METHOD FOR GENERATING DECRYPTION KEY, APPARATUS AND METHOD USING DECRYPTION KEY

US 20070180233A1
Filed: 09/13/2006
Published: 08/02/2007
Est. Priority Date: 01/27/2006
Status: Active Grant

First Claim

Patent Images

1. A decryption key generation method including:

dividing a group of a plurality of user identification information items for individually identifying a plurality of user systems into a plurality of subgroups;

assigning the subgroups to a plurality of different leaves on a tree structure respectively, the tree structure including a root node, one or a plurality of nodes and the leaves;

assigning different individual key generation polynomials to all or some of the root, the nodes, and the leaves on the tree structure respectively;

assigning each subgroup one of the individual key generation polynomials which corresponds to one of leaves assigned to the each subgroup or an ancestor node of the one of the leaves; and

substituting each user identification information item in the each subgroup into the one of the individual key generation polynomial assigned to the each subgroup and a common key generation polynomial common to the root, the nodes, and the leaves, to obtain a decryption key unique to each user system which corresponds to the each user identification information item, wherein at least one of linear sums of coefficients with the same degree of the one of the individual key generation polynomial and the common key generation polynomial differs for each of the root, the nodes, and the leaves on the tree structure, and the linear sums of other coefficients with the same degrees are constant.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.

Citations

31 Claims

1. A decryption key generation method including:
- dividing a group of a plurality of user identification information items for individually identifying a plurality of user systems into a plurality of subgroups;
  
  assigning the subgroups to a plurality of different leaves on a tree structure respectively, the tree structure including a root node, one or a plurality of nodes and the leaves;
  
  assigning different individual key generation polynomials to all or some of the root, the nodes, and the leaves on the tree structure respectively;
  
  assigning each subgroup one of the individual key generation polynomials which corresponds to one of leaves assigned to the each subgroup or an ancestor node of the one of the leaves; and
  
  substituting each user identification information item in the each subgroup into the one of the individual key generation polynomial assigned to the each subgroup and a common key generation polynomial common to the root, the nodes, and the leaves, to obtain a decryption key unique to each user system which corresponds to the each user identification information item, wherein at least one of linear sums of coefficients with the same degree of the one of the individual key generation polynomial and the common key generation polynomial differs for each of the root, the nodes, and the leaves on the tree structure, and the linear sums of other coefficients with the same degrees are constant.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A method according to claim 1, wherein assigning different individual key generation polynomials assigns to one (v) of the root, the nodes, and the leaves on the tree structure, a individual key generation polynomial $A_{v}$
    - ( x ) = ∑
      
      i = 0 k a ⁢
      
      ( a v , i - λ
      
      v ⁢
      
      b i ) ⁢
      
      x i ⁢
      
      mod ⁢
      
      ⁢
      
      q and the common key generation polynomial $B (x) = \sum_{i = 0}^{k_{b}} b_{i} x^{i} \mod q,$ where λ
      
      _vis a constant value unique to each of the root, the nodes, and the leaves, k_aand k_bare arbitrary positive integer values, and q is a predetermined positive integer value, and at least one coefficient a_v,n(n is an integer satisfying 0≦
      
      n≦
      
      ka) of coefficients a_v,i(i=0, 1, . . . , ka) of the individual key generation polynomial A_v(x) is a constant value unique to each of the root, the nodes, and the leaves.
  - 3. A method according to claim 2, wherein a degree k_aof the individual key generation polynomial A_v(x) and a degree kb of the common key generation polynomial B(x) are not less than a (2k−
    - 1)th degree with respect to a maximum conspirator count k.
  - 4. A method according to claim 2, wherein a degree of at least one of the individual key generation polynomials assigned to all or some of the root, the nodes, and the leaves on the tree structure differs from degrees of other individual key generation polynomials.
  - 5. A method according to claim 1, wherein assigning different individual key generation polynomials assigns to one (v) of the root, the nodes, and the leaves on the tree structure, a individual key generation polynomial $A_{v}$
    - ( x ) = ∑
      
      i = 0 2 ⁢
      
      k - 1 ⁢
      
      ( a v , i - λ
      
      v ⁢
      
      b i ) ⁢
      
      x i ⁢
      
      mod ⁢
      
      ⁢
      
      q $a_{v, i} = {\begin{matrix} a_{i} (i \neq v \mod 2 k) \\ c_{v} (i = v \mod 2 k) \end{matrix}$ and the common key generation polynomial $B (x) = \sum_{i = 0}^{2 k - 1} b_{i} x^{i} \mod q$ where λ
      
      _vand c_vare constant values unique to each of the root, the nodes, and the leaves, k is an arbitrary positive integer value, and q is a predetermined positive integer value.

