US 6,636,966 B1
`(10) Patent No.:
`a2) United States Patent
`
` Leeetal. (45) Date of Patent: Oct. 21, 2003
`
`
`US006636966B1
`
`(75)
`
`(54) DIGITAL RIGHTS MANAGEMENTWITHIN
`AN EMBEDDED STORAGE DEVICE
`Inventors: Lane W. Lee, Lafayette, CO (US);
`Daniel R. Zaharris, Longmont, CO
`(US)
`(73) Assignee: (us). Acquisitions, Inc., Boulder, CO
`(*) Notice:
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 0 days.
`
`US
`
`(21) Appl. No.: 09/542,510
`
`(22)
`Filed:
`Apr. 3, 2000
`,
`(SL) UMC17 coecccccscssssssscseessessevssssesssssssseseeee HO4L 9/30
`(52) US. C1. cocci cccceececccccseceseccensnees 713/165; T13/171
`(58) Field of Search 0.0 eee 705/44, 50, 51,
`705/57; 713/165, 171, 201; 380/286
`,
`References Cited
`US. PATENT DOCUMENTS
`
`(56)
`
`5/1983 Smid et al... 178/22.08
`4,386,233 A .
`8/1994 Chou et al. sesso 380/4
`5,337,357 A
`
`6/1999 Sasamoto et al. 2.0.0.0... 380/5
`5,912,969 A
`Voy
`:
`:
`12/1999 Saito
`6,002,772 A
`8/2000 Slater ween 705/44
`6,098,053 A *
`6/2001 Brundkett et al.
`........... 713/165
`6,249,866 Bl *
`6,471,068 Bl * 10/2002 Kido et al. ove. 207/103 R
`FOREIGN PATENT DOCUMENTS
`
`wo
`wo
`
`saseerescsen HO41_/9/00
`
`WO 98/42098
`91998
`WO 00/08909
`2/2000
`OTHER PUBLICATIONS
`Keitaide-Music Consortium, “Keitaide-Music Technical
`Specification (Ver0.9)/Part 1”, (Jan. 2000), Corporate Tech-
`nology Planning Dept. R&D Headquarters, SANYO Elec-
`tric Co., Ltd., 26 pages.
`* cited by examiner
`Primary Examiner—John W. Hayes
`. a :
`Assistant Examiner—Pierre E. Elisca
`(74) Attorney, Agent, or Firm—MacPherson Kwok Chen &
`Heid LLP
`
`(57)
`
`ABSTRACT
`
`A method is
`provided for enabling
`locked data stored on a
`core meadam and accessing . through a data storage
`engine contained within or connected to a host device. A
`user selects all or part of the data stored on the storage
`medium to enable. The host device then connects to a server
`over a network and completes a transaction. The transaction
`can be any requirement specified by the supplier of the data
`selected by the user. Once the transaction is complete, the
`data storage engine connects to the same or a separate server
`through the host device and receives a piece of information,
`known as the content key, necessary to decrypt, read, or
`.
`.
`otherwise make sense of the data selected by the user. The
`tent k
`+ be.
`f
`1
`tofad
`tion
`k
`Comlent
`Key may De,
`Tor exanp'e, part ol a deerypnon
`Key.
`‘The content key is combined with otherinformation stored
`on the storage medium. ‘The combined information is then
`used to access the data selected bythe user.
`
`19 Claims, 13 Drawing Sheets
`
`EP
`
`704785
`
`4/1996
`
`ay
`
`
`
`
`Host receives content key
`engine
`and decryption key,
`forwards to date storage
`
`
`
`
`
`
`Host receives storage
`
`medium in data storage
`engine
`
`Dota storage encine
`
`
`decrypts content key
`235 —~
`
`
`dost reads content
`
`
`informction block,
`
`displays to user
`Data storage engine
`
`
`
`240~)
`records content key on
`
`storage medium
`
`Host receives user's
`
`sdection of content to
`Host receives poss/foit
`enoble
`
`
`
`message from dete
`24354
`
`storage engine,
`‘orwords
`
`to server
`Host connects to vendor
`
`authorization server,
`completes distributor
`
`requirement
`
`
`
`Host creoles exobling
`
`
`descriptor block,
`torwards to dato storage
`
`engine
`
`
`
`Host receives encrypted
`
`
`data pocket from dote
`storage engine, ferwards
`
`1o server
`
`24
`
`Host notifies user of
`2 success er
`failure of
`writing content key
`
`
`
`
`
`=
`Medio enabling key
`252 ~|
`retrieved from storage
`medium, combined with
`
`content key
`
`
`Dato is occessed ssing
`
`
`combined informction
`
`Zynga Ex. 1015,p. 1
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 1
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 1 of 13
`
`US 6,636,966 B1
`
`WOH91}UatyNy
`
`sbossay
`
`ellt
`
`allOl
`
`)9us9}Ul
`
`abossay
`
`
`
`UI}OOUBUyNYUO!}2DSU01)
`
`Jopua
`
`of
`Oui|DYOG50YO!
