CN1141678C - Method and system for preventing electronic file piracy - Google Patents

Abstract

A computer system capable of preventing electronic file piracy and a method used in the computer system are provided. The computer system includes a server host which is connectable to a plurality of terminals via the Internet. The method comprises a registration program and a file acquisition program, wherein the registration program registers the terminal as a legal user in the server host and acquires an encrypted second key from the server host according to a first key in the terminal; the requesting program requests the server host for the encrypted electronic file and decrypts the file with the first key, and then extracts the second key and the terminal identification code therein to determine whether to perform or stop the subsequent decryption.

Description

Method and system for preventing piracy of electronic documents

technical field

The invention relates to a method used in a computer system to prevent piracy of electronic files, specifically, a method for preventing electronic files from being downloaded to an electronic reading device from the Internet and illegally copied to other electronic reading devices.

Background technique

Traditionally, knowledge is disseminated by books or magazines printed on paper. The rise of radio and television has accelerated the speed of knowledge dissemination. Today, with the vigorous development of computer communications and the Internet, knowledge and information are disseminated at an astonishing speed. to every corner of the world. Due to the development of Internet technology, many new business models have been created. These new business models have a common feature, which is to use the Internet to do business, which is commonly known as e-commerce recently. For example, traditionally, if you want to buy a book, you have to go to a bookstore to find it in person or ask someone to buy it. Due to the rise of the Internet, online bookstores such as Amazon allow users to search for the books they want online and place an order directly. . Although this greatly simplifies the way of purchasing books, there is still an inconvenience, that is, the preservation of books. Once you buy more books, you need enough space to place them, and the management becomes more complicated. .

In view of this, the concept of "electronic reading device" was proposed to meet this need, that is to say, to digitize the text or pictures in the original book to form an electronic book. As long as consumers have a terminal that can connect to the Internet, plus Some specific program software can conveniently purchase the desired e-books or files online, and download the e-books to the terminal where the consumer is for reading. The terminal that can meet this demand is the so-called "Electronic Reading Devices". In the past, many publishing groups wanted to invest in the operation of e-bookstores and e-books in view of this vast consumer market. However, they stopped temporarily because some supporting mechanisms have not been established. One reason is the immaturity of the market implied by consumers' reading habits. That is to say, most consumers are still accustomed to reading books in the form of paper. To promote the reading of e-books with "electronic reading devices", consumers' deep-rooted reading habits must be overthrown. process of adaptation. However, another more important factor is the low cost of copying and the easy way of spreading and distributing, which makes the market of e-books face a serious threat that they cannot be promoted.

This serious threat comes from a very troublesome and difficult problem encountered by distributors engaged in the sale of e-books: e-books can be easily distributed to third parties other than the parties to the transaction in multiple copies. The reason why e-books are convenient is that they are invisible electronic files. Compared with traditional books with physical form, they are naturally convenient to send and can save a lot of storage space. However, because they are invisible electronic files, they are convenient to send. After consumers legally purchase and read, they can illegally copy and distribute them to others. That is to say, if a complete e-book lending and trading mechanism cannot be designed to effectively prevent the occurrence of "legal purchase but illegal distribution", every time a dealer engaged in e-books sells an e-book to a certain consumer , it is equivalent to giving this e-book to all other consumers. In this case, the dealer cannot maintain a reasonable profit. Naturally, this form of e-commerce cannot survive. This is the reason why e-books have been promoted and popularized so far. A big reason why the speed is not as expected. However, e-books have the advantages of being paperless-conform to the concept of environmental protection, efficiency-fast transmission speed, economy-do not take up a lot of space, etc., and can save many precious resources. However, illegally distributing" things cannot be promoted, which is really a major loss of economic interests.

Contents of the invention

In view of the above problems, the main purpose of the present invention is to provide a method for preventing piracy of electronic files used in computer systems, specifically a method for preventing electronic files from being downloaded to an electronic reading device from the Internet, but illegally copied To other electronic reading devices, to solve the above problems.