6. A content distribution system which distributes an encrypted content and header information to a plurality of user systems, comprising:
- a first encryption unit configured to encrypt a content such that the content is adapted to be decrypted with a session key, to obtain the encrypted content;
  
  a second encryption unit configured to encrypt the session key with a public key corresponding to a plurality of decryption keys respectively assigned to the user systems, to obtain an encrypted session key;
  
  a generation unit configured to generate the header information which includes the encrypted session key and allows the encrypted session key to be decrypted by using a decryption key unique to each user system which is permitted to decrypt the encrypted session key; and
  
  a transmission unit configured to transmit the encrypted content and the header information to each user system;
  
  wherein the decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. A system according to claim 6, wherein at least one of linear sums of coefficients with the same degree of the individual key generation polynomial and the common key generation polynomial differs for each of the root, the nodes, and the leaves on the tree structure, and the linear sums of other coefficients with the same degrees are constant.
  - 8. A system according to claim 6, wherein the header information includes one or a plurality of unique data items, each of which is unique to each of the root, the nodes, and the leaves on the tree structure, and wherein the generation unit, when invalidating decryption keys of all user systems belonging to a specific subgroup of the subgroups, substitutes a specific unique data item of the unique data items which corresponds to a leaf assigned to the specific subgroup or an ancestor node of the leaf with a different data item from the specific unique data item, or dose not includes, in the header information, the specific unique data item.
  - 9. A system according to claim 6, wherein the header information includes one or a plurality of unique data items, each of which is unique to each of the root, the nodes, and the leaves on the tree structure and a value based on a partial set of a plurality of user identification information items belonging to a specific subgroup of the subgroups, and wherein the generation unit does not include, in the partial set, a user identification information item of a user system whose decryption key is invalidated, the user system being one of all user systems belonging to the specific subgroup.
  - 10. A system according to claim 9, wherein the header information includes one or a plurality of unique data items, each of which is unique to each of the root, the nodes, and the leaves on the tree structure and a value based on a partial set of a plurality of user identification information items belonging to a specific subgroup of the subgroups, and wherein the generation unit, when invalidating decryption keys of all user systems belonging to another subgroup different from the specific subgroup of the subgroups, substitutes one of the unique data items which corresponds to a leaf assigned to the another subgroup or an ancestor node of the leaf with a different data item from the one of the unique data items, or dose not includes, in the header information, the one of the unique data items.
  - 11. A system according to claim 6, wherein the generation unit generates first header information which corresponds to one of the nodes on the tree structure and allows the encrypted session key to be decrypted by using a decryption key assigned to a user system of user systems belonging to a subgroup assigned to each leaf having the node as an ancestor node which is permitted to decrypt the encrypted session key, and second header information which corresponds to one of the leaves on the tree structure and allows the encrypted session key to be decrypted by using a decryption key assigned to a user system of user systems belonging to a subgroup assigned to the leaf which is permitted to decrypt the encrypted session key, and the transmission unit transmits identical elements of elements in the first header information and the second header information so as to allow the identical elements to be shared.
  - 12. A system according to claim 6, wherein if the number of user systems which are to be individually inhibited from decrypting the encrypted session key is not less than one, the encrypted session key is adapted to be decrypted by using m+1 types of share data items with respect to a value m set on the basis of a relationship between the number (w) of user systems which are to be individually inhibited from decrypting the encrypted session key and degrees of the individual key generation polynomial and the common key generation polynomial, and the generation unit generates header information including (a) one or a plurality of unique data items based on each of which the share data item unique to each user system is obtained and each of which is unique to each of the root, the nodes, and the leaves on the tree structure, and (b) m share data items which include w share data items unique to user systems which are to be individually inhibited from decrypting the encrypted session key and do not depend on a decryption key held by each user system which is permitted to decrypt the encrypted session key.
  - 13. A system according to claim 12, wherein the generation unit, when inhibiting all users belonging to a specific subgroup other than a subgroup to which a user system to be individually inhibited from decrypting the encrypted session key from decrypting the encrypted session key, substitutes a specific unique data item of the unique data items which corresponds to a leaf assigned to the specific subgroup or an ancestor node of the leaf with a different data item from the specific unique data item, or dose not includes, in the header information, the specific unique data item.

