COMMUNICATION APPARATUS, KEY SERVER, AND MANAGEMENT SERVER

US 20100008509A1
Filed: 02/10/2009
Published: 01/14/2010
Est. Priority Date: 07/11/2008
Status: Abandoned Application

First Claim

Patent Images

1. A communication apparatus that receives a plurality of pieces that constitute a part of a content, comprising:

an information obtaining unit that obtains file information indicating all or a part of the first and the second encrypted pieces and version management information capable of judging whether the file information has validity;

a content receiving unit that receives, for each of the pieces, one of a first encrypted piece and a second encrypted piece from another communication apparatus by using the file information, a plurality of first encrypted pieces being obtained by encrypting the pieces with a first encryption key, the second encrypted piece being obtained by encrypting at least one of the pieces with a second encryption key, and the first encryption key and the second encryption key for encrypting a same piece being different from each other;

a transmitting unit that transmits, to a key server, a request message for requesting decryption keys each of which is used for decrypting the one of the first encrypted piece and the second encrypted piece received by the content receiving unit for a different one of the pieces and the version management information of the file information used to obtain the one of the first encrypted piece and the second encrypted piece in correspondence with each of the pieces; and

a key receiving unit that receives the decryption keys provided by the key server in response to the request message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communication apparatus obtains file information indicating all or a part of first and second encrypted pieces obtained by encrypting a plurality of pieces constituting a part of a content and version management information with which it is possible to judge whether the file information has validity and receives, for each of the pieces, one of the first encrypted piece and the second encrypted piece from another communication apparatus, by using the file information. The communication apparatus transmits, to a key server, a request message for requesting decryption keys each being used for decrypting the one of the first encrypted piece and the second encrypted piece received for a different one of the pieces and the version management information of the file information used to obtain the one of the first encrypted piece and the second encrypted piece in correspondence with each of the pieces and receives the decryption keys.

109 Citations

View as Search Results

25 Claims

1. A communication apparatus that receives a plurality of pieces that constitute a part of a content, comprising:
- an information obtaining unit that obtains file information indicating all or a part of the first and the second encrypted pieces and version management information capable of judging whether the file information has validity;
  
  a content receiving unit that receives, for each of the pieces, one of a first encrypted piece and a second encrypted piece from another communication apparatus by using the file information, a plurality of first encrypted pieces being obtained by encrypting the pieces with a first encryption key, the second encrypted piece being obtained by encrypting at least one of the pieces with a second encryption key, and the first encryption key and the second encryption key for encrypting a same piece being different from each other;
  
  a transmitting unit that transmits, to a key server, a request message for requesting decryption keys each of which is used for decrypting the one of the first encrypted piece and the second encrypted piece received by the content receiving unit for a different one of the pieces and the version management information of the file information used to obtain the one of the first encrypted piece and the second encrypted piece in correspondence with each of the pieces; and
  
  a key receiving unit that receives the decryption keys provided by the key server in response to the request message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The apparatus according to claim 1, wherein the information obtaining unit obtains the file information and the version management information that are each updated at a predetermined time or at an arbitrary time.
  - 3. The apparatus according to claim 1, wherein the content receiving unit includesa third obtaining unit that obtains the version management information of the file information used to obtain the one of the first encrypted piece and the second encrypted piece stored in the another communication apparatus in correspondence with each of the pieces;
    - a judging unit that judges whether the one of the first encrypted piece and the second encrypted piece should be obtained in correspondence with each of the pieces from the another communication apparatus, by using the version management information obtained by the information obtaining unit and the version management information obtained by the third obtaining unit; and
      