According to one aspect of the present invention, a method for preventing piracy of electronic files used in a computer system is provided, the computer system includes a server host, the server host can be connected to a plurality of terminals via the Internet, the server host Contains a user database to record the identification codes of all legal users and their terminals registered through the registration program. The terminal also includes a central processing unit, a hard disk and a network card. Each terminal has at least one representative of the The identification code of the terminal, and the identification code of the terminal can be the identification code of the central processing unit, the identification code of the hard disk or the identification code of the network card, and the server host also includes a public program module to store the reading application The program can be downloaded by the user to the terminal for storage and use. The terminal can request an electronic file from the server host through the Internet, and the server host can encrypt the plaintext of the electronic file to form a corresponding encrypted file. text, and send it to the terminal via the Internet, so as to decrypt the ciphertext into the original plaintext, the method includes a registration procedure and a file request procedure, and the registration procedure includes the following steps: the user loads a reading application program In the terminal, the reading application program includes a first encryption key; the user uses the reading application program to register with the server host to become a legal terminal; after the server host completes the legal registration of the terminal, it will generate a user The identification code and a user-specific second encryption key, the user identification code and the second encryption key are encrypted and then sent to the legally registered terminal; and the reading application program of the terminal further uses the received The operator identification code and the second encryption key are encrypted together with the identification code representing the terminal to form a terminal encryption file, which is stored in the legally registered terminal; the file requesting procedure includes the following steps: when a terminal sends to the server host When requesting an electronic file, the server host encrypts the plaintext of the electronic file with the second encryption key to form a corresponding ciphertext, and sends the ciphertext to the terminal via the Internet; When the reading application program of the terminal receives the ciphertext, it first decrypts the encrypted file of the terminal with the first encryption key, and obtains the second encryption key and the identification code of the terminal; and when the reading application program Compare the obtained terminal identification code with the current terminal identification code, and if the results are the same, use the second encryption key to decrypt the received ciphertext, otherwise stop the subsequent decryption action to prevent illegal Piracy of the electronic file by the terminal.

According to another aspect of the present invention, a computer system capable of preventing electronic file piracy is provided, the computer system includes a server host that can be connected to a plurality of terminals via an Internet, and the terminal includes a central processing unit, a hard disk And a network card, each terminal has at least one identification code representing the terminal, and the identification code of the terminal can be the identification code of the central processing unit, the identification code of the hard disk or the identification code of the network card, and the terminal can be accessed via The Internet requests the server host to obtain an electronic file, and the server host can encrypt the plaintext of the electronic file to form a corresponding ciphertext, and send it to the terminal via the Internet to obtain the ciphertext To decrypt the original plaintext, the server host includes: a public program module to store a reading application program including a first encryption key, the reading application program can be downloaded by the user to the terminal for storage and use; a registration module, When the user utilizes the reading application program of the terminal to register with the server host, the registration module will generate a user identification code and register the terminal as a legal terminal; a user database to record all legally registered users and the identification code of the terminal; an encryption key generation module, used to generate a user-specific second encryption key; and an encryption module, used to encrypt the user identification code and the second encryption key, and sent to the legally registered terminal; wherein the reading application program of the terminal further encrypts the received user identification code and the second encryption key together with the computer identification code representing the terminal to form a terminal encrypted file, stored in the legally registered terminal, and when a terminal requests the server host for an electronic file, the encryption module encrypts the plaintext of the electronic file with the second encryption key to form a corresponding ciphertext , and send the ciphertext to the terminal via the Internet, when the reading application program of the terminal receives the ciphertext, it will first decrypt the encrypted document of the terminal with the first encryption key, and obtain the first Two encryption keys and the identification code, and when the identification code obtained by the reading application program is the same as the identification code of the current terminal, the received ciphertext is decrypted with the second encryption key, otherwise stop the subsequent The decryption action to prevent unauthorized terminals from piracy of the electronic file.

To sum up, the computer system of the present invention proposes an effective mechanism to prevent piracy of electronic documents by non-legally registered terminals, thereby preventing the situation of "legal purchase but illegal distribution", which makes electronic book dealers Reasonable profits can be maintained and people are willing to invest in the e-commerce of books. Therefore, the multiple advantages of e-books such as environmental protection, efficiency, dissemination, and economy can be shared by the whole people.

Description of drawings

FIG. 1 is a schematic diagram of a computer system capable of preventing electronic file piracy according to the present invention.

