6,075,862
`[11] Patent Number:
`[19]
`United States Patent
`
`Yoshida et al.
`[45] Date of Patent:
`Jun. 13, 2000
`
`USOO6075862A
`
`[54] DECRYPTION KEY MANAGEMENT
`SCHEME FOR SOFTWARE DISTRIBUTION
`SYSTEM
`
`[75]
`
`Inventors: Hideki Yoshida, KanagaWa-ken; Hideo
`Segawa, Tokyo; Toru Imai,
`Kanagawa-ken, all of Japan
`
`[73] Assignee: T{abushiki Kaisha Toshiba, Kawasaki,
`apan
`
`[21] Appl No . 08/689 118
`.
`N
`’
`22
`F'l d:
`l. 30 1996
`’
`1 e
`Ju
`Foreign Application Priority Data
`
`]
`[
`[30]
`
`10/1997 Dolphin ...................................... 380/4
`5,677,953
`
`12/1997 Dolphin ................ 380/4
`5,703,951
`
`..... 380/4
`4/1998 O’Connor et a1.
`5,745,568
`
`5/1998 Cooper et al. ............ 380/4
`5,757,908
`....................... 380/4
`7/1998 Blumenthal et 8.1.
`5,784,460
`FOREIGN PATENT DOCUMENTS
`
`7—93148
`
`4/1995
`
`Japan .
`
`OTHER PUBLICATIONS
`Mori et al., “Superdistribution: The Concept and the Archi-
`tecture”, The Transactions of the IEICE, vol. E73, No. 7, pp.
`1133—1146, Jul. 1990.
`Primary Examiner—Max Noori
`Attorney, Agent, or Firm—Foley & Lardner
`
`Jul. 31, 1995
`
`[JP]
`
`Japan ............................... P07-194695
`
`[57]
`
`ABSTRACT
`
`Int. Cl.7 ........................................................ H04L 9/00
`[51]
`[52] US. Cl.
`.................................... 380/28; 380/25; 380/4
`[58] Field of Search .................................... 380/4, 21, 23,
`380/25, 28, 30
`
`[56]
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`............................ 380/4
`3/1989 Chandra et a1.
`4,817,140
`7/1989 Hampson .................................... 380/4
`4,847,902
`4,888,798 12/1989 Earnest ........................................ 380/4
`570107571
`4/1991 Katznelson
`380/4
`‘
`590589162
`10/1991 5‘11“?“ et al‘
`" 380/25
`5,103,392
`4/1992 MorI ..........
`395/725
`5
`,199,066
`3/1993 Logan ......................................... 380/4
`5 319 705
`6/1994 Halter et al
`380/4
`5,457,746
`10/1995 Dolphin
`380/4
`59555304
`9/1996 Hasebe et a1.
`380/4
`5,586,186
`12/1996 Yuvalet al.
`380/4
`5,598,470
`1/1997 Cooper et a1.
`.. 380/4
`
`..
`
`
`
`
`
`A decryption key management scheme for a software dis-
`tribution system utilizing the decryption key, which can
`enable the re-install of the software that was decrypted once
`by a proper procedure, without requiring a re-acquisition of
`the decryption key from the software vender, so that a user
`can freely delete and re-install the software that was prop-
`erly obtained once. The decryption key 1s searched In a
`memory deVIce of a user s computer, or acquired from a
`distribution source of the encrypted software when the
`decryption key is not found in the memory means. Then, the
`encrypted software is decrypted by using the obtained
`decryption key, and a decrypted software content is installed
`into the memory deVice, while the decryption key acquired
`.
`.
`.
`.
`.
`from the distribution source 1s stored Into the memory
`.
`.
`.
`deV1ce, such that the decryption key stored In the memory
`deVice is utilizable in decrypting the encrypted software at
`a time of re-installing the encrypted software.
`
`34 Claims, 8 Drawing Sheets
`
`
`.4 12
`7717A-SOFTWARE CONTENT MFMT)R;{ UNIT - ‘
`
`
`
`
`
`SOFTWARE CONTENTAI
`SOFTWARE lDrl
`DECRYPTION KLle
`
`‘
`
`‘
`
`SOFTWARE IDv3
`
`DECRYPTION KEY—3
`
`SOFTWARE CON’l‘tN I13
`
`
`
`SOFTWARE CONTENT»\II-|)
`DECRYPTION KEYrtnrl)
`SOFTWARE lDrUIrl)
`
`‘fiHHAWNH, A
`
`,,,,,,,
`E
`,
`_
`!