14. A user system comprising:
- a memory to store a decryption key unique to the user system which is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying a plurality of user systems, and (c) substituting the user identification information item of the user system into one of the individual key generation polynomials which corresponds to one of the leaves assigned to one of the subgroups to which the user identification information item corresponding to the user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves;
  
  a receiving unit configured to receive an encrypted content obtained by encrypting a content with a session key and header information which includes an encrypted session key and allows the encrypted session key to be decrypted;
  
  a session key decryption unit configured to decrypt the session key from the received header information by using the decryption key; and
  
  a content decryption unit configured to decrypt the received encrypted content by using the decrypted session key.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. A system according to claim 14, wherein at least one of linear sums of coefficients with the same degree of the individual key generation polynomial and the common key generation polynomial differs for each of the root, the nodes, and the leaves on the tree structure, and the linear sums of other coefficients with the same degrees are constant.
  - 16. A system according to claim 14, wherein the header information includes one or a plurality of unique data items, each of which is unique to each of the root, the nodes, and the leaves on the tree structure, and when decryption keys of all user systems belonging to a specific subgroup of the subgroups are to be invalidated, one of the unique data items which is unique to a leaf assigned to the specific subgroup or an ancestor node of the leaf is substituted with a different data item from the one of the unique data items or deleted, and the session key decryption unit decrypts the session key by using a unique data item which is included in the header information and is unique to a leaf or an ancestor node thereof on the tree structure which is assigned to a subgroup to which the user identification information item corresponding to the user system belongs.
  - 17. A system according to claim 14, wherein the header information includes one or a plurality of unique data items, each of which is unique to each of the root, the nodes, and the leaves on the tree structure and a value based on a partial set of a plurality of user identification information items belonging to a specific subgroup of the subgroups, and the partial set is set so as not to include user identification information item of a user system of user systems belonging to the specific subgroup which is made to invalidate a decryption key, and the session key decryption unit decrypts the session key by using a unique data item which is included in the header information and is unique to a leaf or an ancestor node thereof on the tree structure which is assigned to the subgroup to which the user identification information item corresponding to the user system belongs, and data item based on the partial set of a plurality of user identification information items belonging to the subgroup.
  - 18. A system according to claim 17, wherein in order to invalidate decryption keys of user systems belonging to another subgroup different from the specific subgroup of the subgroups, the header information includes a different data item from a unique data item which is unique to a leaf assigned to the another subgroup or an ancestor node of the leaf, or the header information dose not include the unique data item which is unique to the leaf assigned to the another subgroup or the ancestor node of the leaf.
  - 19. A system according to claim 14, wherein in order to allow the session key to be decrypted, if the number of user systems which are to be individually inhibited from decrypting the encrypted session key is not less than one, by using the encrypted session key is adapted to be decrypted by using m+1 types of share data with respect to a value m set on the basis of a relationship between the number (w) of user systems which are to be individually inhibited from decrypting the encrypted session key and degrees of the individual key generation polynomial and the common key generation polynomial, the header information includes (a) an unique data item based on which share data unique to each user system is obtained and which is unique to each of the root, the nodes, and the leaves on the tree structure, and (b) m share data items which include w share data items unique to user systems which are to be individually inhibited from decrypting the encrypted session key and do not depend on a decryption key held by each user system which is permitted to decrypt the encrypted session key, and the session key decryption unit obtains the share data item unique to the user system by using the unique data item which is included in the header information and is unique to a leaf or an ancestor node thereof on the tree structure which is assigned to a subgroup to which user identification information item corresponding to the user system belongs, and decrypts the session key by using the obtained share data item and m share data items included in the header information.
  - 20. A system according to claim 19, wherein in order to inhibit all users belonging to a specific subgroup other than a subgroup to which a user system to be individually inhibited from decrypting the encrypted session key belongs from decrypting the encrypted session key, the header information includes a different data item from a unique data item which is unique to a leaf assigned to the specific subgroup or an ancestor node of the leaf, or the header information dose not include the unique data item which is unique to the leaf assigned to the specific subgroup or the ancestor node of the leaf.

