Honeyman Cipher Solutions LLC v. Costco Wholesale Corp

I. Executive Summary and Procedural Information

• Parties & Counsel:
  • Plaintiff: Honeyman Cipher Solutions LLC (Delaware)
  • Defendant: Costco Wholesale Corporation (Delaware)
  • Plaintiff’s Counsel: Rabicoff Law LLC
• Case Identification: 6:20-cv-00850, W.D. Tex., 09/17/2020
• Venue Allegations: Plaintiff alleges venue is proper because Defendant has committed acts of patent infringement in the district and maintains an established place of business there.
• Core Dispute: Plaintiff alleges that unspecified "Exemplary Defendant Products" infringe a patent related to the secure distribution of cryptographic keys for accessing encrypted digital content.
• Technical Context: The technology addresses digital rights management (DRM) for software on open computing platforms, a field critical for protecting digital media from unauthorized copying and distribution.
• Key Procedural History: The complaint does not mention any prior litigation, licensing history, or administrative proceedings related to the patent-in-suit.

Case Timeline

Date	Event
1997-12-18	Priority Date for U.S. Patent No. 5,991,399
1999-11-23	Issue Date for U.S. Patent No. 5,991,399
2020-09-17	Complaint Filed

II. Technology and Patent(s)-in-Suit Analysis

U.S. Patent No. 5,991,399 - "Method for securely distributing a conditional use private key to a trusted entity on a remote system"

The Invention Explained

• Problem Addressed: The patent addresses the inherent security risks of open computing platforms like the personal computer (PC), where software can be easily observed and modified. Specifically, it confronts the problem of digital piracy, where a malicious user could "hack" a software media player (e.g., a DVD player application) to extract its decryption key and use it to make unauthorized copies of encrypted content. (’399 Patent, col. 1:13-28; col. 2:39-59).
• The Patented Solution: The invention proposes a system that avoids pre-loading a universal decryption key into the player software. Instead, when a user wants to access specific encrypted content, the player requests a key from a remote server. The server generates a new, temporary asymmetric key pair and builds an "executable tamper resistant key module" that contains the new private key. This module is sent to the client's player. Before decrypting the content, the module first verifies the integrity and authenticity of the player software itself to ensure it has not been modified. Only if the player is validated will the private key be used to unlock the content. (’399 Patent, Abstract; Fig. 4A-4B).
• Technical Importance: This dynamic, per-session key generation and software integrity verification model represented a more robust approach to DRM than static, embedded keys, aiming to tie content access directly to the authorized, unmodified state of the playback software. (’399 Patent, col. 2:60-65).

Key Claims at a Glance

• The complaint asserts infringement of "one or more claims" and "exemplary claims" without specifying them (Compl. ¶11). Independent claim 1 is representative of the core method:
  • generating an asymmetric key pair having a public key and a private key;
  • encrypting predetermined data with the generated public key;
  • building an executable tamper resistant key module identified for a selected program, the executable tamper resistant key module including the generated private key and the encrypted predetermined data.
• The complaint does not explicitly reserve the right to assert dependent claims.

III. The Accused Instrumentality

Product Identification

• The complaint does not identify any specific accused products, services, or methods by name. It refers generally to "the Defendant products identified in the charts incorporated into this Count" and "Exemplary Defendant Products" (Compl. ¶11, ¶13).

Functionality and Market Context

• The complaint does not provide sufficient detail for analysis of the accused instrumentality's functionality. The infringement allegations are contained within an "Exhibit 2," which is referenced but not attached to the filed complaint (Compl. ¶13-14). Therefore, no description of the accused products' operation or market context can be derived from the complaint.

IV. Analysis of Infringement Allegations

The complaint incorporates by reference claim charts from an "Exhibit 2," which was not provided with the complaint (Compl. ¶13). Therefore, a detailed claim chart summary cannot be constructed. The infringement theory relies on the conclusory allegation that the "Exemplary Defendant Products practice the technology claimed by the '399 Patent" (Compl. ¶13).