`T ,,,,,,,, 5
`
`,H W _DECRYPTION, ,
`
`
`,,,,,,,,,
`
`
`
`, THI .
`72
`KEY
`73
`<74 1!
`
`SOFIWARE CONTENT
`DECRYPTION
`DECRYPTION
`l!
`
`
`
`‘ ACQUISITION UNIT
`KEY
`I|
`KEY
`
`
`ACQUISITION
`MANAGEMENT
`I
`i
`|
`UNIT
`UNIT
`;.
`
`_ _______
`'\
`,3 Ti
`_
`_
`_
`14 DECRYPTION
`-
`SOFTWARE
`V
`
`KEY
`CONTENT
`1
`l
`SOFTWARE
`i
`
`
`
`VENDOR
`l
`__________ ,
`,
`,
`,
`,
`i
`
`
`
`
`
`
`
`
`
`
`
`
`
`.
`-
`
`.
`.
`
`v
`-
`'
`.
`
`-
`'
`
`75 .
`
`l
`
`]
`
`W ,1
`
`DECRYPTION KEY—n
`SOFTWARE ID-n
`DECRYPTION KEY
`,MFMoRr UNIT,
`
`,
`
`,
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`US. Patent
`
`Jun. 13, 2000
`
`Sheet 1 0f 8
`
`6,075,862
`
`
`
`>m—MZOEATrN—UM
`
`a\
`
`H.mvwnw
`
`
`
`
`
` \meaomm>5.98:05>zQEEomQ205355E2930
`
`
`
`VEOBEmZZOF<U_ZDEZOU
`
`mm<>>rEOm
`
`MODZm>
`
`mibmahma\
`
`x/
`
`3$2NE2::HZmElZOU
`
`HI
`
`[L
`
`nmmzh>mUZmk 02mm$§Eom
`
`4<ZOmmmm
`
`MMEDLEOU
`
`a9820mmEM
`ZOEERE
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`
`
`
`
`
`

`

`US. Patent
`
`Jun. 13,2000
`
`Sheet 2 0f8
`
`6,075,862
`
`FIG.2
`
`100
`
`101
`
`102
`
`103
`
`INSTALLER n SOFTWARE CONTENT
`
`
`
`DECRYPTION KEY RETRIEVAL PROGRAM
`
`COMMUNICATION PROGRAM
`
`DECRYPTION KEY REQU EST
`
`DECRYPTION KEY ACQUISITION
`
`DECRYPTION & INSTALL PROGRAM
`
`DECRYPTION KEY STORING PROGRAM
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`US. Patent
`
`Jun. 13,2000
`
`Sheet 3 0f8
`
`6,075,862
`
`SOFTWARE 100
`
`INSTALLER
`
`FIGS
`
`l RETRIEVAL
`U
`
`(2)
`COMMUNICA-
`TION
`
`13
`
`SOFTWARE DECRYPTION
`ID
`KEY
`
`(3)
`DECRYPTION
`& INSTALL
`
`(4)
`DECRYPTION KEY
`
`REGISTRATION
`
`SOFTWARE VENDOR
`
`HARD DISK
`
`13
`
`SOFTWARE
`ID
`
`DECRYPTION
`KEY
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`US. Patent
`
`Jun. 13, 2000
`
`Sheet 4 0f 8
`
`6,075,862
`
`FIG.4
`
`DECRYPTION KEY REQUEST MESSAGE 20
`
`
`
`HEADER MACHINE ID SOFTWARE ID USER NAME CREDIT NUMBER
`
`21
`
`22
`
`23
`
`24
`
`25
`
`
`
`FIGS
`
`
`
`16
`
`CREDIT
`COMPANY
`
`14
`CHARGING
`
`DECRYPTION KEY
`INFORMATION
`RE. UEST MESSAGE
`
`
`
`
`SOFTWARE VENDER
`
`
`DECRYPTION KEY
`<
`
`
`CHARGING
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`US. Patent
`
`Jun. 13, 2000
`
`Sheet 5 0f 8
`
`6,075,862
`
`>m¥ZOFE>MUmQ
`
`n:mm<>>EOm
`4<>m=mrrmm2V"_
`
`-<UflZDEEO
`
`20:
`
`AS
`
`___
`
`
`
`
`
`2mkm>mFZmEmO<Z<E.