`
`
`
`diuosaq}U3]U094OUOI}Ia}a¢,
`
`@s0q0}0q
`
`BffoggyCEpnp
`
`Ccabossayabossay
`
`
`
`
`
`YONOZUOUINYuoNONjUsYINY
`
`rt
`
`
`
`JO.vor}2a,a5
`
`}U9}U09
`
`vo!}Oouayyny
`
`abossay
`
`OLJOvon29/85L701
`
`
`
`Aayjua}u0)
`
`201
`
`
`
`vol}aI]UaYyNYJopua
`
`
`
`
`
`Kayyu9yu0)901rolsopuan
`
`
`mtfayyue}vogBARSJaAJaSUOl}DZUOY}Ny
`
`
`
`
`
`
`
`
`26010}a6o10}$0,0p
`
`
`
`
`
`al}ua}U09abossayUONODSUDI}
`
`bOld
`
`
`
`chSIDAYJOU/2}Ul
`
`aainapSOY
`
`
`
`wnipawauibuevlb01c0l
`
`Zynga Ex. 1015, p. 2
`Zyngav. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 2
` Zynga v. IGT
` IPR2022-00199
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 2 of 13
`
`US 6,636,966 B1
`
`
`
`
`Host device or vendor authorization
`server notifies content key server thot
`the distributor requirement has been
`satisfied, or distributor requirement
`satisfied on content key server
`
`
`
`
`
`
`Host device receives content key,
`forwards to data storage engine
`
`
`
`Data storage engine records the
`content key on the storage medium
`
`
`8
`
`FIG. 2A
`
`4
`
`Zynga Ex. 1015, p. 3
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 3
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 3 of 13
`
`US 6,636,966 B1
`
`requirement Host notifies user of
`
`Host reads content
`information block,
`displays to user
`
`Host receives user's
`selection of content
`to
`enable
`
`Hast connects to vendor
`authorizotion server,
`completes distributor
`
`Host receives storage
`medium in data storage
`200
`engine
`
`
`
`
`
`Data storage engine
`
`records content key on
`storage medium
`
`
`Host receives pass/fail
`message frodato
`storege engine, forwords
`to server
`
`
`
`writing content key
` Host creates enabling
`
`descriptor black,
`forwards to data storage
`Medio enabling key
`-
`engine8
`retrieved from storage
`
`
`
`medium, combined with
`
`content key
`Host receives encrypted
`dale packet
`from dato
`storage engine, forwards
`
`lo server
`Dota is accessed using
`combined information
`
`
`
`Host receives content key
`and decryption key,
`forwards to data storage
`
`engine
`
`
`205
`
`210
`
`15
`
`Data storage engine
`decrypts content key
`
`success or failure of
`
`Fic. 2B
`
`Zynga Ex. 1015, p. 4
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 4
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 4 of 13
`
`US 6,636,966 B1
`
`We
`
`Web
`Server
`fie.
`Microsoft,
`MS,
`Apache,
`
`WebSphere) ! ]
`
`1 { j i i 1 { | i | | {\ l 1 !i | i{ i |i |i } I
`
`;
`I
`|
`
`I
`
`1 it 1 ! ti i i !! |i \b
`
`Zynga Ex. 1015, p. 5
`Zynga v. IGT
`IPR2022-00199
`
`Key To
`
`Dale Reading Engine
`
`Storage
`
`
`FIG. 2c
`
`
`
`Medio
`
`to read and write data
`
`303.
`
`306
`
`317)
`
`320) 332335
`
`Engine Driver Library
`
`USB driver interface mostlikely written
`in © — the library will contain APis
`
`302.