Fig. 2 is a functional block diagram of the server host of the anti-piracy computer system of the present invention.

Fig. 3 is a functional block diagram of a terminal of the anti-piracy computer system of the present invention.

FIG. 4 is a flow chart of the anti-piracy computer system of the present invention when registering a program.

FIG. 5A is a flow chart of the anti-piracy computer system of the present invention at the server host side during the file request procedure.

FIG. 5B is a flow chart of the anti-piracy computer system of the present invention at the user terminal during the file requesting process.

Detailed ways

Please refer to FIG. 1 . FIG. 1 is a schematic diagram of a computer system capable of preventing electronic file piracy according to the present invention. The anti-piracy computer system 100 of the present invention includes a server host 102 that can connect to the Internet 104 through a firewall device 103 , and multiple users can also connect to the Internet 104 through their respective terminals 106 , 108 , 110 . The firewall device 103 can be used to isolate the server host 102 from the external Internet 104, which can filter network information packets and set security policies to allow certain specific network services and secure network information, such as: registered remote Login, email, file transfer, etc. can enter and exit the firewall device 103 to ensure that the settings and information in the server host 102 will not be subject to illegal intrusion and modification. Each terminal 106, 108, 110 can be a personal desktop computer, notebook computer, personal digital assistant (PDA) or a mobile phone (WAP cellularphone) that can be connected to the Internet, etc., as long as the user's terminal can be connected to the Internet and transmit digital information All can be applied to the anti-piracy computer system 100 of the present invention.

In the preferred embodiment of the present invention, the terminals 106, 108, and 110 are personal desktop computers, which include a central processing unit, a hard disk, a network card, input devices such as keyboards, mice, joysticks, etc., and output devices such as screens, printer etc. Each terminal 106, 108, 110 has at least one computer identification code, which is used to represent the identity authentication of the terminal, such as the identification code of the central processing unit, the identification code of the hard disk or the identification code of the network card, etc., which can be used as the identification code of the terminal. The computer identification code, so that the server host 102 can determine the identity or location of each terminal 106, 108, 110 during subsequent electronic transactions or data transmission.

Please refer to FIG. 2, which is a functional block diagram of the server host of the anti-piracy computer system of the present invention. The server host 102 includes an interface module 210, a public program module 220, a registration module 230, an encryption key generation module 240, an encryption module 250, a transaction processing and authentication module 260, a database 270, and a control center 280 .

The server host 102 is connected to the firewall device 103 through the interface module 210, and performs data transmission and exchange with the Internet 104 through the firewall device 103, and performs appropriate data conversion for data of different specifications when necessary. Various public programs disclosed by the server host 102 are stored in the public program module 220, so that users can download them to their respective terminals free of charge, such as a compiled reading application program, to provide users with a login, registration, download 1. The user interface for reading electronic books, and a first encryption key is attached to the reading application program, and its function will be described in detail later. The registration module 230 accepts the registration of the user and the designated terminal, so that the user becomes a legally logged-in user, and the designated terminal also becomes a legally logged-in user terminal capable of legally downloading electronic books. The encryption key generation module 240 generates a user-specific second encryption key when the user registers, that is to say, different users have different second encryption keys. It needs to be explained here that the above-mentioned first and second encryption keys are actually a sequence of bits with a predetermined length, such as commonly used 56bits or 128bits. The key length of the preferred embodiment of the present invention is to adopt 128tits or 128tits. are higher bits to enhance its security.

The encryption module 250 is used to perform various actions that require encryption. For example, during the file request process, the encryption module 250 will encrypt the electronic books purchased by the user with the second encryption key dedicated to the user so that they can be sent to the user later. By. The transaction processing and authentication module 260 is used to process matters related to the user's order, and perform necessary confirmation and authentication on the source and content of the order.

The database 270 includes at least three sub-databases: a user database 272 , a password database 274 , and an electronic file database 276 . The user database 272 stores the basic data related to all users after legal registration and the basic data of the designated terminal, such as the user identification code representing a certain user. The password database 274 stores the comparison table between the user identification code and its special-purpose second encryption key, that is to say, when each user registers, the corresponding special-purpose first encryption key generated by the encryption key generation module 240 The second encryption key is stored in the password database 274. The electronic document database 276 stores the plain text of electronic books to be provided to readers in the future, and each electronic book has a unique electronic book code to facilitate query and file building. The control center 280 is used to control the operation of the server host 102 and process the control or information flow of each module or database in the server host 102 .

