[Taylor514ce]

Steve,

You miss the point. You don't have to keep track of the key. You remember your seed value, a password, albeit a good one.

You purchase an e-book reader or install reader software. You are prompted for your password as part of the install. The software generates your key and STORES it.

When you purchase a book, you'll likely do it via a device or reader software (why have a separate storefront?). The purchase encrypts your book with your key, automatically. All you have to do is complete the transaction and start reading.

The protocols for public key cryptography are already established. I would suggest that every online vendor already uses it.

It isn't foolproof. For example, someone could decrypt all of their books outside of the reader application, and create and distribute plain-text copies. You'd have to read them with a text editor, browser, or a black market reader application that didn't require a key.

I think we all acknowledge that piracy won't go away, we also acknowledge that DRM doesn't prevent it, so as a solution to a problem, it's a failure. The problem with DRM is that it ties you to a DEVICE and FORMAT, whereas encryption does not: you're only tied to a number.

When you enter the mindset of trying to "solve the pirate problem" you are doomed to fail. I'm not trying to solve the pirate problem, it can't be solved in any manner that would still allow commerce.

Cryptography solves the legitimate problem of "how can I take reasonable efforts to protect the commercial value of intellectual property without shackling the end-user to a specific device or resorting to nebulous legal concepts such as 'licensing'."

[EDIT] Steve, the key isn't simply added to the file and thus easily removed. The file is encrypted using the key... the bytes are complete reorganized/scrambled into a new order that can only be unscrambled by running an algorithm with it (the file) plus your private key as variables.