Data protection system that protects data by encrypting the data
First Claim
1. A data protection system that comprises three or more terminals, an encryption device, and an encryption key designation device, and protects distribution data that is to be distributed to the terminals, according to the encryption device encrypting the distribution data, characterized in that:
- each terminal stores a decryption key group assigned individually to the terminal according to a predetermined key assignment method, obtains an encrypted distribution data group that has been output from the encryption device, and uses a stored decryption key to decrypt encrypted distribution data;
the predetermined key assignment method (a) determines two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or gore of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, (b) decides one or more decryption keys individually in correspondence with each terminal and each determined terminal group, and (c) assigns to each terminal the decryption key decided in correspondence with the terminal and all decryption keys decided in correspondence with all terminal groups that include the terminal;
the encryption key designation device designates encryption keys, and includes;
an invalid terminal designation unit for designating one or more terminals as invalid terminals;
an encryption key designation unit, when all the decryption keys assigned to the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure; and
the encryption device includes;
an encryption unit for encrypting distribution data by successively using all the designated encryption keys to encrypt distribution data, generating the encrypted distribution data group, and outputting the generated encrypted distribution data group.
2 Assignments
0 Petitions
Accused Products
Abstract
The object of the present invention is to provide a data protection system that reduces to a degree the amount of encrypted data that is distributed to a multiplicity of terminals, and that has a structure in which a terminal whose decryption keys are exposed by a dishonest party is made unable to decrypte the data correctly, while other terminals are able to decrypt the data correctly. The present invention is a data protection system that includes a multiplicity of terminals, and an encryption device that encrypts distribution data that is distributed to each terminal. Each terminal is corresponded with one node on a lowest level of 4-ary tree structure or the like that has a plurality of hierarchies. The data protection system, for each node in the tree structure, excluding those on the lowest level, determines a plurality of combination patterns that include combinations of two or more of all four nodes that are reached one level below the node, decides an individual decryption key for each determined combination pattern, further decides an individual decryption key for each node on the lowest level, and has each terminal store all decryption keys decided for the nodes on the path from the node on the lowest level that corresponds to the terminal through to the node on the highest level. The data protection system prescribes reached from the node on the lowest level that corresponds to the terminal through to the node on the highest level that correspond to a terminal that has been dishonestly analyzed as invalid nodes. For invalid nodes, other than invalid nodes on the lowest level, the data protection system designates an encryption key that corresponds to the decryption key decided in correspondence with the combination pattern that combines all nodes, excluding invalid nodes, of the four nodes that are reached one level below the node, and has the encryption device encrypt distribution data that uses each of the designated encryption keys.
-
Citations
43 Claims
-
1. A data protection system that comprises three or more terminals, an encryption device, and an encryption key designation device, and protects distribution data that is to be distributed to the terminals, according to the encryption device encrypting the distribution data, characterized in that:
-
each terminal stores a decryption key group assigned individually to the terminal according to a predetermined key assignment method, obtains an encrypted distribution data group that has been output from the encryption device, and uses a stored decryption key to decrypt encrypted distribution data;
the predetermined key assignment method (a) determines two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or gore of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, (b) decides one or more decryption keys individually in correspondence with each terminal and each determined terminal group, and (c) assigns to each terminal the decryption key decided in correspondence with the terminal and all decryption keys decided in correspondence with all terminal groups that include the terminal;
the encryption key designation device designates encryption keys, and includes;
an invalid terminal designation unit for designating one or more terminals as invalid terminals;
an encryption key designation unit, when all the decryption keys assigned to the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure; and
the encryption device includes;
an encryption unit for encrypting distribution data by successively using all the designated encryption keys to encrypt distribution data, generating the encrypted distribution data group, and outputting the generated encrypted distribution data group. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A decryption key determining device that determines decryption key groups for use in decryption to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, comprising:
a decryption key setting unit for (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, and (b) corresponding an individual decryption key with each terminal and each determined terminal group; and
a decryption key group assignment unit for determining, for each terminal, the corresponded decryption key and all the decryption keys corresponded with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal. - View Dependent Claims (14, 15, 16, 17, 18)
-
19. A decryption key determining method that determines decryption key groups for use in decryption to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, comprising:
-
a terminal group determination step for determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups;
a decryption key correspondence step for corresponding an individual decryption key with each terminal and each determined terminal group; and
a decryption key group assignment step for determining, for each terminal, the corresponded decryption key and all the decryption keys corresponded with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal.
-
-
20. A computer program for executing on a computer decryption key determining processing that determines decryption key groups for use in decryption to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, the decryption key determining processing comprising:
-
a terminal group determination step for determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups;
a decryption key correspondence step for corresponding an individual decryption key with each terminal and each determined terminal group; and
a decryption key group assignment step for determining, for each terminal, the corresponded decryption key and all the decryption keys corresponded with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal.