21. A tracking system which tests a test object user system and specifies an unauthorized user from a plurality of users of a plurality of user systems, comprising:
- a content encryption unit configured to encrypt a content with a session key to obtain an encrypted content;
  
  a generation unit configured to generate header information which includes an encrypted session key obtained by encrypting the session key and allows the encrypted session key to be decrypted with a decryption key of each user system which is permitted to decrypt the encrypted session key;
  
  an acquiring unit configured to acquire a decryption result of the encrypted content which is obtained by the test object user system by inputting the encrypted content and the header information to the test object user system; and
  
  a specifying unit configured to specify not less than one user system based on which the test object user system is produced from the user systems on the basis of a relationship between each header information and each decryption result acquired when the each header information is input to the test object user system, by causing the generation unit to generate the header information while changing the number of user systems to be invalidated which are inhibited from decrypting the encrypted session key;
  
  wherein the decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.
- View Dependent Claims (22, 23)
- - 22. A system according to claim 21, wherein at least one of linear sums of coefficients with the same degree of the individual key generation polynomial and the common key generation polynomial differs for each of the root, the nodes, and the leaves on the tree structure, and the linear sums of other coefficients with the same degrees are constant.
  - 23. A system according to claim 21, wherein when the decryption result is that the encrypted content is decrypted, if the number of user systems to be invalidated is j−
    - 1, and the decryption result is that the encrypted content is not decrypted, if a number obtained by adding another user system different from the j−
      
      1 user systems to the user systems to be invalidated is j, the specifying unit specifies the another user system as an unauthorized user.

24. A content distribution method in a content distribution system which distributes an encrypted content and header information to a plurality of user systems, comprising:
- encrypting a content such that the content is adapted to be decrypted with a session key, to obtain the encrypted content;
  
  encrypting the session key with a public key corresponding to a plurality of decryption keys respectively assigned to the user systems, to obtain an encrypted session key;
  
  generating the header information which includes the encrypted session key and allows the encrypted session key to be decrypted by using a decryption key unique to each user system which is permitted to decrypt the encrypted session key; and
  
  transmitting the encrypted content and the header information to each user system, wherein the decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.

25. A method for decrypting an encrypted content in a user system, including:
- storing, in a memory, a decryption key unique to the user system which is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying a plurality of user systems, and (c) substituting the user identification information item of the user system into one of the individual key generation polynomials which corresponds to one of the leaves assigned to one of the subgroups to which the user identification information item corresponding to the user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves;
  
  receiving an encrypted content obtained by encrypting a content with a session key and header information which includes an encrypted session key and allows the encrypted session key to be decrypted;
  
  decrypting the session key from the received header information by using the decryption key; and
  
  decrypting the received encrypted content by using the decrypted session key.

26. A method for specifying an unauthorized user from a plurality of users of a plurality of user systems, the method applied to a tracking system which tests a test object user system and includes:
- a content encryption unit configured to encrypt a content with a session key to obtain an encrypted content;
  
  a generation unit configured to generate a header information item which includes an encrypted session key obtained by encrypting the session key and allows the encrypted session key to be decrypted with a decryption key of each user system which is permitted to decrypt the encrypted session key; and
  
  an acquiring unit configured to acquire a decryption result of the encrypted content which is obtained by the test object user system by inputting the encrypted content and the header information item to the test object user system;
  
  the method including;
  
  causing the generation unit to generate the header information item while changing the number of user systems to be invalidated which are inhibited from decrypting the encrypted session key, to obtain a plurality of header information items;
  
  specifying not less than one user system based on which the test object user system is produced from the user systems on the basis of a relationship between each of the header information items and each decryption result acquired when the each of the header information items is input to the test object user system, wherein the decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.