      a requesting unit that requests the one of the first encrypted piece and the second encrypted piece in correspondence with each of the pieces from the another communication apparatus according to a result of judgment of the judging unit.
  - 4. The apparatus according to claim 3, whereinthe information obtaining unit obtains the file information and at least one of validity information indicating the version management information of one or more pieces of file information having validity and validity information specifying a range of the version management information of the one or more pieces of file information having validity, andthe judging unit judges whether the one of the first encrypted piece and the second encrypted piece should be obtained in correspondence with each of the pieces from the another communication apparatus, by using the version management information and the validity information obtained by the information obtaining unit and the version management information obtained by the third obtaining unit.
  - 5. The apparatus according to claim 1, wherein the information obtaining unit obtains the file information, the version management information, and validity information indicating an expiration time of the file information, and obtains at least the updated file information based on the expiration time indicated in the validity information.
  - 6. The apparatus according to claim 1, whereinthe communication apparatus is organized into a group in such a manner that the communication apparatus belongs to at least one group,all or the part of the first and the second encrypted pieces indicated in the file information are different for each of the groups, andthe information obtaining unit obtains the file information corresponding to the group to which the communication apparatus belongs and the version management information capable of judging whether the file information has validity.
  - 7. The apparatus according to claim 1, wherein the content receiving unit includesa first receiving unit that receives, from a management server, node information used for accessing the another communication apparatus storing the one of the first encrypted piece and the second encrypted piece;
    - anda second receiving unit that accesses the another communication apparatus by using the received node information and receives, for each of the pieces, the one of the first encrypted piece and the second encrypted piece.
  - 8. The apparatus according to claim 1, wherein the transmitting unit puts the version management information into the request message and transmits the request message to the key server.
  - 9. The apparatus according to claim 1, further comprising a decrypting unit that decrypts encrypted pieces each of which is the one of the first encrypted piece and the second encrypted piece corresponding to a different one of the pieces, by using the received decryption keys.

10. A communication apparatus that receives a plurality of pieces that constitute a part of a content, comprising:
- a content receiving unit that receives, for each of the pieces, one of a first encrypted piece and a second encrypted piece from another communication apparatus, a plurality of first encrypted pieces being obtained by encrypting the pieces with a first encryption key, the second encrypted piece being obtained by encrypting at least one of the pieces with a second encryption key, and the first encryption key and the second encryption key for encrypting a same piece being different from each other;
  
  a key request transmitting unit that transmits, to a key server storing decryption keys, a request message for requesting the decryption keys each of which is used for decrypting the one of the first encrypted piece and the second encrypted piece received by the content receiving unit for a different one of the pieces;
  
  a request receiving unit that receives, from the key server, an information request message for requesting storing proof information to prove that the communication apparatus stores the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted piece corresponding to a different one of the pieces;
  
  an information transmitting unit that transmits the storing proof information to the key server in response to the information request message; and
  
  a key receiving unit that receives all or a part of the decryption keys provided by the key server based on the storing proof information and the request message.
- View Dependent Claims (11, 12)
- - 11. The apparatus according to claim 10, whereinthe request receiving unit receives, from the key server, a calculated value request message for requesting the storing proof information that is a calculated value obtained by performing a predetermined calculation process by using selected encrypted pieces that correspond to at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece, the selected encrypted pieces being selected from the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted piece corresponding to a different one of the pieces, andthe information transmitting unit includesa calculating unit that, in response to the calculated value request message, calculates the calculated value by performing the predetermined calculation process by using the selected encrypted pieces that correspond to the at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece;
    - anda calculated value transmitting unit that transmits the calculated value to the key server.
  - 12. The apparatus according to claim 10, whereinthe request receiving unit receives, from the key server, a calculated value request message for requesting the storing proof information that is all or a part of data obtained by joining together selected encrypted pieces that correspond to at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece, the selected encrypted pieces being selected from the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted piece corresponding to a different one of the pieces, andthe information transmitting unit includesa joining unit that, in response to the calculated value request message, generates the data by joining together the selected encrypted pieces that correspond to the at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece;
    - anda data transmitting unit that transmits all or the part of the data to the key server.

13. A key server that communicates with a communication apparatus that receives a plurality of pieces that constitute a part of a content, comprising:
- a request receiving unit that receives, from the communication apparatus, a request message for requesting decryption keys each of which is used for decrypting the one of a first encrypted piece and a second encrypted piece corresponding to a different one of the pieces and version management information capable of judging whether file information has validity, a plurality of first encrypted pieces being obtained by encrypting the plurality of pieces each with a first encryption key, one or more second encrypted pieces being obtained by encrypting one or more of the plurality of pieces each with a second encryption key, for each of the pieces, the first encryption key being different from the second encryption key, the communication apparatus receives, for each of the pieces, one of the first encrypted piece and the second encrypted piece from another communication apparatus, and the file information having been used to obtain the one of the first encrypted piece and the second encrypted piece in correspondence with each of the pieces;
  
  a first storage unit that stores the decryption keys;
  