`
`307
`
`NG
`
`321)
`
`S31
`
`336
`
`— 30
`
`—— 308
`
`—— 309
`
`—— 54
`
`——— HS
`395
`Consumer
`— 326
`= 340
`
`FIG. 20°
`
`likely on opplicotion (i.e. HTML, XML,
`Most
`or Java Applet) sitting on a PC or Mac but
`this could be any PED that has o connection
`(direct or wireless) to the internet
`
`12
`
`Zynga Ex. 1015, p. 5
` Zynga v. IGT
` IPR2022-00199
`
`

`

` Oct. 21, 2003
`
`323
`
`329
`
`Data Access Service {i.e. JDBC, ODBC, or ADO)
`a
`
`Legacy Data
`(Data Warehouse)
`
`Media Content
`and Transactional
`Dota
`
`Customer Date
`(Demographics)
`
`Database
`
`FIG. 2C°2
`
`U.S. Patent
`
`Sheet 5 of 13
`
`US 6,636,966 B1
`
`Content Key Server
`
`Application Server {i.e. Microsoft Site Server, ATG
`Dynamo,
`IBM Net, Commerce, Broadvision)
`
`Content Key
`Encryption /
`Enabling
`
`Page
`Generation
`Engine
`
`Customer
`Service
`Engine
`
`E-Commerce
`Engine
`
`Personalization
`Engine
`
`Content
`Management
`Engine
`
`Advertisement
`Engine
`
`Credit Cord
`Processing
`Engine
`
`Reporting
`Engine
`
`E-Mail
`Communication
`Engine
`
`WA
`
`Zynga Ex. 1015, p. 6
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 6
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 6 of 13
`
`from
`Host receives request
`consumer to see all currently
`
`locked files on the Media
`
`
`
`Host calis the appropriate
`command to the Driver
`to
`
`
`return a list of currently
`locked files on the Media
`
`301
`
`307
`
`302
`
`308
`
`
`
`
`
`Driver calls the oppropriate
`
`commond on the Engine to
`return o list of currently
`locked files on the Media
`
`
`303
`
`309
`
`files {nome
`Driver returns all
`and handle) ond Server URL
`to the Host
`
`Host displays o list of files to
`the consumer, each file or set
`of Iles may contain a
`hyperlink to on HTML file
`associated with the file
`
`locked files
`
`Consumer requests to view
`pricing information for
`the
`
`Engine reads oll files on the
`Media thai meet
`two criteria:
`the file is locked and no
`content keys are stored on the
`Medic that have a pointer to
`
`Engine recds hidden files
`associated with the files found
`
`the file's handle
`in 304 ond the Server URL
`to the Driver
`
`Engine returns all files (nome
`and handle) and Server URL
`
`Host sends the pricing request
`to the Server URL that was
`
`stamped on the Medio
`
`
`
`
`Server establishes a Session ID
`with the consumer,
`logs
`consumer behavior and
`transaction dota
`
`
`
`
`Server creates on HIML file
`based on information in the
`
`
`Media Content ond Pricing
`portion of database
`
`
`
`304
`
`310
`
`305
`
`506
`
`SH
`
`312
`
`Fig. 2D°1
`
`
`
`
`
`
`
`US 6,636,966 B1
`
`
`
`freementeeeSeesaleseneseam)creteSeminomenserene6fetemeenAnecinsnneenmeAreneote=nefescnm6nnneemnentsaeSventmSeeoteeein7anfeomniSenmi)iereaiseScnetae
`
`Zynga Ex. 1015, p. 7
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 7
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 7 of 13
`
`US 6,636,966 B1
`
`Fig. 201|Fig. 20'2
`
`
`
`Key To
`Fic. 2D
`
`SNS
`
`34
`
`35
`
`Server passes an HTML file
`(and any associated GIF ond
`
`JPEG files} to the Host
`
`Host displays the HTML file to
`the consumer
`
`purchase the content
`
`Host receives consumer
`selection of one or more of
`the pricing options that are
`available and request
`to
`
`36
`
`
`
`Host calls the appropriate
`
`
`command on the Driver to send
`a list of the file handles to be
`
`
`
`encbled ond the Session ID
`
`!l |1 i
`
`l | I | ]| | | I I I | I
`
`I !
