This contest is closed.
Patexia seeks prior art for US Patent 7,079,649 (US ‘649) which allegedly describes a method of implementing a digital rights management system (DRM) by cryptographically protecting desired data through a server-client relationship facilitated over the Internet, and restricting copy and save functions at the client as to that data.
With the advent of broadband internet, it has never been easier to distribute creative content to an artist’s fans (and future fans) wherever they might be. However, because digital content is easily copied and transferred, the old content assumptions (where copyright protection was designed to protect against physically copying and financially benefiting from someone else’s work) no longer apply.
Digital rights management was developed as a way of ensuring that content creators are protected from those who might exploit their digital content. The main challenge of DRM is to balance between making sure that illegitimate users cannot steal digital content, while not impeding legitimate users and still making it easy to distribute content to future fans.
The patent in this Contest allegedly implements a DRM system by cryptographically securing data on a server, distributing a program to run on a client computer to decrypt the content, and restricting the client’s ability to copy or save the decrypted data.
The patent describes this DRM system as:
- encrypting data in a cryptographic scheme
- generating a program on the server that will facilitate this DRM system
- when the client wants to access the protected content, downloading the program onto the client
- once installed, using the program to request from the server the cryptographically protected data
- downloading the protected data
- once the program is fully running and the download is complete, using the program to decrypt the data
- restricting or outright preventing the client computer’s ability to copy or save the decrypted data
Additionally, the patent describes an authentication method where:
- the server and the client both independently store a cryptographic key and a unique identifier for the client
- when the server needs to authenticate the client, the server sends a request to the client
- in response, the client prepares a signed hash created from the cryptographic key and the unique identifier, and send the signed hash back to the server
- meanwhile, the server independently creates a signed hash from its version of the cryptographic key and a unique identifier for the client
- to authenticate the client, the server compares the received signed hash with the signed hash it created
- if the hashes match, the server has authenticated the client and it will use the cryptographic key to encrypt the data and transmit it to the client
- if the hashes do not match, the server knows the client is not authenticated and does not have permission to access the client
Finally, the patent describes a process of steganographically marking the data as protected; steganography being a method of encrypting data in plain sight so that the encryption would not be obvious to a typical observer.
Figure 3. A basic overview of the server-client relationship.
|1||Was the reference filed or published before March 27th, 1997?||T/F|
|2||Does the reference describe a method of controlling access at a client to data downloaded from a web server?||5|
|3||Is the data’s access controlled through a cryptographic protection scheme?||5|
|4||In order to access this cryptographically protected data, does the client download and use a program that was created at the same server the data is stored on?||10|
|5||Does this program then send request to and download the cryptographically protected data from the server?||10|
|6||After the data has finished downloading, does the program use a cryptographic key to decrypt the data?||10|
|7||Does the program also restrict or prohibit the client’s ability to copy or save the decrypted data?||15|
|8||In order to strengthen the cryptographic protection scheme, do both the server and client independently store a cryptographic key and a unique identifier for the client?||15|
|9||When preparing to send the data, does the server send a request to the client and receive in response a signed hash that was created as a function of the cryptographic key and unique identifier?||5|
|10||Does the server also independently create a signed hash from its stored cryptographic key and unique identifier for the client?||5|
|11||Does the server compare the received hash from the client and the server created hash to authenticate the client and use the newly authenticated cryptographic key to encrypt the data to send to the client?||15|
|12||Does the server also use a steganographic method to mark the data as protected?||5|
This is a Prior Art Search contest aimed at determining if a patent idea was known and publicly available before a patent was filed.
This contest will close on Sunday, August 17th, 2014 at 11:59 PM PST.
Please review the Contest Rules. For more information on how to submit to this Contest type, please read the Intro to Prior Art Search page.
Please review the full list of known references.
- All work must be original and prepared by a single author
- Maximum of one entry per person allowed
- Maximum length of 1,500 words
- Entries must be in English
- Ideas should be clearly expressed at a college-educated, non-expert level
- All submissions are subject to Patexia's contest legal terms
- Failure to follow these rules may lead to disqualification from the contest