Please refer to FIG. 3 . FIG. 3 is a functional block diagram of a terminal of the anti-piracy computer system of the present invention. Taking the terminal 106 as an example, the preferred embodiment of the terminal 106 of the present invention is a personal computer, which includes a central processing unit 302, a memory 320, a hard disk 304, a network card 306, input devices such as a keyboard 308, a mouse 310, and a joystick 312 etc., output devices such as screen 314, printer 316, etc. In order to exchange data with the server host 102, the terminal 106 must download the compiled reading application program 322 from the utility module 220 of the server host 102 or the Internet 104 to the terminal 106's memory 320 or hard disk 304 for storage. The reading application 322 provides an operation interface for users to log in, register, download, and read e-books, in which there is a first encryption key 324 for subsequent decryption of the terminal encrypted document 326 . Even for different users, the required reading application program 322 is the same, so the reading application program 322 is compiled in advance and can be freely downloaded by all users who need it. The key 324 also does not differ from user to user.

When the user logs in and registers with the remote server host 102 using the reading application program of the terminal 206 as an interface, the procedure includes 1) the server host 102 identifies whether the reading application program is a legitimate reading application program. 2) The server host 102 uses the registration module 230 to generate a user ID and the encryption key generation module 240 to generate a corresponding second encryption key. 3) The server host 102 adds the user identification code to the user database 272 and the second encryption key to the password database 274. 4) The reading application program of the terminal 106 downloads the user identification code and the second encryption key. Each terminal 106, 108, 110 will generate a terminal encrypted file 326 after the registration is completed, and the terminal encrypted file 326 includes a user identification code 327, a user's dedicated second encryption key 328 and the computer identification of the terminal 106 code 330, the terminal 106 encrypts the terminal encrypted file 326 with the first encryption key 324, and stores it in the memory 320 or the hard disk 304 of the terminal 106 in an encrypted form, so as to prevent the user from accidentally changing the content therein. Prevent others from viewing and knowing the content in an illegal way. When the electronic book is downloaded and needs to be decrypted, the reader application program 322 will decrypt the terminal encrypted file 326 with the first encryption key 324 to retrieve the second encryption key 328 and the computer identification code 330 therein.

Now, the method of the present invention will be described in detail. The method that cooperates with the anti-piracy computer system 100 of the present invention includes a registration program and a file requesting program. Before a user wants to utilize the computer system 100 of the present invention to carry out the purchase of e-books, at first download the reading application program 322 from the server mainframe 102 or the online bookstore on the Internet 104, and in the reading application program 322, send an email to the server mainframe 102 executes a registration procedure to become a legally logged-in user or member, and the reading application program 322 includes the above-mentioned first encryption key 324 in addition to the general interface application program. While registering, not only the user needs to be registered, but also the terminal 106 that the user wants to download electronic books in the future also needs to be registered. That is to say, during the registration process, the relevant basic information of the user (including user identification code and its corresponding second encryption key 328) will be registered and stored in the server host 102. And the user must also register the terminal 106 used at the time as the electronic reading device for downloading electronic books in the future, otherwise, the computer system 100 will determine that the electronic reading device used to download electronic books has not been registered, and cannot normally open the downloaded electronic reading device. of e-books.

When the user utilizes the reading application program 322 in the terminal 106 to register, the server host 102 will store the user identification code in the user database 272, and then assign a dedicated second encryption key 328 to the user, and will use The one-to-one correspondence between the user and the second encryption key 328 is stored in the password database 274, thus completing the legal registration of the user and his terminal 106. After completing the registration, the server host 102 will encrypt the user identification code 327 and the corresponding second encryption key 328 corresponding to the user with the first encryption key, and send them to the terminal 106, and the reading application program of the terminal receives the After receiving the encrypted user identification code 327 and the second encryption key 328, the first encryption key will be used to decrypt the two, and then the decrypted user identification code and the second encryption key together with the representative The computer identification code of the terminal is encrypted together to form a terminal encrypted file 326, and stored in the legally registered terminal. After this registration procedure, the terminal 106 can legally download the electronic book and decrypt it correctly.