`
`
`
`
`Mmek—ZOO4<ZOmmmmOOHmm<>>EOm
` >m¥ZOEL>MUMD"H_n_"
`
`N;
`
`2
`
`
`
`>m¥ZOTE>MUMQn:mm<>>EOm
`
`QUE
`
`
`
`MOM—2m;mm<>>EOm
`
`x90QM<I
`
`ZOELA>MUMQ
`
`15<HmZHem
`
`a;
`
`
`
`>m¥ZOFE>MUMQ
`
`zoifiFmem
`
`aI.
`
`02mm<3E0m
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`
`
`
`
`
`

`

`US. Patent
`
`Jun. 13,2000
`
`Sheet 6 0f8
`
`6,075,862
`
`DECRYPTION KEY & SOFTWARE
`
`CONTENT MEMORY UNIT
`
`
`SOFTWARE lD-l
`
`DECRYPTION KEY-l
`
`SOFTWARE CONTENT-1
`
`SOFTWARE ID-2
`
`DECRYPTION KEY—2
`
`TS-OTTHTV-ARE-EON—TENT-ZE
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`63
`
`DECRYPTION KEY
`
`
`MANAGEMENT UNIT
`
`
` -
`
`SOFTWARE
`
`CONTENT
`
`SOFTWARE
`VENDOR
`
`
`
`
`14
`
`DECRYPTION
`KEY
`
`_
`
`_\-
`
`_
`
`_
`‘1 1
`
`_
`
`_
`
`_
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`US. Patent
`
`Jun. 13, 2000
`
`Sheet 7 0f 8
`
`6,075,862
`
`
`
`SOFTWARE ID—3
`
`DECRYPTION KEY—3
`
`SOFTWARE CONTENT-3
`
`SOFTWARE ID—(n-l) DECRYPTION KEY—(n—I)
`
`SOFTWARE CONTENT—(n-I)
`
`
`
`
`
`
`
`DECRYPTION
`KEY
`
`i
`
`I
`
`| I I
`
`DECRYPTION
`KEY
`MANAGEMENT
`UNIT
`
`DECRYPTION
`KEY
`ACQUISITION
`UNIT
`
`SOFTWARE
`
`
`
`DECRYPTION KEY
`
`_MEM(_)RY U_N1T_
`
`Petitioner Apple - EX. 1015
`
`
`
`
`
`
`
`SOFTWARE ID—l
`
`DECRYPTION KEY-l
`
`SOFTWARE CONTENT-l
`
`
`
`Petitioner Apple - Ex. 1015
`
`

`

`US. Patent
`
`Jun. 13, 2000
`
`Sheet 8 0f 8
`
`6,075,862
`
`550%
`
`Ex29:2qu
`
`4<>mEme
`
`mmmUUDm
`
`Ex2052qu
`
`
`
`:2:zoEmSOU<
`
`m_m
`
`mmzdfi4<>mEEm
`
`
`>m¥ZOFL>-UND
`
`w95—me
`
`:m
`
`QQE
`
`
`
`
`
`>m¥ZOEL>-UMQMmELQOm—m
`
`
` MUZMQZOmemMOUZ—A>m¥ZOELL>MUmDV0%m:
`
`mm<>>rrm0mmmOFm
`
`2m
`
`FZmELZOU
`
`
`
`mm<>fih0mmmorrm
`
`HZMFZOU
`
`
`
`mm<>>EOmHm>mUmQ
`
`
`
`2528mm<3Eom
`
`
`
`:2:2952303
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`
`
`
`
`
`
`

`

`6,075,862
`
`1
`DECRYPTION KEY MANAGEMENT
`SCHEME FOR SOFTWARE DISTRIBUTION
`SYSTEM
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`
`The present invention relates to a decryption key man-
`agement scheme for managing a decryption key for decrypt-
`ing an encrypted software in a software distribution system.
