16 to return the library card with the now defined location(s) where the encrypted book or books are to be stored and also to return the encrypted book or books. Each encrypted book is stored on the device 16 at a position reserved by the library card, steps 42 and 44. The software required to decrypt the ebook is also downloaded from server 12 to ereader 16 as server 12 returns the library card and ebook. As will be explained, the encrypted ebook can only be accessed in sections, with one section deleted as the next section is decrypted and accessed. The recursive encryption process of the present invention facilitates the production of ebooks where as the ebook is consumed, portions of it that are no longer required are deleted from the ereader ensuring that the book can only be consumed once.
The encryption method described and its dependence on information data specific to device 16 makes it harder to copy an entire ebook than with conventional encryption methods.
The method of encryption and decryption used in the present invention will now be described in outline as a simplified system encrypting a simplified ebook. Additions to secure the simplified system are then described.
Figure 4(a) shows a diagrammatic representation of an ebook 50 containing five chapters, A, B, C, D and E with the ebook stored on the retailer's folder containing one file for each chapter.
As is generally known, one can convert or pack a folder structure into a single file for downloading or better storage (typically using compression) with any one of a number of popular techniques (such as TAR or ZIP):
ebook file = PACK(alphabetJ ook) where alphabet book is the book of Figure 4(a).
The contents of the folder can be encrypted with any algorithm that transforms its contents using a key such that the same key can be used to reverse the transformation. For example, the key could be an arbitrary number added to the letter codes (this is known as rotating the letters and is a common 'schoolboy' encryption technique). For example, we could choose the key 2 and it would rotate A to C, B to D etc.
There are many other encryption algorithms which allow encryption of the ebook file by: encrypted_ebook file = ENCRYPT(ebook file, key)
In the normal symmetric key encryption, the key is supplied. It could be a random string, the number 2 as discussed above, or it could be something like c578c273cedba32e28b f97b9a4ba28a3flfa98f6165181c 751e6a805ed7de6f which i s a special string made to uniquely 'summarise' arbitrary digital content using a hashing algorithm called SHA2.
As long as ereader 16 is supplied with the key, the device 16 can decrypt the entire book and get the book back into a state that a user can read by:
ebook file = DECRYPT(ebook file, key).
In the present invention, recursive encryption is applied to an ebook using a key based on information data derived from device 16 on which the ebook will be stored. Recursive encryption takes a symmetric encryption process and applies it recursively to sections of the book for which deletion is required after reading. Rather than using a supplied key, the inventive encryption method generates the keys needed to encrypt and decrypt the sections dependent on the information data relating to the device. The encryption can be dependent on the location or the inode number on the device where the ebook will reside, explained in more detail below. However any information specific to device 16 that can be conveyed to server 12 can be used for encryption as long as the decryption process on the device can also access the information to generate the correct decryption key. Examples of information that can be used for encryption/decryption are a user's name, random text string specific to a device, password, and/or user's response to one or more questions. When more than one piece of information is used, the key can only be generated correctly if all the pieces of information are correct on the device at the time of decryption. Any encryption function can be used, including but not limited to Blowfish. Blowfish is a keyed, symmetric block cipher, designed in 1993 by Bruce Schneier and included in a large number of cipher suites and encryption products. Blowfish provides a good encryption rate in software and no effective cryptanalysis of it has been found to date. In the recursive encryption process of the present invention, the encryption key is not supplied or stored anywhere. It is computed by hashing the state of the ebook folder after some processing has been done on it, typically using SHA2 to generate the keys in this manner. Hashing is the application of any algorithm or subroutine that maps large data sets to smaller data sets, called keys. SHA2 is a family of two similar hash functions, with different block sizes, known as SHA-256 and SHA-512. They differ in the word size; SHA-256 uses 32-byte (256 bits) words where SHA-512 uses 64- byte (512 bits) words. There are also truncated versions of each standardized, known as SHA-224 and SHA-384. These were also designed by the NSA.
Where a book has been purchased, the encryption server, by way of a functional subsystem known as a bundler, applies encryption to the ebook before it is downloaded by the user.