  a second storage unit that stores validity information used for identifying the version management information of one or more pieces of file information having validity;
  
  a judging unit that judges whether the decryption keys requested in the request message are valid by using the received version management information and the validity information;
  
  a determining unit that determines whether the decryption keys should be transmitted, based on a combination of the decryption keys requested in the request message, when the judging unit has judged that the decryption keys are valid; and
  
  a key transmitting unit that reads the decryption keys corresponding to the combination requested in the request message from the first storage unit and transmits the read decryption keys to the communication apparatus, when the determining unit has determined that the decryption keys should be transmitted.
- View Dependent Claims (14, 15, 16)
- - 14. The server according to claim 13, wherein the second storage unit stores the validity information indicating the version management information that is information showing one or more versions of the one or more pieces of file information having validity.
  - 15. The server according to claim 13, wherein the second storage unit stores the validity information indicating the version management information that is information showing a time at which each of the one or more pieces of file information having validity was generated.
  - 16. The server according to claim 13, wherein the second storage unit stores the validity information indicating the version management information that is a calculated value obtained by performing a predetermined calculation process by using all or a part of the first and the second encrypted pieces indicated in any of the one or more pieces of file information having validity.

17. A key server that communicates with a communication apparatus that receives a plurality of pieces that constitute a part of a content, comprising:
- a request receiving unit that receives, from the communication apparatus, a request message for requesting decryption keys each of which is used for decrypting the one of a first encrypted piece and a second encrypted piece corresponding to a different one of the pieces, a plurality of first encrypted pieces being obtained by encrypting the plurality of pieces each with a first encryption key, one or more second encrypted pieces being obtained by encrypting one or more of the plurality of pieces each with a second encryption key, for each of the pieces, the first encryption key being different from the second encryption key, the communication apparatus receives, for each of the pieces, one of the first encrypted piece and the second encrypted piece from another communication apparatus;
  
  a first storage unit that stores the decryption keys;
  
  a second storage unit that stores storing judgment information used for judging whether the communication apparatus stores encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted pieces corresponding to a different one of the pieces;
  
  a request transmitting unit that transmits, to the communication apparatus, an information request message for requesting storing proof information to prove that the communication apparatus stores the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted pieces corresponding to a different one of the pieces;
  
  an information receiving unit that receives the storing proof information from the communication apparatus;
  
  a storing proof judging unit that judges whether the communication apparatus stores the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted piece corresponding to a different one of the pieces, by using the received storing proof information and the stored storing judgment information;
  
  a determining unit that determines whether the decryption keys should be transmitted, based on a combination of the decryption keys requested in the request message, when the storing proof judging unit has judged that the communication apparatus stores the encrypted pieces; and
  
  a key transmitting unit that reads the decryption keys corresponding to the combination requested in the request message from the first storage unit and transmits the read decryption keys to the communication apparatus, when the determining unit has determined that the decryption keys should be transmitted.
- View Dependent Claims (18, 19, 20)
- - 18. The server according to claim 17, whereinthe request transmitting unit includesa selecting unit that selects selected encrypted pieces that correspond to at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece, the selected encrypted pieces being selected out of the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted piece corresponding to a different one of the pieces;
    - anda first transmitting unit that transmits, to the communication apparatus, an information request message for requesting the storing proof information that is a calculated value obtained by performing a predetermined calculation process by using the selected encrypted pieces that correspond to the at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece, andthe information receiving unit receives the storing proof information transmitted from the communication apparatus in response to the information request message and that is the calculated value obtained by performing the predetermined calculation process by using the selected encrypted pieces that correspond to the at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece.
  - 19. The server according to claim 17, whereinthe second storage unit stores all or a part of the first and the second encrypted pieces,the request transmitting transmits, to the communication apparatus, the information request message for requesting the storing proof information that is all or a part of data obtained by joining together selected encrypted pieces that correspond to at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece, the selected encrypted pieces being selected out of the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted piece corresponding to a different one of the pieces,the information receiving unit receives the storing proof information transmitted from the communication apparatus in response to the information request message and that is all or the part of the data obtained by joining together the selected encrypted pieces that correspond to the at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece, andthe storing proof judging unit judges whether the communication apparatus stores the encrypted pieces that are to be decrypted by using the decryption keys requested in the request message and each of which is the one of the first encrypted piece and the second encrypted piece, by using the received data and the data obtained by joining together the selected encrypted pieces that correspond to the at least two of the pieces and each of which is the one of the first encrypted piece and the second encrypted piece, the selected encrypted pieces being selected from all or the part of the first and the second encrypted pieces stored in the second storage unit.
  - 20. The server according to claim 17, further comprising a second storage unit that stores pieces of sequence information that respectively indicate combinations of the decryption keys that have already been transmitted in correspondence with the pieces, whereinthe determining unit determines whether the decryption keys should be transmitted by judging whether the second storage unit stores a piece of sequence information indicating the combination of the decryption keys requested in the request message, when all the decryption keys have judged to be valid.