`2. Description of the Background Art
`Conventionally, a software to be used by a computer is
`individually stored in a recording medium such as floppy
`disks and usually sold at a retail store in a form of a software
`package which contains the recording medium along with a
`manual and other necessary items.
`In a case of such a software package, the licensing to give
`a permission to use the software is usually made in a form
`which is inseparable from the sale of the software package.
`For instance, there are cases in which a document describing
`that a contract to use the software is established as soon as
`
`the software package is opened is distributed along with the
`software package itself, or cases in which a user is required
`to sign a contract to use the software with the software
`vender by using a user registration form enclosed in the
`software package.
`there are propositions for a new
`In contrast, recently,
`software distribution scheme aimed at realization of a freer
`
`distribution style and a tighter software right owner protec-
`tion. As a representative example of such a new software
`distribution scheme, the so called superdistribution scheme
`is well known (see: R. Mori and M. Kawahara, “Superdis-
`tribution: The Concept and the Architecture”, The Transac-
`tions of the IEICE, Vol. E73, No. 7, pp. 1133—1146, July
`1990; and US. Pat. No. 5,103,392).
`The superdistribution scheme utilizes a software structure
`formed by an encrypted software content and a header
`portion having a function to decrypt the encrypted software
`content. In addition,
`two concepts called “S-credit” and
`“Software Usage Monitor” are utilized to realize the licens-
`ing between a user and a software right owner and the
`management of software usage charges.
`“S-credit” is realized in a form of a memory card such as
`an IC card which stores information as to quantitatively how
`much software usage is to be permitted to a user. Auser who
`wishes to use the software distributed by the superdistribu-
`tion first pays an appropriate fee at a service center of the
`superdistribution system, and receives the “S-credit” which
`registers the information corresponding to the paid fee.
`“Software Usage Monitor” is a program which recognizes
`a balance of the user’s contract from a value of the infor-
`
`mation registered in the “S-credit”, and permits or prohibits
`the execution of the software according to the recognized
`balance of the user’s contract. This program permits the
`execution of the software after confirming the availability of
`the “S-credit” indicating a balance greater than a certain
`value on the computer, and decreases the value of the
`information registered in the “S-credit” (indicating the
`balance) as much as a fee to be charged for this software.
`However, in such a method for managing the software
`usage charges using “S-credit”, there is a need to provide a
`protection against illegal copying of “S-credit” or illegal
`rewriting of data of “S-credit”, and to this end, it has been
`necessary to use a specialized hardware mechanism for
`limiting read/write with respect to “S-credit”, for example.
`For this reason, recently, there is a proposition for a new
`software distribution system in which the encrypted soft-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`ware content is distributed to users for free or for a very
`small charge, and a key for decrypting the encrypted soft-
`ware content is issued to a user who wishes to use this
`
`software in exchange for the payment of the software usage
`charge.
`In this software distribution system, the software vender
`can save costs required for production and distribution of
`individual software packages, and in addition, an effective
`means for advertising the software can be provided by
`packaging a non-encrypted demonstration version of this
`software for demonstrating the encrypted software content
`in a medium such as CD-ROM which stores the encrypted
`software content. From a viewpoint of a user, this feature can
`provide an advantage in that there is a chance to try and see
`if the software is worth purchasing before actually purchas-
`ing the software.
`The user receives the decryption key in exchange for the
`payment of the software usage charge for a desired software,
`and installs this software into a hard disk device of his own
`computer by decrypting the encrypted software content
`using the received decryption key.
`In this manner, the software distribution system utilizing
`the decryption key can manage the software usage charge in
`a form of the exchange of the decryption key, so that there
`is no need for “S-credit” and a specialized hardware for
`managing “S-credit” required by the superdistribution
`scheme, and therefore it is possible to realize a freer soft-
`ware distribution style.
