Broadcast encryption
First Claim
1. A selective broadcasting method operative to transmit a plurality of message data signals to a corresponding plurality of subscriber subsets within a set of subscribers, the method comprising:
- receiving an indication of a privileged set comprising an individual subset; and
transmitting a message data signal from which a key can be extracted by members of the privileged set and cannot be extracted by any set of members outside the privileged set whose number of members is less than a predetermined resiliency,wherein the length of the message data signal is less than the sum of lengths of the message data signals required if an individual message data signal is transmitted to each subscriber in the privileged set.
3 Assignments
0 Petitions
Accused Products
Abstract
A selective broadcasting method operative to transmit a plurality of message data signals to a corresponding plurality of subscriber subsets within a set of subscribers, the method comprising receiving an indication of a privileged set comprising an individual subset and transmitting a message data signal from which a key can be extracted by members of the privileged set and cannot be extracted by any set of members outside the privileged set whose number of members is less than a predetermined resiliency, wherein the length of the message data signal is less than the sum of lengths of the message data signals required if an individual message data signal is transmitted to each subscriber in the privileged set.
144 Citations
20 Claims
-
1. A selective broadcasting method operative to transmit a plurality of message data signals to a corresponding plurality of subscriber subsets within a set of subscribers, the method comprising:
-
receiving an indication of a privileged set comprising an individual subset; and transmitting a message data signal from which a key can be extracted by members of the privileged set and cannot be extracted by any set of members outside the privileged set whose number of members is less than a predetermined resiliency, wherein the length of the message data signal is less than the sum of lengths of the message data signals required if an individual message data signal is transmitted to each subscriber in the privileged set. - View Dependent Claims (12, 13, 14, 15)
-
-
2. A selective broadcasting method operative to transmit a plurality of message data signals to a corresponding plurality of subsets within a set of subscribers, the method comprising:
-
receiving an indication of a privileged set comprising an individual subset; providing each subscriber with confidential information to be stored which requires a certain memory size; transmitting a message data signal from which a key can be extracted by members of the privileged set and cannot be extracted by any set of members outside the privileged set whose number of members is less than a predetermined resiliency, wherein at least one of the total subscriber memory size, for a privileged set of m subscribers, and the message data signal length are less than the subscriber memory size and message data signal length, respectively, required when 2l keys are provided to each subscriber, where l is an integer, and m/l message data signals are used to transmit a common key to a privileged set having m members.
-
-
3. A selective broadcasting method for broadcasting to a privileged set of subscribers from among a population of n subscribers, the method comprising:
-
providing a set of keys respectively corresponding to the set of all possible subscriber subsets within the subscriber population with less than a predetermined number k of members, wherein for each subset, the key corresponding thereto is provided only to those subscribers not belonging to the subset; providing a message data signal and selecting from among the subscriber population a privileged set of subscribers which is to exclusively receive the message data signal, and transmitting information identifying the privileged set; encrypting the message data signal using a key comprising the bitwise XOR of all keys corresponding to subsets which are disjoint to the privileged set; and broadcasting a data signal comprising the encrypted message. - View Dependent Claims (4, 7, 8)
-
-
5. A selective broadcasting method for broadcasting to a privileged set of subscribers from among a population of subscribers, the method comprising:
-
providing each subscriber i with a key g to the power of pi where g is a high index value unknown to the subscribers and wherein the pi values are selected such that, for any two subscribers i and j, pi and pj are relatively prime; providing a message data signal and selecting from among the subscriber population a privileged set of subscribers which is to exclusively receive the message data signal, and transmitting information identifying the privileged set; encrypting the message data signal using a key which is the modulo N value of g to the power of the product of the pi values of all subscribers i belonging to the privileged set, where N is a random hard to factor prime composite which is known to the subscribers; and broadcasting a data signal comprising the encrypted message. - View Dependent Claims (9)
-
-
6. A selective broadcasting method for broadcasting to a privileged set of subscribers from among a population U of n subscribers, the method comprising:
-
defining a plurality of 1 partitions of the population of subscribers, each partition comprising m subscriber sets; for each partition and for each subscriber set within the partition, providing a unique scheme which is one-resilient within said set and distributing keys to the subscribers in said subscriber set as indicated by the unique scheme; providing a value Mi for each partition i (i=1, . . . , l), at least some of which values are random; for each partition i and for each set j (j=1, . . . , m) within partition i, transmitting Mi to all privileged subscribers in set j using the scheme of set j under partition i; and transmitting a message data signal in encrypted form using a key which is the bitwise XOR of the Mi '"'"'s. - View Dependent Claims (10, 11)
-
-
16. A selective broadcasting system operative to transmit a plurality of message data signals to a corresponding plurality of subscriber subsets within a set of subscribers, the system comprising:
-
encrypting and broadcasting equipment operative to transmit a message data signal from which a key can be extracted by members of a privileged set and cannot be extracted by any set of members outside the privileged set whose number of members is less than a predetermined resiliency, wherein the length of the message data signal is less than the sum of lengths of the message data signals required if an individual message data signal is transmitted to each subscriber in the privileged set.