21. A management server that communicates with a communication apparatus that receives a plurality of pieces that constitute a part of a content, comprising:
- a first storage unit that stores connection destination information used for accessing the another communication apparatus, a plurality of first encrypted pieces being obtained by encrypting the plurality of pieces each with a first encryption key, one or more second encrypted pieces being obtained by encrypting one or more of the plurality of pieces each with a second encryption key, for each of the pieces, the first encryption key being different from the second encryption key, file information indicates all or a part of the first and the second encrypted pieces and is in correspondence with version management information with which it is possible to judge whether the file information has validity, the communication apparatus receives, for each of the pieces, one of the first encrypted piece and the second encrypted piece from another communication apparatus, by using the file information; and
  
  an information transmitting unit that transmits the connection destination information used for accessing the another communication apparatus, when the communication apparatus has accessed the management server by using first access information that is in correspondence with the file information and is used for accessing the management server.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The server according to claim 21, further comprising an information obtaining unit that obtains the version management information of the file information stored in the communication apparatus, whereinthe information transmitting unit includesa grouping unit that organizes at least one of the communication apparatus and the another communication apparatus into a group, by using the version management information;
    - anda transmitting unit that transmits the connection destination information used for accessing the another communication apparatus that belongs to a group to which the communication apparatus belongs.
  - 23. The server according to claim 21, whereinthe information transmitting unit includesa grouping unit that organizes communication apparatuses into one or more groups in such a manner that at least one of the communication apparatus and the another communication apparatus belongs to at least one of the groups and that all or a part of the first and the second encrypted pieces indicated in the file information are different for each of the groups;
    - anda transmitting unit that reads the connection destination information used for accessing the another communication apparatus that belongs to a group to which the communication apparatus belongs out of the first storage unit and transmits the read connection destination information.
  - 24. The server according to claim 21, further comprising a receiving unit that receives, from an external apparatus, a halt request message for requesting that transmission of the connection destination information should be halted in a case where the file information has been updated, and also, the first access information that is in correspondence with the file information has been changed, whereinthe information transmitting unit does not transmit the connection destination information to the communication apparatus that has accessed the management server, when the receiving unit has received the halt request message.
  - 25. The server according to claim 21, further comprising:
    - a receiving unit that receives, from an external apparatus, a halt request message for requesting that transmission of the connection destination information should be halted and list information indicating pieces of communication apparatus identification information for identifying communication apparatuses to which the connection destination information should not be transmitted, when the file information has been updated and the first access information in correspondence with the file information has been changed; and
      
      an obtaining unit that obtains a piece of communication apparatus identification information for identifying the communication apparatus from the communication apparatus that has accessed the management server, whereinthe information transmitting unit does not transmit the connection destination information to any communication apparatus that has accessed the management server but whose piece of communication apparatus identification information is listed in the list information, when the receiving unit has received the halt request message and the list information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Toyama, Haruhiko, Umesawa, Kentaro, Koike, Ryuiti, Matsumoto, Hideki, Sato, Hideaki, Kato, Taku, Matsushita, Tatsuyuki, Kambayashi, Toru, Ito, Satoshi

Application Number

US12/368,674
Publication Number

US 20100008509A1
Time in Patent Office

Days
Field of Search
US Class Current

380/279
CPC Class Codes

H04L 2209/60   Digital content management,...

H04L 2463/062   applying encryption of the ...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/083   involving central third par...

COMMUNICATION APPARATUS, KEY SERVER, AND MANAGEMENT SERVER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

109 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

COMMUNICATION APPARATUS, KEY SERVER, AND MANAGEMENT SERVER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

109 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links