System and method for secure font subset distribution

US 6,065,008 A
Filed: 10/01/1997
Issued: 05/16/2000
Est. Priority Date: 10/01/1997
Status: Active Grant

First Claim

Patent Images

1. A method for supplying authenticated font subsets, comprising the following steps:

constructing an authentication tree for a font;

subsetting the font to form a font subset; and

distributing the font subset together with at least one authentication value of the authentication tree that represents portions of the font that are not contained in the font subset.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention concerns a system and method for securely distributing subsetted fonts from a distributor to a client. The system includes a signing module to construct an authentication tree having leaves formed of glyphs, one or more intermediate levels of nodes computed as one-way functions of the glyphs, and a root computed as a one-way function of the nodes. The signing module digitally signs the root of the authentication tree using a private signing key unique to the font creator or distributor. The system has a subsetting module to construct a font subset file that contains selected glyphs and other data to be included in a font subset. The font subset file also holds the digitally signed root of the font authentication tree and one or more authentication values of the authentication tree that represents non-selected glyphs and data of the font that are not contained in the font subset. The font subset file is distributed to requesting clients. An authentication module at the client authenticates the font subset file received from the distributor. The authentication module reconstructs the root of the authentication tree using the selected glyphs and data in the font subset and the authentication values that represent the non-selected glyphs and data not contained in the font subset. The authentication module also produces an unsigned version of the digitally signed root using a public key of the font creator to produce an unsigned root digest. The authentication module compares the unsigned root to the reconstructed root and if and only if they match, authenticates the font subset file as originating from the distributor (or font creator) and not being subsequently altered.

113 Citations

27 Claims

1. A method for supplying authenticated font subsets, comprising the following steps:
- constructing an authentication tree for a font;
  
  subsetting the font to form a font subset; and
  
  distributing the font subset together with at least one authentication value of the authentication tree that represents portions of the font that are not contained in the font subset.
- View Dependent Claims (2, 3, 4)
- - 2. A method as recited in claim 1 wherein the constructing step comprises the following steps:
    - constructing one or more intermediate authentication trees for tables in a font file; and
      
      constructing the authentication tree from the intermediate authentication trees.
  - 3. A method as recited in claim 1 further comprising the following steps:
    - receiving the font subset and the authentication value(s); and
      
      authenticating the font subset using the authentication value(s).
  - 4. A method as recited in claim 1 further comprising the following steps:
    - digitally signing a root of the authentication tree;
      
      storing the font subset, the authentication value(s), and the digitally signed root as a font subset data file.

5. A data structure stored on a computer-readable medium constructed as a result of the following steps:
- constructing an authentication tree for a font;
  
  digitally signing a root of the authentication tree;
  
  subsetting the font to form a font subset;
  
  storing the font subset, at least one authentication value of the authentication tree that represents portions of the font that are not contained in the font subset, and the digitally signed root as a font subset data file.

6. A computer-readable medium having computer executable instructions that, when executed on a processor, perform the following steps:
- constructing an authentication tree for a font;
  
  subsetting the font to form a font subset; and
  
  distributing the font subset together with at least one authentication value of the authentication tree that represents portions of the font that are not contained in the font subset.

7. A method comprising the following steps:
- receiving a font subset that is subsetted from a font file, the font file being represented by an authentication tree whose root is digitally signed by a source;
  
  receiving at least one authentication value from the authentication tree that represents portions of the font that are not contained in the font subset;
  
  receiving the digitally signed root;
  
  reconstructing the authentication tree from the font subset and the authentication value(s); and
  
  authenticating the font subset based upon the reconstructed authentication tree and the digitally signed root.
- View Dependent Claims (8, 9)
- - 8. A method as recited in claim 7, wherein the authenticating step comprises the following steps:
    - producing an unsigned root from the signed root;
      
      deriving a reconstructed root from the reconstructed authentication tree;
      
      comparing the reconstructed root with the unsigned root; and
      
      accepting the font subset as authentic if the reconstructed root matches the unsigned root.
  - 9. A computer-readable medium having computer executable instructions for performing the steps in the method as recited in claim 7.