Please refer to FIG. 4 . FIG. 4 is a flow chart of the registration program of the anti-piracy computer system of the present invention. The above-mentioned registration procedure is represented by the flow chart 400 as the following steps:

Step 402: start;

Step 404: The user selects a terminal 106 for subsequent registration procedures;

Step 406: Download the reading application program 322 from the Internet 104 to the selected terminal 106;

Step 408: The reading application program 322 of the terminal 106 connects to the server host 102 to register;

Step 410: the server host 102 generates the user identification code and the dedicated second encryption key 328 and stores them in the user database 272 and the password database 274 respectively;

Step 412: The server host 102 encrypts the generated user identification code 327 and its dedicated second encryption key 328 with the first encryption key 324 and sends it to the terminal 106;

Step 414: The reading application program of the terminal 106 decrypts the received encrypted user identification code 327 and the second encryption key 328 with the first encryption key;

Step 416: The reading application program of the terminal 106 encrypts the decrypted user identification code 327 and the second encryption key 328 together with the computer identification code 330 representing the terminal 106 to form a terminal encrypted file 326;

Step 418: the reading application program of the terminal 106 stores the terminal encrypted file 326 in its hard disk;

Step 420: end.

After the user and his terminal 106 complete the registration at the server host 102, he can pay to purchase specific e-books online at any time according to his personal wishes, and download them to the terminal 106. This part is what the method of the present invention refers to. document request procedure. Users can browse online bookstores or related websites in the Internet 104 from a registered terminal, search and decide to purchase a certain e-book, and send the purchase order to the server host 102, and the server host 102 is performing necessary confirmation and After authentication, the plaintext of the electronic book that the user wants to buy will be called out in the electronic document database 276, and the second encryption key 328 dedicated to the user will be called out in the password database 274, and then the second encryption key 328 will be used to The plaintext of the electronic book is encrypted to form a corresponding ciphertext, and then the ciphertext is sent to the terminal 106 via the Internet 104 .

When the reading application program 322 of the terminal 106 receives the ciphertext of the purchased e-book, it will first decrypt the terminal encrypted file 326 with the first encryption key 324 attached to the reading application program 322 to obtain the second encryption key. The key 328 and the computer identification code 330 , and then the reading application program 322 will compare the decrypted computer identification code 330 with the current computer identification code 318 of the terminal 106 . When the comparison results are the same, it means that the current terminal 106 is a legally registered terminal, and the reading application program 322 will continue to decrypt the received ciphertext with the second encryption key 328 obtained by decryption, and the user can read the application program 322 to read the decrypted e-books under the interface provided.

When the reading application 322 compares the computer identification code 330 obtained by decryption with the computer identification code 318 of the current terminal 106 and finds that the comparison results are not the same, it means that the current terminal 106 has not been legally registered, and the reading application 322 stops the follow-up action, the received ciphertext will not be decrypted with the second encryption key 328 as normal, so the user will not be able to read the electronic book. The biggest reason for this situation to happen is that after a legal user downloads an e-book on a legally registered terminal, he copies the reading application 322 together with the e-book he purchased and the terminal encrypted file 326 generated during registration. to another computer so that it can be read by a third person on another computer, which is the so-called "legal purchase but illegal distribution".

However, before the reading application program 322 of the present invention decrypts the electronic book, it first compares the computer identification code 330 obtained in the terminal encrypted file 326 with the computer identification code 318 of the computer where the decryption work is currently performed, and obtains a comparison result. If the computer where the current decryption work is performed is the same computer as the terminal at the time of registration, the comparison result will naturally be the same, which means that the computer where the current decryption work is performed is a legally registered terminal, and the e-books have not been illegally distributed to other unauthorized In the registered computer, the reading application program 322 will continue to decrypt the decrypted electronic book so that the user can read it. If the computer where the current decryption work is performed is not the same as the terminal at the time of registration, the result of this comparison is naturally different, which means that the computer where the current decryption work is performed has not been legally registered, that is to say, the e-book has been illegally distributed to other unregistered users. In the legally registered computer, the reading application program 322 will stop the decryption step, even if the user makes the illegally distributed electronic books unable to decrypt and read.