-
-
21. A recording medium having stored thereon a computer program for executing on a computer decryption key determining processing that determines decryption key groups for use in decryption to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, the decryption key determining processing comprising:
-
a terminal group determination step for determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups;
a decryption key correspondence step for corresponding an individual decryption key with each terminal and each determined terminal group; and
a decryption key group assignment step for determining, for each terminal, the corresponded decryption key and all the decryption keys corresponded with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal.
-
-
22. A decryption terminal system including three or more terminals for obtaining encrypted data and decrypting the obtained encrypted data, each terminal comprising:
-
a decryption key group storage unit for storing a decryption key group that has been individually assigned to the terminal according to a predetermined key assignment method;
an encrypted data obtaining unit for obtaining encrypted data; and
a decryption unit for decrypting the obtained encrypted data using one of the stored decryption keys, wherein the predetermined key assignment method (a) determines two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, (b) decides one or more decryption keys individually in correspondence with each terminal and each determined terminal group, and (c) assigns to each terminal the decryption key decided in correspondence with the terminal and all decryption keys decided in correspondence with all terminal groups that include the terminal. - View Dependent Claims (23, 24, 25)
-
-
26. An encryption key designation device that designates one or more encryption keys to be used in encrypting distribution data that is distributed to three or more terminals, comprising:
a decryption key setting unit for (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, and (b) deciding one or more decryption keys individually in correspondence with each terminal and each determined terminal group;
a decryption key group correspondence unit for corresponding with each terminal the decryption key decided in correspondence with the terminal and all decryption keys decided in correspondence with all terminal groups that include the terminal;
an invalid terminal designation unit for designating one or more terminals as invalid terminals; and
a encryption key designation unit, when all the decryption keys corresponded with the terminals by the decryption key group correspondence unit, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure. - View Dependent Claims (27, 28, 29, 30, 31)
-
32. An encryption device for encrypting distribution data that is to be distributed to three or more terminals, comprising:
a decryption key setting unit for (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, and (b) deciding one or more decryption keys individually in correspondence with each terminal and each determined terminal group;
a decryption key group correspondence unit for corresponding with each terminal the decryption key decided in correspondence with the terminal and all decryption keys decided in correspondence with all terminal groups that include the terminal;
an invalid terminal designation unit for designating one or more terminals as invalid terminals;
an encryption key designation unit, when all the decryption keys corresponded with the terminals by the decryption key group correspondence unit, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure;
an encryption unit for encrypting the distribution data successively using all designated encryption keys, to generate an encrypted distribution data group; and
an output unit for outputting the generated encrypted distribution data externally. - View Dependent Claims (33, 34, 35, 36)
-
37. An encryption key designation method that designates an encryption key to be used in encrypting distribution data that is distributed to three or more terminals, comprising:
-
a terminal group determination step for determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, a decryption key group correspondence step for corresponding one or more decryption keys individually in correspondence with each terminal and each determined terminal group;
a decryption key group correspondence step for corresponding with each terminal, in addition to the decryption key corresponded with the terminal, all decryption keys prescribed in correspondence with all terminal groups that include the terminal;
an invalid terminal designation step for designating one or more terminals as invalid terminals; and
an encryption key designation step, when all the decryption keys corresponded with the terminals by the decryption key group correspondence step, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure.
-
-
38. A computer program for executing on a computer designation processing that designates one or more encryption keys to be used in encrypting distribution data that is distributed to three or more terminals, the designation processing comprising:
-
a terminal group determination step for determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, a decryption key group correspondence step for corresponding one or more decryption keys individually in correspondence with each terminal and each determined terminal group;
a decryption key group correspondence step for corresponding with each terminal, in addition to the decryption key corresponded with the terminal, all decryption keys prescribed in correspondence with all terminal groups that include the terminal;
an invalid terminal designation step for designating one or more terminals as invalid terminals; and
an encryption key designation step, when all the decryption keys corresponded with the terminals by the decryption key group correspondence step, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure.
-
-
39. A program recording medium having stored thereon a computer program for executing on a computer designation processing that designates one or more encryption keys to be used in encrypting distribution data that is distributed to three or more terminals, the designation processing comprising:
-
a terminal group determination step for determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, a decryption key group correspondence step for corresponding one or more decryption keys individually in correspondence with each terminal and each determined terminal group;
a decryption key group correspondence step for corresponding with each terminal, in addition to the decryption key corresponded with the terminal, all decryption keys prescribed in correspondence with all terminal groups that include the terminal;
an invalid terminal designation step for designating one or more terminals as invalid terminals; and
an encryption key designation step, when all the decryption keys corresponded with the terminals by the decryption key group correspondence step, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure.