`Now, considering a usual manner by which a user uses a
`computer, it often becomes necessary to delete the already
`installed software once in order to increase a usable capacity
`of the hard disk device, and then re-install the same software
`back to the hard disk device later on when a need to use this
`
`software arises. In a case of using the usual non-encrypted,
`packaged software,
`the user still possesses the recording
`medium contained in the software package itself, so that the
`deletion of the installed software on the hard disk device
`
`causes no problem, because it is possible to re-install the
`software from the recording medium when this software
`becomes necessary later on.
`In contrast, in a case of the above described software
`distribution system utilizing the decryption key,
`the
`decrypted software which was installed on the hard disk
`device by using the decryption key is the only executable
`software available for a user. Consequently, when the user
`loses the decryption key which was acquired from the
`software vender in exchange for the software usage charge
`and wishes to re-install the same software, it is necessary to
`acquire the decryption key by paying the software usage
`charge for the same software again. This fact can lead to a
`lower reliability of the software distribution system utilizing
`the decryption key, which in turn can present a hindrance to
`a spread of this software distribution system utilizing the
`decryption key.
`SUMMARY OF THE INVENTION
`
`It is therefore an object of the present invention to provide
`a decryption key management scheme for a software distri-
`bution system utilizing the decryption key, which can enable
`the re-install of the software that was decrypted once by a
`proper procedure, without requiring a re-acquisition of the
`decryption key from the software vender, so that a user can
`freely delete and re-install the software that was properly
`obtained once.
`
`According to one aspect of the present invention there is
`provided a method for managing a decryption key for
`
`Petitioner Apple - Ex. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`6,075,862
`
`3
`decrypting an encrypted software to be installed into a
`computer, comprising the steps of: searching the decryption
`key in a memory device of said computer; acquiring the
`decryption key from a distribution source of the encrypted
`software when the decryption key is not found in the
`memory means by the searching step; decrypting the
`encrypted software by using the decryption key obtained at
`the searching step or the acquiring step, and installing a
`decrypted software content into the memory device; and
`storing the decryption key acquired by the acquiring step
`into the memory device, such that the decryption key stored
`in the memory device is utilizable in decrypting the
`encrypted software at a time of re-installing the encrypted
`software.
`
`According to another aspect of the present invention there
`is provided a computer for managing a decryption key for
`decrypting an encrypted software to be installed into said
`computer, comprising: a memory device for storing a soft-
`ware content of each currently installed software, and a
`decryption key for decrypting each previously installed
`software; decryption key retrieval means for retrieving the
`decryption key for decrypting the encrypted software from
`the memory device; decryption key acquisition means for
`acquiring the decryption key corresponding to the encrypted
`software from a distribution source of the encrypted soft-
`ware when the decryption key is not found in the memory
`means by the decryption key retrieval means; decryption and
`install means for decrypting the encrypted software by using
`the decryption key obtained by the decryption key retrieval
`means or the decryption key acquisition means, and install-
`ing a decrypted software content into the memory device;
`and decryption key storing means for storing the decryption
`key acquired by the decryption key acquisition means into
`the memory device, such that the decryption key stored in
`the memory device is utilizable in decrypting the encrypted
`software at a time of re-installing the encrypted software.
`According to another aspect of the present invention there
`is provided an article of manufacture, comprising: a com-
`puter usable medium having computer readable program
`code means embodied therein for causing a computer to
`function as a system for managing a decryption key for
`decrypting an encrypted software to be installed into said
`computer,
`the computer readable program code means
`including: first computer readable program code means for
`causing said computer to search the decryption key in a
`memory device of said computer; second computer readable
`program code means for causing said computer to acquire
`the decryption key from a distribution source of the
`encrypted software when the decryption key is not found in
`the memory means by the first computer readable program
`code means; third computer readable program code means
`for causing said computer to decrypt the encrypted software
`by using the decryption key obtained by the first computer
`readable program code means or
`the second computer
`readable program code means, and install a decrypted soft-
`ware content into the memory device; and fourth computer
`readable program code means for causing said computer to
`store the decryption key acquired by the second computer
`readable program code means into the memory device, such
`that the decryption key stored in the memory device is
`utilizable in decrypting the encrypted software at a time of
`re-installing the encrypted software.