10. A method for supplying a font comprising the following steps:
- constructing a hash tree for the font, the hash tree having leaves formed of glyphs and data that define the font, the hash tree also having a root;
  
  digitally signing the root of the hash tree to authenticate the font as belonging to a source;
  
  subsetting the font by selecting one or more of the glyphs and data to form a font subset;
  
  storing the font subset, one or more hash values that represent all remaining glyphs and data that are not part of the selected font subset, and the digitally signed root as a font subset file;
  
  electronically transmitting the font subset file;
  
  receiving the font subset file;
  
  producing an unsigned root of the hash tree from the signed root contained in the font subset file;
  
  reconstructing the hash tree from the font subset and the one or more hash values contained in the font subset file to derive a reconstructed root; and
  
  authenticating the font subset by comparing the reconstructed root with the unsigned root derived from the signed root.

11. In a system for electronically delivering media wherein the media is segmented into multiple individual media segments and the segments are used to construct an authentication tree that is digitally signed by a source to authenticate the media as belonging to the source, a method comprising the following steps:
- subsetting the media to form a media subset containing one or more of the media segments; and
  
  sending the media subset and at least one authentication value of the authentication tree that represents the media segments not contained within the media subset so that a recipient can authenticate the media subset as belonging to the source.
- View Dependent Claims (12, 13)
- - 12. A method as recited in claim 11, further comprising the following steps:
    - receiving the media subset and the authentication value(s) at the recipient; and
      
      authenticating the media subset using the authentication value(s).
  - 13. A method as recited in claim 11, further comprising the following steps:
    - subsetting the media subset to form a second media subset containing one or more of the media segments in the media subset; and
      
      sending the second media subset and at least one authentication value of the authentication tree that represents the media segments not contained within the second media subset so that a recipient can authenticate the second media subset as belonging to the source.

14. In a system for electronically delivering media wherein the media is segmented into multiple individual media segments and the segments are used to construct an authentication tree that is digitally signed by a source to authenticate the media as belonging to the source, a computer-readable medium having computer executable instructions that, when executed on a processor, perform the following steps:
- subsetting the media to form a media subset containing one or more of the media segments; and
  
  sending the media subset and at least one authentication value of the authentication tree that represents the media segments not contained within the media subset so that a recipient can authenticate the media subset as belonging to the source.

15. A system for supplying authenticated font subsets, comprising:
- a signing module to construct an authentication tree for a font and digitally signing a root of the authentication tree;
  
  a subsetting module to subset the font to form a font subset and constructing a font subset file containing the font subset, the digitally signed root, and at least one authentication value of the authentication tree that represents portions of the font that are not contained in the font subset; and
  
  an authentication module to authenticate the font subset by reconstructing the root of the authentication tree using the font subset and the authentication value(s) from the font subset file, producing an unsigned root from the digitally signed root of the font subset file, and checking the unsigned root against the reconstructed root.
- View Dependent Claims (16, 17, 18)
- - 16. A system as recited in claim 15, wherein the signing module resides at a font creator, the subsetting module resides at a font distributor separate from the font creator, and the authentication module resides at a recipient.
  - 17. A system as recited in claim 15, wherein the signing module and the subsetting module reside at a single source and the authentication module resides at a recipient.
  - 18. A system as recited in claim 15, further comprising:
    - a source computer residing at a font creator, the signing module being configured as a software component executing on the source computer;
      
      a distributor computer residing at a font distributor, the subsetting module being configured as a software component executing on the distributor computer; and
      
      a recipient computer residing at a recipient, the authentication module being configured as a software component executing on the recipient computer.

19. A computer program embodied on a computer-readable medium for creating a font file, the font file including a set of glyphs, comprising:
- a code segment to instruct a computer to construct an authentication tree having leaves formed of glyphs, one or more intermediate levels of nodes computed as one-way functions of the glyphs, and a root computed as a one-way function of the nodes; and
  
  a code segment to instruct a computer to digitally sign the root of the authentication tree.
- View Dependent Claims (20)
- - 20. A computer program as cited in claim 19, wherein the font file also contains other data in addition to the glyphs, further comprising a code segment to instruct a computer to construct an authentication tree having leaves formed of glyphs and the other data, one or more intermediate levels of nodes computed as one-way functions of the glyphs and the other data, and a root computed as a one-way function of the nodes.

