Network system, terminal, and method for encryption and decryption
First Claim
3. A network system comprising:
- a sender terminal for encrypting information by using a first key and sending the encrypted information over a network;
recipient terminals for receiving encrypted data sent from said sender terminal and decrypting said sent information by using a second key; and
a dealer for delivering said second key unique to each of said recipient terminals to each recipient terminal and delivering said first key to said sender terminal, said first key being used for encryption that can be decrypted by using said second key.
3 Assignments
0 Petitions
Accused Products
Abstract
Provides encryption methods, and systems and apparatus corresponding decryption method systems and apparatus in which terminals belonging to a subset selected as a recipient group can collaborate to decrypt encrypted information. In an example embodiment, a sender and recipients communicate information over a network. The sender sends information encrypted by using a group key that can be decrypted by collaboration among a given number of recipients to the recipients in a predetermined recipient group. On the other hand, the recipients receive encrypted data from the sender, exchange partial information concerning the encrypted data among a plurality of recipients in the recipient group to obtain decryption information used for decrypting the encrypted data, and decrypt the sent information by using the decryption information.
51 Citations
41 Claims
-
3. A network system comprising:
-
a sender terminal for encrypting information by using a first key and sending the encrypted information over a network;
recipient terminals for receiving encrypted data sent from said sender terminal and decrypting said sent information by using a second key; and
a dealer for delivering said second key unique to each of said recipient terminals to each recipient terminal and delivering said first key to said sender terminal, said first key being used for encryption that can be decrypted by using said second key. - View Dependent Claims (4, 5, 31)
-
-
6. A network system comprising a sender terminal for sending information over a network and recipient terminals for receiving said information over said network, wherein,
said sender terminal includes: -
an encryption module for encrypting information by using a predetermined session key and encrypting said session key based on a group key produced by using public keys of a given number of recipient terminals to which said information is to be sent; and
a communication module for sending said session key encrypted by said encryption module and said information encrypted by using said session key to said recipient terminals to which said information is to be sent, and each of said recipient terminals comprises;
a communication module for receiving encrypted data sent from said sender terminal and sending and receiving data to and from the other recipient terminals;
a key generation module for generating a secret key of that recipient terminal and a public key based on said secret key; and
a decryption module for processing said encrypted session key by using said secret key to obtain partial decryption information, exchanging said partial decryption information with a plurality of said recipient terminals to obtain decryption information used for decrypting said session key, decrypting said session key by using said obtained decryption information, and decrypting said sent information by using said decrypted session key. - View Dependent Claims (7, 8, 32)
-
-
9. A conference system comprising a subject provider terminal for providing a subject to be discussed and participant terminals for obtaining said subject provided from said subject provider over a network and making a decision about said subject, wherein;
-
said subject provider terminal encrypts said subject to produce encrypted subject that can be decrypted by collaboration among a number of participant terminals in said participant terminals that is equal to a predetermined threshold, and delivers said encrypted subject to said participant terminals over said network;
said participant terminals receive encrypted data sent from said subject provider terminal and exchange partial information unique to each of the participant terminals among a number of participant terminals equal to said threshold to produce decryption information required for decrypting said encrypted data. - View Dependent Claims (33)
-
-
10. A metering system comprising a content user terminal for obtaining content over a network and using said content, and a metering server for monitoring obtainment of said content by said content user terminals, wherein:
-
said content user terminal receives encrypted data that can be decrypted by collaborating with said metering server and exchanges partial information unique to said content user terminal and partial information unique to said metering server with said metering server to generate decryption information required for decrypting the content; and
said metering server exchanges information concerning said encrypted data with said content user terminal and monitors access by said content user terminal.