`According to another aspect of the present invention there
`is provided a method for distributing a software from a
`distribution source to users, comprising the steps of:
`encrypting a software to be distributed to users at a distri-
`bution source side, and distributing an encrypted software to
`
`4
`users; searching a decryption key for decrypting the
`encrypted software in a memory device of a user’s computer
`at an individual user side; providing the decryption key
`corresponding to the encrypted software from the distribu-
`tion source side to the individual user side when the decryp-
`tion key is not found in the memory means by the searching
`step; decrypting the encrypted software distributed at the
`encrypting step by using the decryption key obtained at the
`searching step or the providing step, and installing the
`decrypted software content into the memory device at the
`individual user side; and storing the decryption key acquired
`by the acquiring step into the memory device at the indi-
`vidual user side, such that the decryption key stored in the
`memory device is utilizable in decrypting the encrypted
`software at a time of re-installing the encrypted software.
`According to another aspect of the present invention there
`is provided a system for distributing a software from a
`distribution source to users, comprising: a distribution
`source computer center for encrypting a software to be
`distributed to users, and distributing an encrypted software
`to users; and a plurality of user’s computers connected with
`the distribution source computer center via a communication
`network, each user’s computer having: a memory device for
`storing a software content of each currently installed
`software, and a decryption key for decrypting each previ-
`ously installed software; decryption key retrieval means for
`retrieving the decryption key for decrypting the encrypted
`software from the memory device; decryption key acquisi-
`tion means for acquiring the decryption key corresponding
`to the encrypted software from the distribution source com-
`puter center when the decryption key is not found in the
`memory means by the decryption key retrieval means;
`decryption and install means for decrypting the encrypted
`software distributed by the distribution source computer
`center by using the decryption key obtained by the decryp-
`tion key retrieval means or the decryption key acquisition
`means, and installing a decrypted software content into the
`memory device; and decryption key storing means for
`storing the decryption key acquired by the decryption key
`acquisition means into the memory device, such that the
`decryption key stored in the memory device is utilizable in
`decrypting the encrypted software at a time of re-installing
`the encrypted software.
`Other features and advantages of the present invention
`will become apparent from the following description taken
`in conjunction with the accompanying drawings.
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`FIG. 1 is a block diagram of one embodiment of a
`software distribution system according to the present inven-
`tion.
`
`50
`
`FIG. 2 is a diagram showing a program structure of an
`installer in an encrypted software used in the system of FIG.
`1.
`
`55
`
`60
`
`65
`
`FIG. 3 is a diagram illustrating functions to be realized by
`programs included in the installer shown in FIG. 2.
`FIG. 4 is a diagram showing a data structure of a
`decryption key request message used in the system of FIG.
`1.
`
`FIG. 5 is a diagram showing an operation of a software
`vender side in a case of receiving the decryption key request
`message of FIG. 4.
`FIG. 6 is a diagram showing an alternative configuration
`using a common installer for all encrypted softwares.
`FIG. 7 is a block diagram of one exemplary detailed
`configuration of the system of FIG. 1 relevant to the decryp-
`tion key management processing.
`
`Petitioner Apple - EX. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`6,075,862
`
`5
`FIG. 8 is a block diagram of another exemplary detailed
`configuration of the system of FIG. 1 relevant to the decryp-
`tion key management processing.
`FIG. 9 is a flow chart of a procedure for the encrypted
`software install processing in the system of FIG. 1.
`
`DETAILED DESCRIPTION OF THE
`PREFERRED EMBODIMENTS
`
`Referring now to FIG. 1 to FIG. 9, one embodiment of a
`decryption key management scheme for a software distri-
`bution system according to the present invention will be
`described in detail.
`
`FIG. 1 shows an overall configuration of a software
`distribution system in this embodiment, which realizes a
`software distribution scheme in which the encrypted soft-
`ware content is distributed to users for free or for a very
`small charge, and a decryption key for decrypting the
`encrypted software content is issued to a user who wishes to
`use this software in exchange for the payment of the
`software usage charge for this software. This software
`distribution system of FIG. 1 generally comprises a plurality
`of subscribing user terminals, a software vender, and a
`communication network connecting each user terminal and
`the software vender. Note here that the encrypted software
`content implies encrypted information such as encrypted
`program and/or encrypted data.