27. A computer program stored on a computer readable medium, the computer program for operating the computer to distributes an encrypted content and header information to a plurality of user systems, the computer program comprising:
- first program instruction means for instructing the computer processor to encrypt a content such that the content is adapted to be decrypted with a session key, to obtain the encrypted content;
  
  second program instruction means for instructing the computer processor to encrypt the session key with a public key corresponding to a plurality of decryption keys respectively assigned to the user systems, to obtain an encrypted session key;
  
  third program instruction means for instructing the computer processor to generate the header information which includes the encrypted session key and allows the encrypted session key to be decrypted by using a decryption key unique to each user system which is permitted to decrypt the encrypted session key; and
  
  fourth program instruction means for instructing the computer processor to transmit the encrypted content and the header information to each user system;
  
  wherein the decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.

28. A computer program stored on a computer readable medium, the computer program for operating the computer as a user system decrypting an encrypted content distributed from a content distribution system, the computer program comprising:
- first program instruction means for instructing the computer processor to store, in a memory, a decryption key unique to the user system which is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying a plurality of user systems, and (c) substituting the user identification information item of the user system into one of the individual key generation polynomials which corresponds to one of the leaves assigned to one of the subgroups to which the user identification information item corresponding to the user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves;
  
  second program instruction means for instructing the computer processor to receive an encrypted content obtained by encrypting a content with a session key and header information which includes an encrypted session key and allows the encrypted session key to be decrypted;
  
  third program instruction means for instructing the computer processor to decrypt the session key from the received header information by using the decryption key; and
  
  fourth program instruction means for instructing the computer processor to decrypt the received encrypted content by using the decrypted session key.

29. A computer program stored on a computer readable medium, the computer program for operating the computer as a tracking system which tests a test object user system and specifies an unauthorized user from a plurality of users of a plurality of user systems, the computer program comprising:
- first program instruction means for instructing the computer processor to encrypt a content with a session key to obtain an encrypted content;
  
  second program instruction means for instructing the computer processor to generate header information which includes an encrypted session key obtained by encrypting the session key and allows the encrypted session key to be decrypted with a decryption key of each user system which is permitted to decrypt the encrypted session key;
  
  third program instruction means for instructing the computer processor to acquire a decryption result of the encrypted content which is obtained by the test object user system by inputting the encrypted content and the header information to the test object user system; and
  
  fourth program instruction means for instructing the computer processor to specify not less than one user system based on which the test object user system is produced from the user systems on the basis of a relationship between each header information and each decryption result acquired when the each header information is input to the test object user system, by causing the generation unit to generate the header information while changing the number of user systems to be invalidated which are inhibited from decrypting the encrypted session key;
  
  wherein the decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.

30. An encryption apparatus which generates an encrypted content and header information which are distributed to a plurality of user systems, comprising:
- a first encryption unit configured to encrypt a content such that the content is adapted to be decrypted with a session key, to obtain the encrypted content;
  
  a second encryption unit configured to encrypt the session key with an encryption key corresponding to a plurality of decryption keys respectively assigned to the user systems, to obtain an encrypted session key;
  
  a generation unit configured to generate the header information which includes the encrypted session key and allows the encrypted session key to be decrypted by using a decryption key unique to each user system which is permitted to decrypt the encrypted session key;
  
  wherein the decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.

31. A decryption apparatus included in a user system which receives an encrypted content obtained by encrypting a content with a session key and header information which includes an encrypted session key and allows the encrypted session key to be decrypted, the apparatus comprising:
- a memory to store a decryption key unique to the user system which is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying a plurality of user systems, and (c) substituting the user identification information item of the user system into one of the individual key generation polynomials which corresponds to one of the leaves assigned to one of the subgroups to which the user identification information item corresponding to the user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves;
  
  a session key decryption unit configured to decrypt the session key from the received header information by using the decryption key; and
  
  a content decryption unit configured to decrypt the received encrypted content by using the decrypted session key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
MATSUSHITA, Tatsuyuki

Granted Patent

US 8,122,246 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/159
CPC Class Codes

H04L 9/0833 involving conference or gro...

METHOD FOR GENERATING DECRYPTION KEY, APPARATUS AND METHOD USING DECRYPTION KEY

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR GENERATING DECRYPTION KEY, APPARATUS AND METHOD USING DECRYPTION KEY

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links