To explain the encryption process, an ebook 50 of Figure 4(a) containing 5 chapters A, B, C, D, E with unencrypted content are reconfigured into overlapping sections. Each section contains some information common to the preceding section, typically by including two chapters in each section, see Figure 4(b) where, for example section 1 contains chapter A and B, and section 2 contains chapters B and C. This preparation step typically takes place by analysing the ebook and breaking it down into the portions desired, typically using an automated process on the encryption server. The sections will be consumed one after the other by a reader and the overlapping content ensures continuity as a reader consumes the book.
The encryption is generated from towards the end of the book. The last section in the book is section 5 (not shown). This is an empty folder, although an ebook author could choose to leave something in it if they wanted to, for example written material they didn't mind being kept in perpetuity.
Any material that the ebook author wishes to keep unencrypted (for example reference maps or genealogies) can also be kept always available by including it in every portion. Considering sections 1 to 5 as generalised sections 1 to N where N is any whole integer, the last section can be represented as:
alphabet book (sectionN)
The last but one section of the ebook, in this case section 4 containing information DE, will be used to generate the key and this section can be represented in general as: alphabet book (sectionN- 1)
D
E
For encryption to take place, a functional subsystem on server 12, otherwise known as a bundler, needs to generate a key which is done dependent on a set of state variables such as specified by the library card and will be described in more depth below.
In the recursive encryption technique, the bundler (and a decrypter used for decrypting the ebook on reading by a user and described below) generates its keys using the state of information carried in the ebook folder:
GENERATE KEY (ebook file)
As part of this GENERATE KEY function, the bundler adds information from the library card to the ebook folder, discussed in more detail below.
The bundler process starts its work with the last but one section of the book, sectionN- 1, and the last section, sectionN, so that a key kN is generated dependent on the N-l portion content, and information data specific to device 16 such as location information denoted by inode number and/or other informational data relating to the device 16 and carried by the library card:
kN-i= GENERATE KEY(sectionN-l)
The bundler uses this key to encrypt the last section:
blockN = ENCRYPT(sectionN, kN) where blockN is a block that needs to be decrypted to access and read the data in the successive portion and then it places blockN in sectionN-1 so that the block will need to be decrypted to access the last section. As the recursive encryption works from the end to the beginning, it has to start at the end of the book where there is no next section to worry about.
Thus encrypted sectionN-1, in this case section 4, can be considered as:
alphabet book (sectionN-1)
D
E
blockN
When a user reads the encrypted book, block N will need to be decrypted to obtain the next section. The last section, section N, will not require an encrypted block because there are no more data portions after it. However it will usually be encrypted with kN to prevent access until sectionN-1 has been read and then overwritten.
The bundler continues with the recursion for sectionN-2 by adding the encrypted section just created to the unencrypted sectionN-2. The combined file is then further encrypted using a second key kN-i generated with a second set of state variables. The first key and second key are different.
Thus kN-i = GENERATE KEY(sectionN-2) and so creates another blocking section at the end of section N-2 which can only be unlocked by use of the key kN-i, with the blocking section represented as
blockN-1 = ENCRYPT(sectionN- 1 , kN-i)
Now the bundler completes section N-2 with that block:
alphabet_book (section N-2) C
D
block N-l
The nested recursive encryption continues until the start of the ebook is reached with each section encrypted using a different key to the preceding encrypted section. The recursion ends at section N-N, i.e. section 0, with blockN-(N+l) looking like this: alphabet book (sectionO)
A
B
block 1
The first section, section 0, is not encrypted although if desired, the ebook could be further encrypted by conventional DRM (or other) means. To pass beyond this first section, decryption of block 1 will be required.
So each section positioned between the initial section and the end section, section N, has been encrypted using a key dependent on but modified over the key for the preceding section. Each key used differs from the other keys.
The portions or chapters have been converted into encrypted sections 52, 54, 56 where each section contains an encrypted block that can be decrypted to obtain the next section. This is shown in Figure 4(b) where grey shading indicates recursively encrypted material. As recursive encryption takes place from the end to the beginning of the sections, sections 52, 54 will undergo repeat encryptions with section 52 (section 4) undergoing the most repeat encryption. The recursive encryption has thus created a version of the original alphabet book file that consists of multiple nested encrypted sections which have to be sequentially unravelled such that one cannot decrypt section 3 before section 2.
After encryption, the bundler packs up the book:
alphabet orb = PACK(alphabet_book (sectionO)) The encrypted ebook is then passed to ereader 16 and is typically stored at a set location or inode defined by the library card. As part of the download process, a functional subsystem for reversing the encryption, known as a decrypter, is downloaded from server 12 to the customer device 16. The folder now stored on device 16 is uncompressed by the decrypter using UNPACK(ebook_file, location) and the decrypter decrypts it so that it can be read. The decrypter is a functional subsystem that takes a recursively encrypted ebook section and replaces it with the next section.
To prevent an informed user copying each section and consuming it again, the GENERATE KEY functional part of the invention writes additional information to the section which is required to generate the correct key, as discussed above. This information is unique to device 16 and can include the location (i.e. inode number) of the ebook on the user's device as obtained from the library card and which is unique to the user's device. A user cannot copy sections to another device and decrypt them as the key information and device data would no longer match, making it impossible to generate an appropriate decryption key for the copy.
Thus as explained briefly in relation to Figure 2, a library card comprising information data is sent to the bundler at the start of the encryption process so that the information data can be used in the GENERATE KEY function to encrypt the sections appropriately. The GENERATE KEY function can use one or more items of information carried by the library card to complicate the encryption. To be useful for the purpose of associating the copy of the ebook with its purchaser, the information will typically be personal data about the user or the device. This can allow the recursive encryption process to support user name, branching book structures (where alternate sections become available depending upon a user's answer to certain questions), score requirements, extra password protection - anything at all that can be passed to the bundler when creating the recursively encrypted ebook and obtained by the decrypter to decrypt the section. In practice location information carried by the library card, such as the inode number, is particularly important information because it ensures that copies of the section cannot support the decryption of the next section because it is impossible to replicate the locational information on another device and so another device cannot generate the correct key.
When a customer is ready to read their ebook, they open the ebook on ereader 16 and the decrypter unpacks the packed up book alphabet orb and the user is able to consume the unencrypted content 58 (section 1) containing chapters A and B, Figure 4(b). When they want to consume more of the book, the decrypter is invoked to overwrite the current section with the next section.
To do this, the decrypter uses a similar key generation algorithm to the one used by the bundler. The decrypter has access to the library card with the information that was used in the encryption. This provides the functional part required to run the decryption, and which must necessarily undo the encryption. The decrypter looks at the first section 58:
alphabet book (sectionO)
A
B
block 1
and uses the library card to generate the key it needs to undo block 1 :
ki = GENERATE KEY(sectionO)
with again the key at least partially dependent on the information carried by the library card. Generation of the key can be achieved by modifying the information carried by the library card, for example the material at the inode location, by addition or removal of content.
After the first section has been read by the user, each subsequent section is decrypted using a key generated from the preceding section, and/or the location information, and/or device data and/or state of file. Thus the key ki is generated and used to decrypt block 1 and supply the second section but in doing so overwrites the first section, sectionO, by ensuring that the next section is stored at the same location or inode number as the previous section. Typically this is done by using a memory location state variable, such as an inode or inode number, to ensure that the new recently generated version of the file with decrypted and encrypted elements overwrites the pre-existing version of the file.
Thus:
alphabet_ebook file = DECRYPT(blockl, ki)
UNPACK(alphabet_ebook_file, alphabet book location)
This creates a new decrypted section containing the next readable elements of the file whilst deleting the previous section of the file, see Figure 4(c) which illustrates how the information available to view by the user has now altered, with the changing visible information known as the moving window. In this way, the reader can consume the book section by section, with each preceding section overwritten and so deleted as the next section is accessed. The previously accessible content is completely deleted in this process. There is no way to return to it because it no longer exists on the device.
Thus by using recursive encryption with an encryption key dependent on unique information data associated with a device, and a corresponding decryption technique, it is possible to encrypt electronic data specific to a device allowing consecutive sections of electronic information to be read successively but not stored permanently. The act of decrypting a section to access it deletes the previous section so ensuring that data cannot be stored in perpetuity for access.