`In FIG. 1, one personal computer 11 is shown as a
`representative of the subscribing user terminals, where this
`personal computer 11 is connected with a computer center
`provided at the software vender 14 side, through the com-
`munication network 15 such as a telephone network or an
`ISDN.
`
`The software vender 14 distributes a plurality of
`encrypted softwares 100 to users for free or for very small
`changes, where each encrypted software 100 can be pro-
`vided in a form of a large capacity memory medium such as
`CD-ROM 10 in which the encrypted software content is
`contained, possibly along with a demonstration version of
`this software for demonstrating the encrypted software
`content, or in a form of data transferred through the com-
`munication network 15.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`The software vender 14 also maintains and manages the
`decryption key for decrypting each encrypted software 100
`distributed to users.
`
`45
`
`As shown in FIG. 1, each software 100 recorded in the
`CD-ROM 10 includes an installer 101, a software ID 102,
`and a software content 103. Here, the software content 103
`is encrypted, but the installer 101 and the software ID 102
`are not. When the demonstration version of the software is
`to be included,
`this demonstration version is also not
`encrypted.
`The installer 101 is a program for decrypting the
`encrypted software content 103 and installing the decrypted
`software content into the personal computer 11 of the user.
`The software ID 102 is a unique ID for identifying each
`encrypted software 100.
`The software content 103 is information such as an
`
`application program or a utility program which can be
`operated under a prescribed operating system, or various
`types of data files such as those of image data.
`The personal computer 11 has a hard disk device 12 which
`is used as a secondary memory device. On this hard disk
`device 12,
`the operating system and various application
`programs to be executed on the personal computer 11, and/or
`various data files are installed. In addition, in a memory
`
`50
`
`55
`
`60
`
`65
`
`6
`region of this hard disk device 12, a decryption key memory
`unit 13 is provided.
`The decryption key memory unit 13 is a kind of indepen-
`dent data file which can be referred by the installer 101. This
`decryption key memory unit 13 stores the software ID of
`each encrypted software 100 which was installed once, in
`correspondence to the decryption key for decrypting each
`encrypted software 100 that was acquired from the software
`vender 14. The decryption key stored in this decryption key
`memory unit 13 will be utilized in decrypting the encrypted
`software 100 to be re-installed.
`
`The storing of the software ID and the decryption key into
`the decryption key memory unit 13 is made when the
`decryption key is acquired form the software vender 14. In
`practice, it suffices for the decryption key memory unit 13 to
`store only the decryption key which corresponds to the
`deleted software, so that the software ID and the decryption
`key corresponding to the software to be deleted can be stored
`into the decryption key memory unit 13 at a time of actually
`deleting this software.
`FIG. 2 shows a program structure of the installer 101,
`which includes a decryption key retrieval program, a com-
`munication program, a decryption and install program, and
`a decryption key storing program. In the following,
`the
`function realized by executing each of these programs will
`be described with reference to FIG. 3.
`
`The decryption key retrieval program searches through
`the decryption key memory unit 13, and retrieves the
`decryption key for decrypting the encrypted software con-
`tent 103 (operation (1) of FIG. 3). As described above, the
`decryption key memory unit 13 registers the software IDs
`and the decryption keys corresponding to the encrypted
`softwares 100 that were already installed. Therefore, the
`decryption key retrieval by the decryption key retrieval
`program can be realized by a sequential search for sequen-
`tially comparing the software ID 102 of a desired software
`with each software ID registered in the decryption key
`memory unit 13, or by a binary search through the software
`IDs registered in the decryption key memory unit 13.
`The communication program carries out a communication
`with the software vender 14 through the communication
`network 15 so as to acquire the decryption key from the
`software vender 14 in exchange for the payment of the
`software usage charge (operation (2) of FIG. 3). This com-
`munication program includes a routine for transmitting a
`decryption key request message to the software vender 14,
`and a routine for receiving the decryption key from the
`software vender 14. This communication program is to be
`executed when the decryption key retrieval by the decryp-
`tion key retrieval program fails, that is, when the corre-
`sponding decryption key does not exist in the decryption key
`memory unit 13.