`
`Zynga Ex. 1015, p. 8
`Zynga v. IGT
`IPR2022-00199
`
`
`
`Driver calls the appropriate
`command on the Engine, sends
`
`
`list of file handles to be
`
`enabled and Session ID
`
`Engine creates a hidden file
`on the Media thot contains
`the file handles to be enabled
`and the Session ID
`
`
`
`
`FIG. 2D°2
`
`Go to
`block 319 in
`
`me
`
`M7
`
`518
`
`| ! { { || 1 | | 1 | |
`
`Zynga Ex. 1015, p. 8
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 8 of 13
`
`US 6,636,966 B1
`
`
`
` From
`block 318 in
`
`Fig. 2D
`
`Engine creates on encrypted
`info packet containing the
`Random Chollenge, Engine
`Signature, Session 1D ond list
`of file handles to be enobled
`
`Engine returns the information
`packet
`
`Driver returns the information
`pockel
`to the Host
`
`Host sends the information
`packet
`io the Server
`
`Server decrypts the
`information pocket ond
`retrieves, based on the Session
`1D, pricing information
`sent
`
`Server sends bock an HTML
`poge to the Host that will be
`
`used to collect credit card date
`
`to the Driver
`io the user
`
`325
`
`326
`
`327
`
`328
`
`329
`
`330
`
`39
`
`320
`
`321
`
`322
`
`323
`
`324
`
`Host presents the HTML page
`to the consumer
`
`Consumer completes the form
`on the HTML page ond submits
`the information
`
`
`
`Host sends the consumer
`information back to the Server
`
`Server processes information
`and gels o Credit Card
`authorization
`
`Server creates encrypted info
`pocket
`that contains the
`Random Challenge, Server
`Signature, Session 1D,
`Transaction 1D and keys for
`the file handles to be enabled
`
`
`
`
`Server returns on HIML page
`with a credit cord authorization
`message ond the information
`packet
`to the Hos!
`
`
`
`
`
`
`FIG. 2E1
`
`Zynga Ex. 1015, p. 9
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 9
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 9 of 13
`
`US 6,636,966 B1
`
`331
`
`332
`
`333
`
`334
`
`335
`
`336
`
`Host calls the appropriate
`commend on the Driver ond
`
`sends information packet
`
`
`
`Driver calls the appropriote
`
`
`command on the Engine and
`sends information packet
`
`
`
`Engine decrypts information
`packel, verifies that
`the Session
`iD exists on the medio, writes
`the content key to the media
`
`Engine creates an encrypted
`info packet that contains
`Random Challenge, Engine
`Signature, Session 1D,
`
`Engine returns information
`pocket
`to the Driver
`
`
`
`Fig. 26°1
`
`Fig. 2£°2
`
`Key To
`FIG. 2E
`
`Host sends the information
`packet
`lo the Server
`
`
`
`Server decrypts the information
`pocket, verifies the Session ID
`and Tronsection ID, and updates
`the transaction date
`
`Server generates 9 final
`confirmation HTML page and
`sends it
`to the Host
`
`338
`
`339
`
`
`
`
`
`
`
`
`
`
`
`Transaction 1D, and pass/fail
`
`
`
`Driver returns information
`packet
`to the Host
`
`540
`
`
`
`Host displays confirmation
`page to user
`
`FIG. 2F2
`
`Zynga Ex. 1015, p. 10
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 10
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 10 of 13
`
`US 6,636,966 B1
`
`°\itt1b''''''Ii'(''1i(“
`
`
`
`wor}Ddtuay}No
`
`260580)WOpUdy{10/ssog
`
`
`
`abuayjougJ0}D91puU!