Claims

Claims
1. A method of securing electronic information comprising encrypting electronic information with computing apparatus using an encryption key based on information data associated with a storage device.
2. A method of securing electronic information according to claim 1, wherein the information data comprises one or more of the following: electronic addresses, geographic location identifiers, passwords, memory location identifiers, state variables, question responses of a user, user name.
3. A method of securing electronic information according to claim 1 or claim 2, wherein the information data comprises a memory location identifier representing a position in an electronic memory of the storage device where purchased electronic information is to be stored.
4. A method of securing electronic information according to any of the preceding claims, further comprising storing encrypted information on the storage device at a position associated with the memory location identifier.
5. A method of securing electronic information according to any of claims 1 to 4, wherein encryption is performed using a recursive encryption technique.
6. A method of securing electronic information according to any of claims 1 to 5, further comprising decrypting the encrypted information at the storage device using the information data to provide a key for decryption.
7. A method of securing electronic information according to any of the preceding claims, wherein decryption is performed on successive data portions of the electronic information in turn, with a preceding decrypted data portion overwritten or deleted as a next data portion is decrypted.
8. A method of securing electronic information according to claim 7, wherein decryption further comprises using a location indicator so that as a successive data portion is decrypted it overwrites a preceding data portion by being stored at the same location.
9. A method of securing electronic information according to claim 7 or claim 8, wherein each data portion has a different encryption key.
10. A method of securing electronic information according to any of claims 7 to 9, wherein each data portion has a different decryption key.
11. A method of securing electronic information according to claim 10, wherein the decryption key is generated using the information data and status information relating to data portions to be overwritten and /or data portions to be decrypted.
12. A method of securing electronic information according to any of the preceding claims, further comprising modifying data portions of the electronic information into a plurality of segments containing overlapping information before encryption takes place.
13. A method of securing electronic information comprising:
communicating information data from a storage device to computing apparatus;
encrypting electronic information on the computing apparatus using an encryption key generated from the information data;
transmitting encrypted information to the storage device; and
storing the encrypted information on the storage device.
14. A method of securing electronic information according to claim 13, wherein the information data comprises one or more of the following: electronic addresses, geographic location identifiers, passwords, memory location identifiers, state variables, question responses of a user, user name.
15. A method of securing electronic information according to claim 13 or claim 14, wherein the information data comprises a memory location identifier representing a position in an electronic memory of the storage device where purchased electronic information is to be stored.
16. A method of securing electronic information according to any of claims 13 to 15, further comprising storing encrypted information on the storage device at a position associated with the memory location identifier.
5
17. A method of securing electronic information according to any of claims 13 to 16, wherein encryption is performed using a recursive encryption technique.
18. A method of securing electronic information according to any of claims 13 to 17, lo further comprising decrypting the encrypted information at the storage device using the information data to provide a key for decryption.
19. A method of securing electronic information according to any of claims 13 to 18, wherein decryption is performed on successive data portions of the electronic information in is turn, with a preceding decrypted data portion overwritten or deleted as a next data portion is decrypted.
20. A method of securing electronic information according to claim 19, wherein decryption further comprises using a location indicator so that as a successive data portion is decrypted it
20 overwrites a preceding data portion by being stored at the same location.
21. A method of securing electronic information according to claim 19 or claim 20, wherein each data portion has a different encryption key.
25 22. A method of securing electronic information according to any of claim 19 to 21, wherein each data portion has a different decryption key.
22. A method of securing electronic information according to claim 21, wherein the decryption key is generated using the information data and status information relating to data
30 portions to be overwritten and /or data portions to be decrypted.
23. A method of securing electronic information according to any of claims 13 to 22, further comprising modifying data portions of the electronic information into a plurality of segments containing overlapping information before encryption takes place.
24. Computing apparatus comprising an input device for receiving information data from a storage device, processing apparatus operatively coupled to the input device to receive a information data from the customer and to encrypt electronic information by generating a key based on the information data, and output apparatus operatively coupled to the processing apparatus for sending encrypted data to a storage device.
25. Computing apparatus according to claim 24, wherein the information data comprises one or more of the following: electronic addresses, geographic location identifiers, passwords, memory location identifiers, state variables, question responses of a user, user name.
26. A computer-readable medium adapted to store computer-executable code to secure electronic information, wherein the computer-executable code comprises computer code for: encrypting electronic information based on information data associated with a storage device.
27. A storage device bearing secure electronic information encrypted using an encryption key generated from information data specific to the device.
28. A storage device according to claim 27, wherein the secure electronic information is encrypted by a recursive encryption technique.
29. A storage device according to claim 27 or 28, further comprising computer-executable code to decrypt stored electronic information using a decryption key based on information data specific to the device.
30. A storage device according to claim 29, wherein the computer-executable code undertakes sequential decryption of portions of electronic information, deleting a preceding portion before decrypting a successive portion.
PCT/GB2012/052920 2011-12-01 2012-11-27 A method of securing electronic information WO2013079923A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1408847.0A GB2510764A (en) 2011-12-01 2012-11-27 A method of securing electronic information