`The decryption and install program decrypts the software
`content 103, by using the decryption key retrieved by the
`decryption key retrieval program in a case of a retrieval
`success, or the decryption key acquired from the software
`vender 14 by the communication program in a case of a
`retrieval failure, and installs the decrypted software content
`into the hard disk device 12 (operation (3) of FIG. 3). In a
`case of re-installing the software, the encrypted software
`content 103 to be decrypted and installed by this decryption
`and install program is to be acquired from the software
`vender 14 again, for free or for a very small charge.
`The decryption key storing program registers the decryp-
`tion key acquired from the software vender 14 by the
`communication program into the decryption key memory
`
`Petitioner Apple - Ex. 1015
`
`Petitioner Apple - Ex. 1015
`
`

`

`6,075,862
`
`7
`unit 13 in corresponding to the corresponding software ID
`(operation (4) of FIG. 3).
`According to the installer 101 which has a program
`structure as described above, the decryption key acquired
`from the software vender 14 is used for decrypting the
`software content 103, and then stored in the decryption key
`memory unit 13 as a separate file from the decrypted
`software content 103. For this reason, even when the
`decrypted software content is deleted from the hard disk
`device 12, the decryption key stored in the decryption key
`memory unit 13 is maintained therein, without being
`deleted.
`
`Consequently, in a case of re-installing the software which
`was already installed once,
`it is possible to decrypt the
`encrypted software content 103 to be re-installed immedi-
`ately by utilizing the decryption key stored in the decryption
`key memory unit 13. As for the encrypted software 100 to
`be installed for the first time, the decryption key will be
`automatically acquired from the software vender 14 by the
`installer 101.
`
`In this embodiment, the decryption key request message
`to be transmitted to the software vender 14 by the commu-
`nication program has a data structure as shown in FIG. 4,
`where the decryption key request message 20 includes a
`header portion 21 containing information necessary for
`communication, a machine ID 22 of the personal computer
`11, a software ID 23 of an encrypted software 100 to be
`installed, a user name 24, and a user’s credit number 25.
`Now, the operation of the software vender 14 in a case of
`receiving this decryption key request message will be
`described with reference to FIG. 5.
`
`Namely, the software vender 14 detects the software ID
`23 from the received decryption key request message, and
`identifies a desired software of the user. Then, the software
`vender 14 generates a charging information necessary for
`the charging processing from the software usage charge for
`the identified software, the user name 24, and the user’s
`credit number 25. Then, the charging processing according
`to this charging information is carried out by the software
`vender 14 itself, or by a credit company 16 to which the
`charging processing is entrusted.
`Then, the software vender 14 transmits the decryption key
`corresponding to the software ID 23 to the user who issued
`the decryption key request message. In this case, it is also
`possible to adopt a scheme in which the decryption key is
`encrypted by using the machine ID 22 of the user before
`being transmitted to the user, and the installer 101 uses the
`decryption key after decrypting the encrypted decryption
`key by using the machine ID.
`In this manner, the management of the software usage
`charge can be automatically realized by utilizing the request
`and the issuance of the decryption key.
`FIG. 6 shows an alternative configuration in which the
`function of the installer 101 is implemented in the personal
`computer 11 and utilized as a common installer for installing
`all the encrypted softwares into the personal computer 11.
`Namely, in FIG. 6, a decryption key management system
`51 is implemented in the personal computer 11, and used to
`realize the function of the common installer with respect to
`all the encrypted softwares. This decryption key manage-
`ment system 51 can be realized as a program which is to be
`installed into the personal computer 11 of each user at a time
`of forming the software distribution system of this embodi-
`ment.
`
`In this case, the decryption key management system 51
`includes a group of programs similar to those included in the
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`8
`installer 101 of FIG. 2, that is, the decryption key retrieval
`program, the communication program, the decryption and
`install program, and the decryption key storing program.
`In a case of utilizing this decryption key management
`system 51, it suffices for each encrypted software 100 to
`include the software content 103 and the software ID 102,
`and the installer 101 is unnecessary. In this case, the soft-
`ware ID of each encrypted software will be utilized in the
`decryption key retrieval from the decryption key memory
`unit 13 similarly as described above.
`N