-
-
40. A computer-readable recording medium having stored thereon a plurality of pieces of encrypted distribution data that have been generated by using each of a plurality of encryption keys to encrypt distribution data that is distributed to three or more terminals, the plurality of encryption keys having been designated by designation processing, the designation processing comprising:
-
a terminal group determination step for determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and so that a relationship is satisfied such that any of the terminal groups that shares a same terminal as a member with another one or more of the terminal groups does not completely include and is not completely included in the other one or more of the terminal groups, a decryption key group correspondence step for corresponding one or more decryption keys individually in correspondence with each terminal and each determined terminal group;
a decryption key group correspondence step for corresponding with each terminal, in addition to the decryption key corresponded with the terminal, all decryption keys prescribed in correspondence with all terminal groups that include the terminal;
an invalid terminal designation step for designating one or more terminals as invalid terminals; and
an encryption key designation step, when all the decryption keys corresponded with the terminals by the decryption key group correspondence step, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, and supposing that a procedure for selecting an assigned valid decryption key for the most terminals to which a selected valid decryption key is not assigned is repeated until all terminals have been assigned a selected valid decryption key, for designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the procedure.
-
-
41. A decryption terminal that obtains encrypted data and decrypts the obtained encrypted data, comprising:
-
a decryption key group storage unit for storing a decryption key group that has been individually assigned to the terminal according to a predetermined key assignment method;
an encrypted data obtaining unit for obtaining encrypted data; and
a decryption unit for decrypting the obtained encrypted data using one of the stored decryption keys, wherein the predetermined key assignment method, (a) when it is supposed that there are three or more terminals including the terminal, determines two or more terminal groups so that the terminal belongs to a plurality of terminal groups, each of which includes two or more terminals as members, and so that the plurality of terminal groups exist so as to satisfy a relationship that a terminal group that includes the terminal as a member does not completely include and is not completely included in another of the two or more terminal groups, (b) decides one or more individual decryption keys in correspondence with the terminal and in correspondence with each determined terminal group, and (c) assigns to the terminal the one or more individual decryption keys decided in correspondence with the terminal and the one or more individual decryption keys decided in correspondence with all the terminal groups that include the terminal.
-
-
42. (New claims) A decryption terminal that obtains encrypted data and decrypts the obtained encrypted data, comprising:
-
decryption key group storage unit for storing a decryption key group that has been individually assigned to the terminal according to a predetermined key assignment method;
encrypted data obtaining unit for obtaining encrypted data; and
decryption unit for decrypting the obtained encrypted data using one of the stored decryption keys, wherein the predetermined key assignment method (a) performs a first procedure of determining, for each node other than leaves in an N-ary (N being a natural number equal to or greater than three) tree structure that has a plurality of hierarchies and whose leaves are in one-to-one correspondence with a plurality of decryption terminals that includes the terminal, a plurality of combination patterns that each combine at least two of N nodes that are one level below and are reached from the node (parent node), deciding an individual decryption key for each determined combination pattern, and corresponding the decided decryption keys with the node (parent node), (b) performs a second procedure of, for each node, other than a leaf, on a path from the leaf corresponding to the terminal to a root, designating from among the decryption keys corresponded with the node by the first procedure, decryption keys that correspond to all the combination patterns that relate to combinations that include a node that is one level below the node on the path, and (c) assigns the designated decryption keys to the terminal.
-
-
43. (New claims) A computer-readable recording medium having stored thereon a plurality of pieces of encrypted distribution data that have been generated by using each of a plurality of encryption keys to encrypt distribution data that is distributed to three or more terminals, the plurality of encryption keys having been designated by designation processing, the designation processing comprising:
-
a decryption key correspondence step for determining, for each node, other than leaves, in an N-ary (N being a natural number equal to or greater than three) tree structure that has a plurality of hierarchies and whose leaves are in one-to-one correspondence with the terminals, a plurality of combination patterns that each combine at least two of N nodes that are one level below and are reached from the node (parent node), deciding an individual decryption key for each determined combination pattern, and corresponding the decided decryption keys with the node (parent node);
a decryption key group correspondence step for designating, for each terminal, decryption keys to each node, other than a leaf, on a path from the leaf corresponding to the terminal to a root, the decryption keys being from among the decryption keys corresponded with the node by the decryption key correspondence step and corresponding to all the combination patterns that relate to combinations that include a node that is one level below the node on the path, and corresponding all the designated decryption keys with the terminal;
an invalid terminal designation step for designating one or more terminals as invalid terminals; and
an encryption key designation step, when all the decryption keys assigned to the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, repeating a procedure for selecting an assigned valid decryption key that is in correspondence with the most terminals to which a selected valid decryption key is not assigned until all terminals have been assigned a selected valid decryption key, and designating encryption keys that correspond to all of the valid decryption keys that are selected as a result of the procedure.
-
Specification