Information processing system and method
First Claim
1. An information processing system for distributing encrypted message data capable of being used only in not less than one device selected, said individual device comprising:
- encryption processing means for holding a different key set of a node key peculiar to each node in a hierarchical tree structure with a plurality of different devices as leaves and a leaf key peculiar to each device and executing decrypting process on said encrypted message data distributed to a device using said key set;
wherein a message data distributing means generates a renewal node key into which at least one of the node keys in a group constituted by nodes and leaves connected at subordinate of a top node which is one node of the hierarchical tree structure is renewed and an enabling key block (EKB) into which said renewal node key is encrypted with a node key or a leaf key in said group, and generating and distributing a message data encrypted with said renewal node key.
1 Assignment
0 Petitions
Accused Products
Abstract
A content key, an authentication key, and a program data etc. are transmitted with an enabling key block (EKB) in an encrypted key constitution of a tree structure. The EKB has a constitution in which a device as a leaf of the tree holds a leaf key and a limited node key, and a specific enabling key block (EKB) is generated and distributed to a group specified by a specific node to limit devices that can be renewed. As the devices that do not belong to the group cannot perform decryption, the security for distributing keys etc. can be secured. Thus, distribution of various kinds of keys or data is executed in an encryption key constitution of a tree structure to realize an information processing system and method enabling to distribute data efficiently and safely.
44 Citations
33 Claims
-
1. An information processing system for distributing encrypted message data capable of being used only in not less than one device selected,
said individual device comprising: -
encryption processing means for holding a different key set of a node key peculiar to each node in a hierarchical tree structure with a plurality of different devices as leaves and a leaf key peculiar to each device and executing decrypting process on said encrypted message data distributed to a device using said key set;
wherein a message data distributing means generates a renewal node key into which at least one of the node keys in a group constituted by nodes and leaves connected at subordinate of a top node which is one node of the hierarchical tree structure is renewed and an enabling key block (EKB) into which said renewal node key is encrypted with a node key or a leaf key in said group, and generating and distributing a message data encrypted with said renewal node key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
12. An information processing method for distributing from a message data distributing means encrypted message data capable of being used only in not less than one device selected, comprising:
-
a message data distributing step of generating a renewal node key into which at least one of the node keys in a group constituted by nodes and leaves connected at subordinate of a top node which is one node of the hierarchical tree structure having a plurality of different devices as leaves is renewed, and an enabling key block (EKB) into which said renewal node key is encrypted with a node key or a leaf key in said group, and generating and distributing a message data encrypted by said renewal node key; and
a decrypting processing step of executing decrypting processing on said encrypted message data by using a key set in each device holding said different key set of a node key peculiar to each node in said hierarchical tree structure and a leaf key peculiar to each device.
-
-
21. An information recording medium having stored therein data, storing:
-
a renewal node key into which at least one of the node keys in a group constituted by nodes and leaves connected at subordinate of the top node which is one node of the hierarchical tree structure having a plurality of different devices as leaves is renewed and an enabling key block (EKB) into which said renewal node key is encrypted by a node key or a leaf key in said group; and
a message data encrypted by said renewal node key. - View Dependent Claims (22, 23, 24, 27, 28, 29, 30)
-
-
25. A program providing medium for providing a computer program for executing decrypting process of encrypted content data on a computer system, said computer program comprising:
-
a renewal node key obtaining step of obtaining a renewal node key by decrypting process of an enabling key block (EKB) into which said renewal node key into which at least one of the node keys in a group constituted by nodes and a leaf connected at subordinate of the top node which is one node of the hierarchical tree structure having a plurality of different devices as leaves is renewed is encrypted with a node key or a leaf key in a group on a renewal node key;
a step of executing decrypting process by said renewal node key to obtain a content key used as a decryption key for said encrypted content; and
a step of executing decryption of said encrypted content by said content key.
-
-
26. An information processing method for distributing encrypted message data capable of being used only in not less than one device selected, comprising the steps of:
-
generating a renewal node key into which at least one of the node keys in a group constituted by nodes and leaves connected at subordinate of a top node which is one node of the hierarchical tree structure having a plurality of different devices as leaves is renewed, and an enabling key block (EKB) into which said renewal node key is encrypted by a node key or a leaf key in said group; and
generating a message data encrypted with said renewal node key to distribute it to devices.
-
-
31. An information processing method comprising:
-
a renewal node key obtaining step of obtaining a renewal node key by decrypting processing of an enabling key block (EKB) into which said renewal node key into which at least one of the node keys in a group constituted by nodes and a leaf connected to a subordinate of a top node which is one node of a hierarchical tree structure having a plurality of different devices as leaves is renewed is encrypted with a node key or a leaf key in said group;
a content key obtaining step of executing decryption process with said renewal node key to obtain a content key used as a decryption key for said encrypted content; and
an executing step of executing decrypting of said encrypted content by said content key.
-
-
32. (Added) An information processing system for distributing encrypted message data capable of being used only in not less than one device selected,
said individual device comprising: -
encryption processing means for holding a different key set of a node key peculiar to each node in a hierarchical tree structure with a plurality of different devices as leaves and a leaf key peculiar to each device and executing decrypting process on said encrypted message data distributed to a device using said key set;
wherein a message data distributing means generates a renewal node key into which at least one of the node keys in a group constituted by nodes and leaves connected at subordinate of a top node which is one node of the hierarchical tree structure is renewed and an enabling key block (EKB) into which said renewal node key is encrypted with a node key or a leaf key in said group, and generating and distributing a message data encrypted with said renewal node key, wherein said message data distributing means generates an encrypted message data encrypted by using said renewal node key and an enabling key block (EKB) containing one or more renewal node keys encrypted by using a leaf key or a node key that is not held by devices other than said selected device, and distributes said encrypted message data and said enabling key block, wherein said selected device decrypts said encrypted message data with said key set held by said selected device only and said enabling key block into an original message data.
-
-
33. (Added) An information processing apparatus comprising:
-
key set storing means for holding one of the different key sets of a node key peculiar to each node in a hierarchical tree structure with a plurality of different devices as leaves and a leaf key peculiar to each device, each of said key sets being prescribed differently; and
encrypted processing means for decrypting an encrypted data by using said node key and said leaf key stored in said key set storing means or a key distributed, wherein said encrypted processing means wherein decryption of a encrypted message data with a renewal node key by decrypting a renewal node key with which said message data is encrypted with a leaf key or a node key held in said key set storing means is made, on encrypted data containing a message data encrypted with a renewal node key into which at least one of the node keys in a group constituted by nodes and leaves connected at subordinate of a top node which is one node of the hierarchical tree structure is renewed and an enabling key block (EKB) containing one or more renewal node keys encrypted by using a leaf key or a node key that is not held by devices other than said selected device.
-
Specification