Please refer to FIG. 5 . FIG. 5A is a flow chart of the anti-piracy computer system of the present invention at the server host during the file request process, and FIG. 5B is a flow chart of the anti-piracy computer system of the present invention at the terminal during the file request process. The above-mentioned file request procedure is represented by the flow chart 500 as the following steps:

Step 502: start;

Step 504: the user decides to purchase a certain e-book in the online bookstore;

Step 506: The server host 102 processes the purchase order and performs necessary confirmation and authentication;

Step 508: Does the order pass verification? Yes, go to step 512; No, go to step 510;

Step 510: refuse to accept this order and immediately stop trading; go to step 540;

Step 512: Call out the plaintext of the purchased electronic book in the electronic file database 276;

Step 514: Call out the user-specific second encryption key 328 from the password database 274;

Step 516: Encrypt the plaintext of the electronic book with the second encryption key 328 to form a corresponding ciphertext;

Step 518: Send the ciphertext to the terminal 106 via the Internet 104;

Step 520: the reader application program 322 of the terminal 106 decrypts the terminal encrypted document 326 with the first encryption key 324;

Step 522: obtain the second encryption key 328 and the computer identification code 330 after decryption;

Step 524: Obtain the computer identification code 318 of the computer where the current work is located;

Step 526: The reading application program 322 compares the computer identification code 330 obtained by decryption with the computer identification code 318 of the current computer;

Step 528: Are the comparison results the same? Yes, go to step 530; No, go to step 536;

Step 530: currently the terminal 106 has confirmed that it has been legally registered;

Step 532: The reading application program 322 decrypts the received e-book ciphertext with the second encryption key 328;

Step 534: the user can read the decrypted electronic book; to step 540:

Step 536: the current terminal has not been legally registered;

Step 538: the reading application program 322 stops the decryption action;

Step 540: end.

The above-mentioned preferred embodiment of the present invention is explained by taking the private key cryptosystem as an example, that is to say, the same encryption key is used for encryption and decryption of electronic books, and other third parties do not know it except the two parties of the data transmission. What is the content of the encryption key, so it is also called a symmetric cryptographic system, such as the DES algorithm announced by the National Bureau of Standards, or the IDEA algorithm designed by Lai and Massey, which has strong security and operates during encryption and decryption The speed is also faster. However, the computer system 100 of the present invention can also use the public universal key cryptography system to encrypt and decrypt electronic books, that is to say, each user will have a public universal key that can be published, and a Keep yourself a private universal key that cannot be leaked. When the encryption module 250 of the server mainframe 102 encrypts the electronic book, it uses the user's public universal key, and when the reading application program 322 encrypts the received electronic book When the ciphertext is decrypted, the user's private master key is used.

Compared with the prior art, the advantages of the anti-piracy computer system 100 of the present invention are:

1. The reading operation platforms required by different users or terminals are the same. Since all users register and request documents with the server host 102 through the reading application program 322, the reading application program 322 becomes a reading operation platform to provide a bridge for users to communicate with the server host computer 102, and the reading application program 322 And the first encryption key 324 therein is all completed in advance through compilation and can be downloaded or copied to any machine for free by the user. Because one of the purposes of the computer system of the present invention is to prevent the piracy phenomenon that may be caused when e-books are promoted, that is, to prevent the illegal distribution of e-books, not to prevent the distribution of the reading application program 322 itself, at the same time, because the present invention prevents e-books from The mechanism of illegal distribution is not mainly in the reading application program 322 itself. Therefore, a large number of downloading, copying or distributing of the reading application program 322 by users will not affect the purpose of the present invention, but will help promote the concept of electronic books to users. Those who make the use of e-books can accelerate popularization.

2. When the user registers on the designated terminal, the encryption key generation module 240 of the server host 102 will generate a second encryption key dedicated to the user. When a user purchases a certain electronic book, the encryption module 250 will encrypt the plaintext of the electronic book with the second encryption key 328 to form a corresponding ciphertext, and send it to the terminal where the user is located, and the The reading application program 322 decrypts the received e-book ciphertext with the second encryption key 328 after confirming that the current terminal is legally registered. Since some prior technologies use the same encryption key to encrypt and decrypt e-books purchased by different users, once the encryption key is cracked, the ciphertext of all e-books can be correctly restored to plaintext; however, this The invention has a dedicated second encryption key for each user, so even if the second encryption key of a certain user is cracked, the e-books purchased by other users cannot be read, so the security of the system can be improved .