-
-
11. A metering system comprising a content provider terminal for providing a content over a network and a metering server for monitoring obtainment of said content by a predetermined terminal, wherein:
-
said content provider terminal encrypts said subject to produce encrypted content that can be decrypted by collaboration between said terminal to which said content is to be provided and said metering server and sends said encrypted content to said terminal; and
said metering server monitors access to said metering server by said terminal aiming to decrypt said content. - View Dependent Claims (1, 2, 30, 34)
-
-
12. A secret distribution system comprising a secret holder terminal for providing secret information and a plurality of secret distribution target terminals for obtaining said secret information from said secret holder terminal over a network and holding said secret information in a distributed manner, wherein:
-
said secret holder terminal encrypts said secret information in a manner that said encrypted information can be decrypted by collaboration among a given number of said secret distribution target terminals and sends said encrypted secret information to said secret information distribution target terminals over said network; and
said secret distribution target terminals receive and hold encrypted data sent from said secret holder terminal and, if said secret distribution target terminals want to resolve secrecy of said secret information, exchange partial information among said secret distribution target terminals to generate decryption information for decrypting said secret information, and said partial information is unique to each of said secret distribution target terminal and used for decrypting said encrypted data. - View Dependent Claims (35)
-
-
13. A terminal for delivering information over a network comprising:
-
a recipient group determination module for determining a recipient group including a given number of recipient terminals to which information is to be sent and storing said recipient group in a data storage;
an encryption module for reading said recipient group from said data storage, using a group key produced based on a set of the ID information of said recipient terminals in said recipient group to encrypt information to be sent in a manner that the encrypted information can be decrypted by information exchange among a predetermined number of recipient terminals in said recipient terminals in said recipient group, and storing it in the data storage; and
a transmission module for reading said encrypted information from said data storage and sending it to said recipient terminal over said network. - View Dependent Claims (14, 15, 16, 17, 36)
-
-
18. A terminal for receiving information delivered over a network, comprising:
-
a communication module for sending and receiving data over said network; and
a decryption module for storing encrypted data received by said communication module in a data storage, obtaining from said encrypted data a threshold indicating the number of terminals required to collaborate to decrypt said encrypted data, exchanging partial information with a number of other terminals equal to said threshold through said communication module, said partial information being unique to each of the terminals and used for decrypting said encrypted data, obtaining decryption information for decrypting said encrypted data from the partial information provided from the terminals through said information exchange, and using said decryption information to decrypt said encrypted data stored in said data storage. - View Dependent Claims (19, 20, 37)
-
-
21. An encryption method comprising the steps of:
-
determining a recipient group including a given number of recipients to which information is to be sent;
reading ID information of said recipients in said recipient group from memory and generating a group key based on the ID information;
reading the information from the memory and encrypting the information by using the generated group key in a manner that the encrypted information can be decrypted by information exchange by a predetermined number of recipients in said recipients in said recipient group. - View Dependent Claims (22, 23, 24, 38, 39)
-
-
25. A decryption method comprising the steps of:
-
obtaining from encrypted data received over a network a threshold indicating the number of terminals required to collaborate to decrypt encrypted information;
exchanging partial information among a number of terminals interconnected over a network that is equal to said threshold, said partial information being unique to each of the terminals and being used for decrypting said encrypted data; and
obtaining decryption information for decrypting said encrypted data from said partial information obtained from each of said terminals through the information exchange and decrypting said encrypted data based on said decryption information. - View Dependent Claims (40, 41)
-
-
26. A program for controlling a computer to encrypt information, said program causing said computer to perform the steps of:
-
determining a recipient group including a given number of recipient terminals in terminals accessible over a network to which information is to be sent, and storing said recipient group in memory; and
reading said recipient group from said memory and encrypting said information by using a group key produced based on a set of ID information of said recipient terminals in said recipient group in such a manner that the encrypted information can be decrypted by information exchange by a predetermined number of recipient terminals in said recipient terminals in said recipient group.
-
-
27. A program for controlling a computer to decrypt encrypted information, said program causing said computer to perform the steps of:
-
obtaining a threshold indicating the number of terminals required to collaborate to decrypt the encrypted information from encrypted data received over a network;
exchanging partial information among a number of terminals interconnected over the network that is equal to said threshold, said partial information being unique to each of the terminals and used for decrypting said encrypted data; and
obtaining decryption information from the partial information obtained from each terminal through the exchange and decrypting said encrypted data based on said decryption information.
-
-
28. A recording medium on which a program for controlling a computer to encrypt information is recorded in a form readable by said computer, said program causing said computer to perform the steps of:
-
determining a recipient group including a given number of recipient terminals in terminals accessible over a network to which information is to be sent and storing said recipient group in memory; and
reading said recipient group from said memory and encrypting said information by using a group key produced based on a set of ID information of said recipient terminals in said recipient group in such a manner that the encrypted information can be decrypted by information exchange by a predetermined number of recipient terminals in said recipient terminals in said recipient group.
-
-
29. A recording medium on which a program for controlling a computer to decrypt encrypted information is recorded in a form readable by said computer, said program causing said computer to perform the steps of:
-
obtaining a threshold indicating the number of terminals required to collaborate to decrypt the encrypted information from encrypted data received over a network;
exchanging partial information among a number of terminals interconnected over the network that is equal to said threshold, said partial information being unique to each of the terminals and used for decrypting said encrypted data; and
obtaining decryption information for decrypting said encrypted information from the partial information obtained from each terminal through the exchange and decrypting said encrypted data based on said decryption information.
-
-
34-1. A computer program product comprising a computer usable medium having computer readable program code means embodied therein for causing the metering system, the computer readable program code means in said computer program product comprising computer readable program code means for causing a computer to effect the functions of claim 11.
Specification