21. A computer operating system embodied on a computer-readable medium having code segments for creating a font file, the font file including a set of glyphs, the computer operating system comprising:
- a code segment to instruct a computer to construct an authentication tree having leaves formed of glyphs, one or more intermediate levels of nodes computed as one-way functions of the glyphs, and a root computed as a one-way function of the nodes; and
  
  a code segment to instruct a computer to digitally sign the root of the authentication tree.

22. A computer program embodied on a computer-readable medium for subsetting a font file, the font file including a set of glyphs and a digitally signed root of an authentication tree that is derived from the glyphs, comprising:
- a code segment to instruct a computer to create a font subset file that includes part of the glyphs in the font file and excludes remaining ones of the glyphs in the font file; and
  
  a code segment to instruct a computer to add to the font subset file the digitally signed root and one or more nodes from the authentication tree that represent the remaining glyphs.

23. A computer operating system embodied on a computer-readable medium having code segments for subsetting a font file, the font file including a set of glyphs and a digitally signed root of an authentication tree that is derived from the glyphs, the computer operating system comprising:
- a code segment to instruct a computer to create a font subset file that includes part of the glyphs in the font file and excludes remaining ones of the glyphs in the font file; and
  
  a code segment to instruct a computer to add to the font subset file the digitally signed root and one or more nodes from the authentication tree that represent the remaining glyphs.

24. A computer program embodied on a computer-readable medium for handling a font subset file that is subsetted from a font file, wherein the font file is represented by an authentication tree having leaves formed of glyphs, one or more intermediate levels of nodes computed as one-way functions of the glyphs, and a root computed as a one-way function of the nodes, and wherein the font subset file contains selected glyphs, the root of the authentication tree, and one or more of the nodes from the authentication tree that represent non-selected glyphs, comprising:
- a code segment to instruct a computer to reconstruct the root of the authentication tree from the selected glyphs and the nodes contained in the font subset file; and
  
  a code segment to instruct a computer to authenticate the font subset file based on the reconstructed root and the root contained in the font subset file.
- View Dependent Claims (25, 26)
- - 25. A computer program as recited in claim 24, wherein the root is digitally signed and the font subset file contains the digitally signed root, comprising:
    - a code segment to instruct a computer to produce an unsigned root from the digitally signed root contained in the font subset file;
      
      a code segment to instruct a computer to compare the unsigned root from the font subset file to the reconstructed root; and
      
      a code segment to instruct a computer to authenticate the font subset file if the unsigned root matches the reconstructed root.
  - 26. A computer operating system embodied on a computer-readable medium incorporating the computer program as recited in claim 24.

27. A data structure embodied on a computer-readable medium, comprising:
- an identification field containing an identification of a font subset that is subsetted from a font;
  
  a content field containing selected glyphs and data that define the font subset;
  
  an authentication field containing one or more authentication values from an authentication tree for the font, the authentication values representing non-selected glyphs and data from the font that are not part of the font subset; and
  
  a signature field containing a digitally signed root value computed from a root of the authentication tree.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Meltzer, David, Benaloh, Josh, Simon, Daniel R., Hitchcock, Gregory, Chinn, Donald D.
Primary Examiner(s)
Fetting, Anton W.
Assistant Examiner(s)
ROBINSON, GRETA LEE

Application Number

US08/942,036
Time in Patent Office

958 Days
Field of Search

707/542, 707/908, 707/10, 707/1, 707/9, 707/529, 345/467, 380/3, 380/4
US Class Current

1/1
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 40/109   Font handling; Temporal or ...

Y10S 707/99939   Privileged access

System and method for secure font subset distribution

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

113 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

System and method for secure font subset distribution

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

113 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others