3. Terminal encrypted files are stored in the terminal in an encrypted form, which can prevent users from accidentally changing the content, and can also prevent others from viewing and knowing the content in an illegal way.

4. The terminal encrypted files are stored in the terminal, which helps to simplify the complicated procedures that require the user's consent when the privacy right is disclosed due to the upload of the computer identification code. Because the computer identification code required by the present invention when verifying whether the terminal is legally registered is carried out by borrowing the identification code of the central processing unit, the identification code of the hard disk or the identification code of the network card, etc., and the data of these identification codes are legally obtained. As part of the user's personal privacy information, the server host 102 must obtain the user's consent for any such identification code proposed by the user. Therefore, as long as the server host 102 wants to obtain the computer identification code of the terminal, it cannot be avoided. Therefore, the procedure for verifying whether the terminal is legally registered should have become more complicated. However, according to the design of the present invention, when a user registers at a terminal designated by the user, after decryption, the user identification code and the second encryption key will be deciphered together with the computer identification code representing the terminal in the form of the first encryption key. An encryption key is encrypted to generate a corresponding terminal encrypted file, so the computer identification code does not need to be uploaded to the server host 102 during the registration process. Therefore, when the terminal receives the ciphertext of the electronic book purchased by the user, the computer identification code required for the subsequent authentication procedure it executes is directly stored in the terminal when it is registered. Therefore, the computer identification code of the current working terminal is naturally unnecessary. Uploading to the server host 102 allows direct comparison and authentication in the terminal, which naturally simplifies the complicated procedures and possible disputes that require the consent of the user due to the disclosure of the privacy right brought about by the uploading of the computer identification code.

5. Using the computer identification code 330 obtained in the terminal encrypted file 326 to compare with the computer identification code 318 of the computer where the current decryption work is performed can prevent the occurrence of "legal purchase but illegal distribution". Before the reading application program 322 of the present invention decrypts the electronic book, it will first compare the computer identification code 330 obtained in the terminal encrypted file 326 with the computer identification code 318 of the computer where the decryption work is currently performed, so as to confirm the computer where the current decryption work is performed. It is the same computer as the terminal at the time of registration, and then it is decided and whether the reading application program 322 will continue to decrypt the ciphertext of the e-book. Therefore, even if the ciphertext of the electronic book is illegally distributed to other computers that are not legally registered, the reading application program 322 will stop the decryption step, so that the illegally distributed electronic book cannot be decrypted correctly and cannot be read.

To sum up, the computer system of the present invention proposes an effective mechanism to prevent piracy of electronic documents by non-legally registered terminals, thereby preventing the situation of "legal purchase but illegal distribution", which makes electronic book dealers Reasonable profits can be maintained and people are willing to invest in the e-commerce of books. Therefore, the multiple advantages of e-books such as environmental protection, efficiency, dissemination, and economy can be shared by the whole people.

The above descriptions are only preferred embodiments of the present invention, and all similar changes and modifications made according to the claims of the present invention shall fall within the scope of the patent of the present invention.

Claims (10)