No probative visual evidence provided in complaint.

Identified Points of Contention

Due to the limited detail in the pleading, the primary points of contention are currently procedural and evidentiary rather than technical.

• Evidentiary Questions: A threshold question for the court will be what specific products are accused and what evidence Plaintiff can marshal to demonstrate that they perform the claimed steps. The complaint itself provides no factual basis for this analysis.
• Technical Questions: Assuming an accused product is identified, a key technical question may be whether it actually performs the step of "building an executable tamper resistant key module" that includes a "generated private key" and "encrypted predetermined data", as this describes a specific, multi-part software architecture. The analysis will question whether the accused system's security mechanism, whatever it may be, maps onto this claimed structure.

V. Key Claim Terms for Construction

• The Term: "executable tamper resistant key module"

• Context and Importance: This term is the core of the invention, representing the secure container for the decryption key. Its construction will be critical to determining the scope of the claims. Practitioners may focus on this term because its definition will dictate whether modern security architectures, which may achieve tamper resistance through different means (e.g., hardware-based trusted execution environments), fall within the claim's scope.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: The summary of the invention describes the module in functional terms as an "executable tamper resistant key module identified for the program" which includes the key and data, suggesting any executable module performing this function could qualify. (’399 Patent, col. 3:10-16).
  • Evidence for a Narrower Interpretation: The detailed description provides specific characteristics, stating the module is created using a "tamper resistant compiler" that generates "obfuscated," "self-decrypting software" that performs "self-checks of object code" and "bilateral authentication." (’399 Patent, col. 5:19-34; col. 5:56-61). This could support a narrower construction limited to modules with these specific software-based protection features.

• The Term: "selected program"

• Context and Importance: This term defines the entity that the "key module" is built for and interacts with. The relationship between the two is central to the claimed method. The dispute may hinge on whether any application requesting a key qualifies as a "selected program," or if it must be a specific type of application like the "trusted player" described in the patent.

• Intrinsic Evidence for Interpretation:

  • Evidence for a Broader Interpretation: Claim 1 uses the general term "selected program" without modification. (’399 Patent, col. 12:57-58).
  • Evidence for a Narrower Interpretation: The specification consistently describes the program as a "trusted player," such as a "DVD player, compact disk read only memory (CD-ROM) player, or floppy disk device driver," which is validated by the key module. (’399 Patent, col. 3:56-4:7). An argument could be made that "selected program" should be construed as being limited to this type of client-side media playback application.

VI. Other Allegations

• Indirect Infringement: The complaint does not allege induced or contributory infringement.
• Willful Infringement: The complaint does not contain a separate count for willful infringement or allege facts supporting pre-suit knowledge by the Defendant. However, the prayer for relief requests a judgment that "this case be declared exceptional within the meaning of 35 U.S.C. § 285" (Compl. p. 4, ¶E.i).

VII. Analyst’s Conclusion: Key Questions for the Case

1. Evidentiary Foundation: The most immediate question is evidentiary. Given that the complaint lacks specific product identifications and incorporates an unfiled exhibit, a central issue will be whether Plaintiff can produce sufficient evidence to connect the abstract claims of the ’399 Patent to the concrete functionality of any Costco product, system, or service.

2. Technological Equivalence: A core substantive issue will likely be one of architectural scope: can the term "executable tamper resistant key module," which the patent describes as a specific type of obfuscated, self-verifying software, be construed to read on security mechanisms in modern systems that may achieve tamper resistance through fundamentally different means, such as hardware-level isolation or different cryptographic protocols?

3. Claim Scope and Obsolescence: The case raises a question of temporal relevance: does the specific method of claim 1—generating an asymmetric key pair to encrypt "predetermined data" (e.g., a symmetric key) and packaging it all in a software module for a "selected program"—describe a specific 1990s-era DRM architecture, or is it broad enough to cover contemporary secure content delivery systems that may have evolved significantly?