`
`1%ctoc
`
`eeIf
`
`hay
`
`gtLg
`
` we oe eeeeeee ee eee
`giuoissasnejuayuo2Joapualou)SWO!}094}]Uap]
`
`
`}U9}U0))alPedS30-}Janes
`wopuoy
`
`
`
`
`
`abossayUO}}031;1}U9p|
`
`WOPUoY
`
`
`
`
`
`
`
`404)Qh94904QIUalssagUd!}OOI}UaYy}No0}jUa}vOI40apoda{qouabu3
`
`11',''|ttIJ,
`
`*4'1th'''
`
`d
`
`VEOld
`
`G&§Od
`
`OE‘Old
`
`Zynga Ex. 1015, p. 11
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 11
` Zynga v. IGT
` IPR2022-00199
`
`
`
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 11 of 13
`
`US 6,636,966 B1
`
`400
`
`402
`
`404
`
`406
`
`410
`
`412
`
`Generate Random
`Challenge
`
`
`
`Create three triple DES
`encryption keys from
`Rondom Challenge
`
`
`
`Create data packet
`
`
`
`Encrypt 404 dota packet
`using triple DES keys
`from stage 402
`
`Concatenale Random Challenge
`and encrypted stage 404 dato
`packet to form new packet
`
`Encrypt new pockel using
`secret symmetric key
`
`Create message
`authentication code (MAC)
`
`Concatenate MAC and
`encrypted new packet
`to
`form first info packet
`
`info packet
`Convert first
`to ASCII
`text and send to
`content key server
`
`415
`
`FIG. 4A
`
`Zynga Ex. 1015, p. 12
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 12
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 12 of 13
`
`US 6,636,966 B1
`
`Receive first
`
`information packet
`
`420
`
`432
`
`Sign data packet 430
`
`with private server key Concatenate data packet
`server certificate
`
`424
`
`434
`
`430 with signed data
`pocket 432 to form
`second info packet
`
`Encrypt second info
`packet with random
`challenge keys from
`stage 402
`
`Convert second info
`packet
`to ASCII
`text
`ond send
`
`Create server t-DES key
`sel, encrypt with public
`engine key
`
`Encrypt data packet 424
`with server t-DES key set
`
`Concatenate Random
`Challenge, date packet
`424, encrypled server
`t-DES key set, and
`
`FIG. 4B
`
`Zynga Ex. 1015, p. 13
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 13
` Zynga v. IGT
` IPR2022-00199
`
`

`

`U.S. Patent
`
`Oct. 21, 2003
`
`Sheet 13 of 13
`
`US 6,636,966 B1
`
`Receive second
`.
`:
`information packet
`f
`k
`
`460
`
`470
`
`server public key
`
`Verify the signature on
`stage 432 pocket wilh
`
`Decrypt server t-DES key 472~)set with public engine key
`server t-DES key set
`468
`
`Decrypt second into
`pocket using random
`challenge keys
`
`Separate data into stage
`430 packet and stage
`432 packet
`
`462
`
`464
`
`474
`
`Decrypt stoge 424 pocket
`with server t-DES key set
`
`into
`Separate stage 430 packet
`a
`Random Challenge, compact
`Create third information
`certificate, encrypted stage
`
`424 packet, and encrypted 476|packet according to FIG. 4A466
`
`
`
`Verify server certificate
`using monufacturer’s
`public key
`
`FIG. 4C
`
`Zynga Ex. 1015, p. 14
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 14
` Zynga v. IGT
` IPR2022-00199
`
`

`

`US 6,636,966 B1
`
`1
`DIGITAL RIGHTS MANAGEMENT WITHIN
`AN EMBEDDED STORAGE DEVICE
`
`BACKGROUND
`
`1. Field of the Invention
`
`The present invention relates generally to methods of
`enabling data stored on storage media and more specifically
`to a method and apparatus for enabling data by retrieving
`from a computer a piece of information necessary to access
`the data and combining that information with information
`stored on the storage medium containing the data to access
`the data.
`
`2. Description of the Prior Art
`As distribution systems for various types of content have
`historically developed, distribution systems have taken on
`certain relatively inflexible structures. For example, in dis-
`tribution of music or motion pictures, a publisher typically
`produces, or arranges for production of, physical media
`(such as CDs or video tapes or DVDs), arranges for sales
`throughretail locations, mail order houses(or in the case of
`movies, to movie rental services), with royalties from the
`sales going to the content owners. It is believed that a more
`flexible distribution system, e.g., allowing content owners to
`decide whetherto sell physical media, bit-stream content, or
`both can not only enhance revenue streams for publishers
`and content owners, but also make content more widely
`available to consumers.
`The need for alternative channels for content distribution
`
`is consistent with the popularity of electronic downloading
`of content, including downloading of MP3-format music
`and other content. However, electronic downloading,
`in
`current forms, is relatively susceptible to misuse, such as
`copyright violations, depriving content owners of potential
`revenue. Accordingly,
`it would be useful
`to provide for
`content distribution in a fashion whichis relatively flexible
`and/or which canassist in protecting content owners’rights.