1. A method for preventing piracy of electronic files used in a computer system, the computer system comprising a server host, the server host can be connected to a plurality of terminals via the Internet, the server host includes a user database, and Record the identification codes of all legal users and their terminals registered through the registration program, the terminal also includes a central processing unit, a hard disk and a network card, each terminal has at least one identification code representing the terminal, and the The identification code of the terminal can be the identification code of the central processing unit, the identification code of the hard disk or the identification code of the network card. The server host also includes a public program module to store the reading application program and download it to the Stored and used in the terminal, the terminal can request an electronic file from the server host through the Internet, and the server host can encrypt the plaintext of the electronic file to form a corresponding ciphertext, and send the electronic file through the Internet sending to the terminal to decrypt the ciphertext into the original plaintext, the method includes a registration procedure and a file request procedure, the registration procedure includes the following steps: The user loads a reading application program into the terminal, and the reading application program includes a first encryption key; The user uses the reading application to register with the server host as a legal terminal; After the server mainframe completes the legal registration of the terminal, it will generate a user identification code and a user-specific second encryption key, and the user identification code and the second encryption key will be encrypted and sent to the legal Registered Terminals; and The reading application program of the terminal further encrypts the received user identification code and the second encryption key together with the identification code representing the terminal to form a terminal encrypted file, which is stored in the legally registered terminal; The document request procedure consists of the following steps: When a terminal requests the server host for an electronic file, the server host encrypts the plaintext of the electronic file with the second encryption key to form a corresponding ciphertext, and transmits the ciphertext through the Internet The network is sent to the terminal; When the reading application program of the terminal receives the ciphertext, it first decrypts the encrypted file of the terminal with the first encryption key, and obtains the second encryption key and the identification code of the terminal; and When the reading application program compares the obtained terminal identification code with the current terminal identification code, if the result is the same, then use the second encryption key to decrypt the received ciphertext, otherwise stop the subsequent decryption action, To prevent piracy of the electronic file by non-legal terminals. 2. The method according to claim 1, wherein the server host includes an encryption key generation module, and the encryption key generation module will generate the user-specific second encryption for different users registered in the user database. key. 3. The method according to claim 2, wherein the server host includes a password database, and all registered user data and their specific second encryption keys are stored in the password database. 4. The method according to claim 1, wherein the server host includes an electronic file database for storing plaintext data of a plurality of electronic files, and a control center for controlling the operation of the server host. 5. The method according to claim 4, wherein when the server host receives a request for the electronic file, the control center will retrieve the plaintext information of the electronic file from the electronic file database, and the encryption module will use the first The second encryption key encrypts the plaintext of the electronic file to form a corresponding ciphertext. 6. The method of claim 1, wherein both the first encryption key and the second encryption key are sequences of 128 bits. 7. A computer system capable of preventing piracy of electronic files, the computer system comprising a server host that can be connected to a plurality of terminals via the Internet, the terminals comprising a central processing unit, a hard disk and a network card, each terminal having At least one identification code representing the terminal, and the identification code of the terminal can be the identification code of the central processing unit, the identification code of the hard disk or the identification code of the network card, and the terminal can propose to the server host via the Internet Request for an electronic file, the server host can encrypt the plaintext of the electronic file to form a corresponding ciphertext, and send it to the terminal via the Internet to decrypt the ciphertext into the original plaintext, the server The host contains: A public program module for storing a reading application program including a first encryption key, the reading application program can be downloaded by the user to the terminal for storage and use; A registration module, when the user registers with the server host using the reading application program of the terminal, the registration module will generate a user identification code and register the terminal as a legal terminal; A user database to record all legally registered users and their terminal identification codes; an encryption key generation module, used to generate a user-specific second encryption key; and An encryption module, used to encrypt the user identification code and the second encryption key, and send them to the legally registered terminal; Wherein the reading application program of the terminal further encrypts the received user identification code and the second encryption key together with the computer identification code representing the terminal to form a terminal encrypted file, which is stored in the legally registered terminal, and When a terminal requests the server host for an electronic file, the encryption module encrypts the plaintext of the electronic file with the second encryption key to form a corresponding ciphertext, and transmits the ciphertext through the Internet sent to the terminal, when the reading application program of the terminal receives the ciphertext, it will first decrypt the encrypted document of the terminal with the first encryption key, and obtain the second encryption key and the identification code, and When the identification code obtained by the reading application program is the same as the identification code of the current terminal, the received ciphertext is decrypted with the second encryption key, otherwise the subsequent decryption action is stopped to prevent illegal terminals Piracy of the electronic document. 8. The computer system according to claim 7, wherein the server host includes a password database, and all registered user information and their specific second encryption keys are stored in the password database. 9. The computer system according to claim 7, wherein the server host includes an electronic file database for storing plaintext data of a plurality of electronic files, and a control center for controlling the operation of the server host. 10. The computer system of claim 7, wherein both the first encryption key and the second encryption key are sequences with 128 bits.

Images