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GBGB1120700.8A GB201120700D0 (en) 2011-12-01 2011-12-01 A method of securing electronic information
GB1120700.8 2011-12-01

Publications (2)

Publication Number Publication Date
WO2013079923A2 true WO2013079923A2 (en) 2013-06-06
WO2013079923A3 WO2013079923A3 (en) 2013-11-07

Family

ID=45509022

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2012/052920 WO2013079923A2 (en) 2011-12-01 2012-11-27 A method of securing electronic information

Country Status (2)

Country Link
GB (2) GB201120700D0 (en)
WO (1) WO2013079923A2 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7017189B1 (en) * 2000-06-27 2006-03-21 Microsoft Corporation System and method for activating a rendering device in a multi-level rights-management architecture
DE10345454A1 (en) * 2003-09-30 2005-04-28 Infineon Technologies Ag Private key generator for access to storage device e.g. chip card, has page pre-key calculating device and determines private key based on pre-key and word address
WO2005121972A1 (en) * 2004-06-14 2005-12-22 Research In Motion Limited Method and system for securing data utilizing redundant secure key storage
WO2007058292A1 (en) * 2005-11-18 2007-05-24 Matsushita Electric Industrial Co., Ltd. Recording/reproducing device, communication device, program, system lsi

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Also Published As

Publication number Publication date
GB2510764A (en) 2014-08-13
WO2013079923A3 (en) 2013-11-07
GB201408847D0 (en) 2014-07-02
GB201120700D0 (en) 2012-01-11

Similar Documents

Publication Publication Date Title
US8595488B2 (en) Apparatus, system and method for securing digital documents in a digital appliance
US8345876B1 (en) Encryption/decryption system and method
US20040039932A1 (en) Apparatus, system and method for securing digital documents in a digital appliance
CN102073826B (en) Utilize the system and method for the digital copyright management of lightweight digital watermark adding component
US8826036B1 (en) Ebook encryption using variable keys
US8417966B1 (en) System and method for measuring and reporting consumption of rights-protected media content
US20080310624A1 (en) Encryption Apparatus and Method for Providing an Encrypted File System
US20150026456A1 (en) Apparatus and method for managing digital copyright on epub-based content, and apparatus and method for providing epub-based content according to user's right
CN106919810B (en) Registration code generation method and device and software registration method and device
JP2011138446A (en) File encryption system which easily operable of encrypted independent file group on dedicated operation screen
CN109408486A (en) File publishing method and system, publisher server and file creating apparatus
CN108256343B (en) Encryption method and device and decryption method and device of Shader file
CN108256342B (en) Encryption method and device and decryption method and device of Shader file
US9292698B1 (en) Method and system for remote forensic data collection
US9124422B2 (en) System and method for digital rights management with secure application-content binding
CN103379133A (en) Safe and reliable cloud storage system
US8144876B2 (en) Validating encrypted archive keys with MAC value
Mandhare et al. A Proposal on Protecting Data Leakages In Cloud Computing
WO2013079923A2 (en) A method of securing electronic information
CN101625702A (en) Encryption method of data file with file allocation table format
CN112380559A (en) Android file password box system based on dual-chaos hash file control
JP6703116B2 (en) EPUB file encryption unit file compression and decompression method
Rhazlane et al. Data alteration: A better approach to securing cloud data with encryption
WO2011047717A1 (en) Method for securing and retrieving a data file
JP5539024B2 (en) Data encryption apparatus and control method thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12808442

Country of ref document: EP

Kind code of ref document: A2

ENP Entry into the national phase

Ref document number: 1408847

Country of ref document: GB

Kind code of ref document: A

Free format text: PCT FILING DATE = 20121127

WWE Wipo information: entry into national phase

Ref document number: 1408847.0

Country of ref document: GB

122 Ep: pct application non-entry in european phase

Ref document number: 12808442

Country of ref document: EP

Kind code of ref document: A2