`Many traditional approaches to distributing stored
`content, such as audio, video,
`text or software content,
`involve distributing media (such as print media, magnetic or
`optical media and the like) which, once distributed, can
`typically be freely used by anyperson having possession of
`the media. Such a distribution system, however, imposes
`certain undesirable restraints on how the contentis distrib-
`
`uted. For example, in traditional distribution methods, pay-
`ment (or a contract or commitment to make payment) is
`obtained at the time the media is distributed. This has a
`numberof consequences. The paymenttypically must be an
`all-or-nothing payment, i.c., payment for all content which
`is on the media, even though a customer may wish to have
`only a portion of such content. Typically, this manner of
`distribution means that distribution of the physical media
`and payment for content must be tightly coupled such as by
`providing for both distribution and payment at a retail
`location, by a mail transaction (such as a typical book club
`transaction), by electronic downloading and electronic
`commerce, and the like. Such distribution methods have
`substantial associated costs, such as costs of warehousing,
`retail personnel, and the like. Accordingly, it would be useful
`to provide a content distribution system which can be
`configured such that distribution of the media can be inde-
`pendent from payment or payment commitments, and/or
`independent from enablement of the content stored on the
`media.
`
`In some systemsinvolving electronic storage of informa-
`tion on media, the media whichisdistributed is encrypted or
`
`20
`
`30
`
`40
`
`50
`
`60
`
`2
`otherwise read-protected and the user must provide a code
`such as a password in order to have access to the content.
`This approach, however, although it may assist in certain
`schemes for avoiding unauthorized copying, has typically
`had other associated disadvantages. Such approachestypi-
`cally provide for coupling the enablement of protected
`content to a particular computer or media reader, e.g., such
`that it is cumbersomeor impossible to use the media in more
`than one machine (such as imposing a requirement for
`remembering, and then entering,
`the password when the
`media is provided in a second computerorreader,i.e., there
`is no provision for the mediaitself to provide, to a computer
`or
`reader,
`information regarding previous content
`enablement). When protection codes or keys are established
`and stored by a mediafabricator(or the fabricator of a media
`player or host computer), or otherwise provided prior to
`distribution of content to a customer, the system is typically
`relatively inflexible, provides the potential for using a copy
`of the code or key to access multiple media, and presents a
`potential for interception of enabling keys or codes.
`Many previous distribution systems, especially those
`relating to electronically or optically stored information,
`have been designed to prevent or discourage copying of
`content. Although certain copy protection systems may
`involve encryption/decryption,it is useful to understand that
`copy protection is not the same as content encryption and
`that copy protection is not the same as copyright protection.
`Implementation of effective copy prevention measures
`meansthat the entire cost for making copies falls on autho-
`rized distributors. Accordingly, it would be useful to provide
`a system in which customers are permitted or encouraged to
`make copies, and thus bear the cost of copying, while
`providing for appropriate payments to content owners and
`other appropriate entities. It would be useful to provide a
`system that does not prevent (and preferably encourages)
`copying, but which does provide copyright protection.
`Some systems involvea key, code or decryption algorithm
`which is stored in a player device or host computer in a
`manner which can makeit feasible to obtain the code, key
`or algorithm, or to defeat
`the protection procedure, by
`analyzing or modifying the player or host computer, thus
`potentially gaining access to any disk used in such player or
`host computer. Accordingly, it would be useful to provide a
`system in which access to a player or host key or code will
`not suffice, by itself to obtain access to multiple different
`disks.
`
`SUMMARY
`
`Amethod and system is provided for enabling data stored
`on a storage medium. An engine for reading the data stored
`on the storage medium is connected to a host device. A user
`of the storage medium selects a portion of the data on the
`storage medium to enable. ‘The host device sends a message
`to a server complying with the requirements of the distribu-
`tor of the data stored on the storage medium to enable the
`data. For example, somedistributors may require payment
`of information from the user before enabling the data, thus
`in some embodiments, the message is payment, personal
`registration information, or demographic information. Once
`the distributor’s requirements have beensatisfied, the server
`sends a content key to the host device.
`In some
`embodiments, the distributor requirements and the content
`key are handles by separate servers. The content key is
`apiece of information required to decrypt the data, read the
`data, or make sense of the data stored on the storage
`medium. In some embodiments, the content key is a part of
`a decryption key necessary to decrypt the data stored on the
`
`Zynga Ex. 1015, p. 15
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 15
` Zynga v. IGT
` IPR2022-00199
`
`

`

`US 6,636,966 B1
`
`3
`storage medium, or a part of a file system necessary to
`organize and retrieve the data stored on the storage medium.