-
-
17. A selective broadcasting system operative to transmit a plurality of message data signals to a corresponding plurality of subsets within a set of subscribers, the system comprising:
-
a subscriber memory loaded with confidential information occupying a certain memory size; broadcasting equipment operative to transmit a message data signal from which a key can be extracted by members of a privileged set and cannot be extracted by any set of members outside the privileged set whose number of members is less than a predetermined resiliency, wherein at least one of the total occupied subscriber memory size, for a privileged set of m subscribers, and the message data signal length are less than the subscriber memory size and message data signal length, respectively, required when 2l keys are provided to each subscriber, where l is an integer, and m/l message data signals are used to transmit a common key to a privileged set having m members.
-
-
18. A selective broadcasting system for broadcasting to a privileged set of subscribers from among a population of n subscribers, the system comprising:
-
n subscriber memories storing a set of keys respectively corresponding to the set of all possible subscriber subsets within the subscriber population with less than a predetermined number k of members, wherein for each subset, the key corresponding thereto is stored only by those subscribers not belonging to the subset; an encryptor operative to encrypt a message data signal intended for a privileged set using a key comprising the bitwise XOR of all keys corresponding to subsets which are disjoint to the privileged set; and broadcasting equipment operative to broadcast information identifying the privileged set and a data signal comprising the encrypted message.
-
-
19. A selective broadcasting system for broadcasting to a privileged set of subscribers from among a population of subscribers, the system comprising:
-
a plurality of subscriber memories associated respectively with the subscribers, wherein the i'"'"'th subscriber memory associated with subscriber i stores a key g to the power of pi where g is a high index value unknown to the subscribers and wherein the pi values are selected such that, for any two subscribers i and j, pi and pj are relatively prime; encrypting a message data signal intended for a privileged set of subscribers using a key which is the modulo N value of g to the power of the product of the pi values of all subscribers i belonging to the privileged set, where N is a random hard to factor prime composite which is known to the subscribers; and broadcasting equipment operative to broadcast information identifying the privileged set and a data signal comprising the encrypted message.
-
-
20. A selective broadcasting system for broadcasting to a privileged set of subscribers from among a population U of n subscribers, the system comprising:
-
n subscriber memories associated with the n subscribers respectively, wherein for each of a plurality of l partitions of the population of subscribers, each partition comprising m subscriber sets and for each subscriber set within the partition, keys distributed according to a unique scheme which is one-resilient within said set are stored in the memories of all subscribers in said subscriber set, broadcasting apparatus operative, for each partition i and for each set j (j=1, . . . , m) within partition i, to transmit an Mi signal to all privileged subscribers in set j using the scheme of set j under partition i, wherein at least some of the Mi signals are random, the broadcasting apparatus also being operative to transmit a message data signal in encrypted form using a key which is the bitwise XOR of the Mi '"'"'s.
-
Specification