can anyone help me how to encrypt/protect a ttf/otf font file so that it could not be copied or used. Actually I am Arabic/Urdu font developer, I had developed many fonts, now I want to sale my fonts, but I need a protection that my font will run only on that system, which is allowed by me. I want to apply protection to avoid piracy of my fonts.
How it could be done?
Some font foundries are using a technique. they encrypt font file, you can not access its OT tables, you will be able to see fonts glyphs only. But the allow use of their font through their plugin which allows to run font only on that computer which is the original buyer of that font. otherwise you will not be able to access that font file.
How it could be done, Any body can help me in this regard?
But, like Christopher, I worked at Adobe for a long time—11 years for me, twice that for him. One of the things we both lived through, from the foundry side, was Adobe’s flirtations with copy protection for East Asian fonts, done primarily to please their Japanese font partner Morisawa.
Adobe developed copy protection for fonts three times. Twice it implemented something, and later discontinued it. The third time it developed a technology, but never deployed it. Why not, you might ask?
Such techniques are effective against casual piracy, but will not prevent all possible piracy. Eventually people will decrypt your fonts and place them on servers.
The one thing copy protection does succeed at, is frustrating legitimate or reasonable usage which is incompatible in one way or another with your copy protection. And just making using your fonts more work.
Besides the hassle for the user, you are creating a major tech support burden for yourself. And you will have to either develop the technology or pay somebody else for it, as well.
Would you disallow embedding your fonts in PDF because they can be fairly trivially extracted from the PDF? (Although only the glyphs and font tables that are in the PDF can be extracted; depending on the embedding this may or may not be all glyphs and all font tables.)
Are you willing to be incompatible with a significant number of major design programs? Or force your users to have plug-ins for them? Unless things have changed (and I freely admit my knowledge of this area is old), many major design apps access installed font files fairly directly, not just through system APIs. That means that besides a system-level add-on, to work with apps such as Illustrator, Photoshop and InDesign you would need to have app-specific plug-ins. And your users would have to install them. And they would need to be updated periodically to work with new app versions. And you might have frustrated users during gaps when they have upgraded their app and the updated plug-in isn’t yet available.
In Adobe’s case, they had to reinvent copy protection when format changes made their old fonts obsolete. The thing that made Adobe stop doing copy protection? In the end, the the cost simply exceeded the value to Adobe and Morisawa, even though that cost was shouldered in substantial part by end users.
I am very sympathetic to type designers and foundries who are frustrated by piracy. I hate font piracy, too. But copy protection is a truly awful experience for everybody involved.
What I mean is that if the font is to work with any application, then at some point the application must pass the complete, unencrypted font to a system font service (CoreText, Harfbuzz, DirectWrite, etc.). At which point a malicious application can simply write the unencrypted font file to disk.
It's your choice, of course. Personally, I'd rather spend my time making more fonts.
Regarding specific usages/applications though, I have an impression that the Adobe typekit does that? Ie. Fonts are downloaded from Adobe servers etc and kept in some virtual disk location, and are tied to the user's creative cloud subscription. Such fonts are also only visible to Adobe family of applications, Illustrator, Photoshop, etc?
And for Adobe Fonts I can see why they want to hide and copy-protect their files: it’s a subscription. Once you are no longer a subscriber, you should lose access to the font files. But for any perpetual desktop license, I would not accept having to install a custom font provider for just a single font family. As @Paul van der Laan pointed out, type.world would at least aggregate multiple vendors and thus just require a single font provider app, but I can not imagine its font protection to be bulletproof either.
Lesson 1: Obscurity is a far greater threat to authors and creative artists than piracy.
Lesson 2: Piracy is progressive taxation
For all of these creative artists, most laboring in obscurity, being well-enough known to be pirated would be a crowning achievement. Piracy is a kind of progressive taxation, which may shave a few percentage points off the sales of well-known artists (and I say “may” because even that point is not proven), in exchange for massive benefits to the far greater number for whom exposure may lead to increased revenues.
Lesson 3: Customers want to do the right thing, if they can.
Piracy is a loaded word, which we used to reserve for wholesale copying and resale of illegitimate product. The music and film industry usage, applying it to peer-to-peer file sharing, is a disservice to honest discussion...
The simplest way to get customers to stop trading illicit digital copies of music and movies is to give those customers a legitimate alternative, at a fair price.
(I have kicked around ideas for how to do this with other people in the past, thought of numerous approaches to doing it. Anybody on the foundry side of the fence who wants some ideas, feel free to approach me privately.)
The easiest way is to add a new custom opentype table, like a DSIG, but for purchaser info. A harder one would be some steganographic technique spreading the info across tiny repositioning of the glyph nodes, or an unused glyph.
However, any such technique has one problem: it makes two copies of the font different. As the change must not affect the font's functioning, such technique can always be beaten by comparing two copies of the font, and just removing the differing parts. Yes, the pirate needs to buy two copies instead of one; that only makes it more costly for them, just not particularly hard to break.
But these are all intellectual exercises - fonts, to be usable system-wide, are interceptable at the OS's renderer; finger-printing techniques trying to identify and ban bad buy-once-resale-many customers are breakable by getting two copies and strip away the difference. You can write a little python script wrapping ttx fonttools to do that, for example.
Once somebody TTXs your font files, its game over. But at that point they are unlikely to be a potential buyer, even with improved file protection.
As for where one hides the hashed bitstream - even tiny zero-width user-invisible contours on the .notdef glyph, for example, is far less obvious and less detectable (and breaking) than glyph order. Let's try another example: just shaking/jittering the O shape (which has at least 16 control points, or 32 co-ordinates) by 1 or 0, which is 1 part in 2048, and invisible at any reasonable rasterization (how often do you ask for point size 256?) due to hinting and fit-to-grid.
And that goes to another area of hiding: it is also possible to hide 32-bit of information in hinting instructions which are present but totally used by any glyph at any resolution, in the form of garbage-filled user-defined routines, for example. Since it is not used, it can contain arbitrary stuff.
Glyph order is just too visible and too breaking.
Please avoid such a tone. It’s neither productive nor inviting.
In fact quite the opposite: keep talking about silly and stupid ways of DRM, gives the wrong impression that one is cleverer than those silly and stupid ideas... Being cleverer than silly and stupid is not exactly a productive thing.
So, some people want to stay talking about easily breakable encryption; okay...