`The host device receives the content key and forwardsit to
`the data storage engine. The data storage engine then stores
`the content key sent from the server to the storage medium.
`The content key is then combined with a medium enabling
`key stored on the storage medium during mastering to
`decrypt or read the data. The content key and the medium
`enabling key form data enabling information. They are not
`necessarily decryption keys. In some embodiments they are
`file pointers to data files stored on the storage medium, a
`directory structure of the data files stored on the storage
`medium, or an additional piece of data that is required to
`make sense of the data stored on the storage medium. An
`appropriate file system for storing data on the storage
`medium is disclosed in U.S. patent application Ser. No.
`09/539,841 (Attorney Docket No. M-8374 U.S.), filed on
`Mar. 31, 2000, entitled “I‘ile System Management Embed-
`ded in a Storage Device” and incorporated herein in its
`entirety by this reference.
`In some embodiments, the server and the data storage
`engine also exchange authentication messages. In some
`embodiments,the data storage engine sends a messageto the
`server after attempting to store the content keyon the storage
`medium, indicating whether the storage was successful.
`The invention offers several advantages. First, it is pos-
`sible for the user to enable, and therefore pay, for only
`portions of the data stored on the storage medium. The user
`does not have pay for data that the user does not require.
`Also, once the user pays to enable the data, the contentkey,
`is stored on the storage medium,thus the user may accessthe
`data from any data storage engine without providing the
`content key again. Further, the method offers robust security,
`because the neither the content key accessed from the
`content key database nor the medium enabling key stored on
`the storage medium during mastering alone can enable the
`data stored on the storage medium. Also, a copy of the
`original data does not transfer the content key received from
`the content key database.
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`in a block diagram, a system for
`FIG. 1 illustrates,
`enabling data stored on a storage medium, according to the
`present invention.
`FIG. 2A illustrates, in a flowchart, a method of enabling
`data stored on the storage medium of FIG. 1, according to
`the present invention.
`FIG.2Billustrates, in a flowchart, one embodimentof the
`method of FIG. 2A.
`
`FIG. 2C illustrates, in a block diagram, one embodiment
`of the system of FIG. 1.
`in a flowchart, another
`FIGS. 2D and 2E illustrate,
`embodimentof the method of FIG. 2A.
`
`FIG.3A illustrates, in a block diagram, the information
`contained in a first information packet sent from the data
`storage engine to the content key server of FIG. 1.
`FIG. 3B illustrates, in a block diagram, the information
`contained in a sccond information packet scnt from the
`content key server to the data storage engine of FIG. 1.
`FIG. 3C illustrates, in a block diagram, the information
`contained in a third information packet sent from the data
`storage engine to the content key server of FIG. 1.
`FIG. 4Aillustrates, in a flowchart, acts performed bydata
`storage engine 14 of FIG. 1 in generating and sending the
`first information packet of FIG. 3A.
`FIG. 4B illustrates,
`in a flowchart, acts performed by
`content key server 17 of FIG. 1 in receiving the first
`
`20
`
`30
`
`40
`
`50
`
`60
`
`4
`information packet of FIG. 3A and generating and sending
`the second information packet of FIG. 3B.
`TIG. 4C illustrates, in a flowchart, acts performed by data
`storage engine 14 of ['IG. 1 in receiving the second infor-
`mation packet of FIG. 3B and generating and sending the
`third information packet of FIG. 3C.
`DETAILED DESCRIPTION
`
`TG. 1 illustrates a system for enabling data, or content,
`stored on storage medium 10. A user places the storage
`medium into a nctwork-aware host device 12. Host device
`12 contains or connects to a device capable of reading the
`data stored on storage medium 10,hereinafter “data storage
`engine” 14 which reads and decrypts the data stored on
`storage medium 10. Data storage engine 14 includes an
`encryption engine for encrypting and decrypting data using
`the Data Encryption Standard (DES)algorithm, described in
`Federal Information Processing Standard Publication (FIPS
`PUB) 46, entitled “Data Encryption Standard” and pub-
`lished in 1977. Several modes of DES encryption and
`decryption are available. These modesare described in FIPS
`PUB 81, entitled “DES Modes of Operation” and published
`1980. In one embodiment, the encryption engine supports
`several modes: single DES in ECB and CBC modeandtriple
`DES in ECB and CBC mode. Single DES requires a single
`key to encrypt and decrypt and triple DES requires two or
`three keys to encrypt and decrypt. In some embodiments the
`encryption engine decrypts using triple DES with two or
`three keys. In some embodiments the encryption engine
`includes two DEScores, one for triple DES decryption and
`one for single DES encryption. In such an embodiment,
`information read from the storage medium can be decrypted
`by the triple DES decryption core,
`then immediately
`re-encrypted by the single DES encryption core using a
`different key.
`Data storage engine 14 is connected to host device 12
`through an interface, for example a universal serial bus
`(USB)interface. In some embodiments, data storage engine
`14 is embedded within the host device and is connected to
`the host device by a proprietary interface. An appropriate
`interface is described in U.S. patent application Ser. No.
`09/539,842 filed on Mar. 31, 2000, entitled “Asynchronous
`Input/Output Interface Protocol,” and incorporated herein in
`ils entirety by this reference. Such an embodiment may be
`a handheld device suchas a personaldigital assistant (PDA),
`MP3 player, or digital e-tablet; or a personal computer. In
`some embodiments,data storage engine 14 is externalto the
`host device. In some embodiments,data storage engine 14 is
`not network-aware, and therefore requires host device 12 in
`order to communicate with other devices connected to the
`network. The host thus acts as an intermediary between data
`storage engine 14 and content key server 17.
`In orderto access the data, data storage engine 14 includes
`an encryption/decryption engine. When the user places the
`storage medium into the data storage engine, the engine
`reads a portion of the data stored on the storage medium,
`including a content information block. The content infor-
`mation block includesa directory of all the data files stored
`on the medium, a text file containing an Internet URL or
`multiple Internet URLs for a distributor authorizationsite or
`content key site that enables the data. The content informa-
`tion block mayalso include a textual description ofthe data,
`an abstractfile containing a more detailed description of the
`data, and copyright information for the data. Host device 12
`may present
`the information in the content
`information
`block to the user. Additionally, there may be a standard
`“launch”file stored on the medium that may be used by host
`device 12 to display the contents of the medium to the user.
`In some embodiments, host 12 connects to a server such as
`content key server 17 which reads the information in the
`
`Zynga Ex. 1015, p. 16
`Zynga v. IGT
`IPR2022-00199
`
`Zynga Ex. 1015, p. 16
` Zynga v. IGT
` IPR2022-00199
`
`

`

`US 6,636,966 B1
`
`5
`content information block and formats an output display, for
`example an html display, which is displayed to the user by
`host device 12.
`The user then selects a file or files to enable. [ost device
`12 then connects to the Internet 16. In one embodiment, host
`device 12 sends to distributor authorization server 11 a
`message satisfying the distributor’s requirements, distribu-
`tor transaction message 102, and a message identifying the
`content selected by the user 114.
`In this embodiment,
`distributor authorization server 11 forwards selection of
`content message 114 to content key server 17, along with an
`authorization message 106 indicating that
`the user has
`satisfied the distributor’s requirements.
`In another
`embodiment,
`the distributor requirements are handled by
`content key server 17,
`thus both distributor transaction
`message 102 and selection of content message 114 are sent
`directly to content key server 17. Once the distributor
`requirementhas beensatisfied, a descriptionof the data to be
`enabled 108 is sent from content key server 17 to content
`key database 18. Database 18 then returns the content key
`110. Content key 110 is then either sent directly to host
`device 12 or sent to distributor authorization server 11,
`which forwards content key 110 to host device 12, which
`forwards content key 110 to data storage engine 14.
`In some embodiments, data storage engine 14 sends an
`authentication message 104 to host device 12 to be sent
`along with the distributor transaction message 102 and
`selection of content message 114. Authentication message
`104 verifies to content key server 17 that data storage engine
`14 is an authorized engine.
`In embodiments where the
`distributor requirement is handled bydistributor authoriza-
`tion server 11, authentication message 104 is forwarded to
`content key server 17 along with authorization message 106
`and selection of content message 114. When content key
`server 17 responds by sending content key 110, content key
`server 17 also sends an authentication message 112 verifying
`to data storage engine 14 that content key server 17 is an