Information processing apparatus, information processing method, and information processing program

US 7,685,422 B2
Filed: 05/17/2005
Issued: 03/23/2010
Est. Priority Date: 05/18/2004
Status: Active Grant

First Claim

Patent Images

1. An information processing apparatus which transmits encrypted contents for copyright protection to a communication apparatus via a network, comprising:

an authentication/key exchange unit configured to perform authentication/key exchange processing with the communication apparatus through a first communication connection, and generate a first key shared with the communication apparatus;

a round trip time measuring unit configured to send a round trip time measuring request including an encrypted value obtained by encrypting a measuring request identifier to the communication apparatus through the first communication connection, the measuring request identifier is updated every time the round trip time measuring request is sent and shared with the communication apparatus, to measure the round trip time indicating a time that a measuring request response for the request is received, and configured to check whether the measured round trip time is within a predetermined time, to check whether an encrypted value included in the measuring request response coincides with a value which is obtained by encrypting the measuring request identifier by using the first key, and to check whether a transmitting source of the round trip request response is the communication apparatus sharing the first key;

an unique ID receiver which receives identification information unique to the communication apparatus encrypted by using the first key through the first communication connection when the round trip time measuring unit succeeds in the checking, and decrypts the unique identification information;

an ID register unit configured to register the identification information unique to the communication apparatus decrypted by the unique ID receiver;

a common key transmitter which encrypts a second key used for contents transmission by using the first key and sends the encrypted second key through the first communication connection when the round trip time measuring unit succeeds in the checking;

an ID decryption unit configured to receive a contents sending request sent from the communication apparatus through a second communication connection and decrypt identification information unique to the communication apparatus encrypted by the first key included in the contents sending request by using the first key;

an ID checking unit configured to check whether the unique identification information decrypted by the ID decryption unit is registered to the ID register unit; and

a contents transmitter which encrypts the contents requested by the communication apparatus by using the second key and sends the encrypted contents to the communication apparatus through the second communication connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing apparatus has an authentication/key exchange unit, a round trip time measuring unit, a common key transmitter, a contents key transmitter and a contents transmitter. The round trip time measuring unit sends a round trip time measuring request generated to the communication apparatus through the first communication connection to measure the round trip time, and check whether the measured round trip time is within a predetermined time and whether a transmitting source of the round trip request response is the communication apparatus sharing the first key. The common key transmitter encrypts a second key used for contents transmission by using the first key and transmits the encrypted second key through the first communication connection when the round trip time measuring unit succeeds in the checking. The contents transmitter encrypts the contents requested by the communication apparatus by using the second key and sends the encrypted contents to the communication apparatus through the second communication connection.

Citations

26 Claims

1. An information processing apparatus which transmits encrypted contents for copyright protection to a communication apparatus via a network, comprising:
- an authentication/key exchange unit configured to perform authentication/key exchange processing with the communication apparatus through a first communication connection, and generate a first key shared with the communication apparatus;
  
  a round trip time measuring unit configured to send a round trip time measuring request including an encrypted value obtained by encrypting a measuring request identifier to the communication apparatus through the first communication connection, the measuring request identifier is updated every time the round trip time measuring request is sent and shared with the communication apparatus, to measure the round trip time indicating a time that a measuring request response for the request is received, and configured to check whether the measured round trip time is within a predetermined time, to check whether an encrypted value included in the measuring request response coincides with a value which is obtained by encrypting the measuring request identifier by using the first key, and to check whether a transmitting source of the round trip request response is the communication apparatus sharing the first key;
  
  an unique ID receiver which receives identification information unique to the communication apparatus encrypted by using the first key through the first communication connection when the round trip time measuring unit succeeds in the checking, and decrypts the unique identification information;
  
  an ID register unit configured to register the identification information unique to the communication apparatus decrypted by the unique ID receiver;
  
  a common key transmitter which encrypts a second key used for contents transmission by using the first key and sends the encrypted second key through the first communication connection when the round trip time measuring unit succeeds in the checking;
  
  an ID decryption unit configured to receive a contents sending request sent from the communication apparatus through a second communication connection and decrypt identification information unique to the communication apparatus encrypted by the first key included in the contents sending request by using the first key;
  
  an ID checking unit configured to check whether the unique identification information decrypted by the ID decryption unit is registered to the ID register unit; and
  
  a contents transmitter which encrypts the contents requested by the communication apparatus by using the second key and sends the encrypted contents to the communication apparatus through the second communication connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. An information processing apparatus according to claim 1, further comprising an RTT measuring skip unit configured to skip the round trip time measurement sent from the communication apparatus at next time if the unique identification information of the communication apparatus is registered to the ID register unit.
  - 3. An information processing apparatus according to claim 1, further comprising a deletion notification unit configured to notify the communication apparatus of a deletion through the first communication connection when the unique identification information is deleted from the ID register unit during transmission of the contents.
  - 4. An information processing apparatus according to claim 1, further comprising a first authentication information generator which generates first authentication information by using round trip time measuring request identification information shared with the communication apparatus, a first random number, a second random number sent from the communication apparatus and the first key;
    - an authentication information checking unit configured to receive second authentication information generated by the communication apparatus by using measuring request response identification information included in the measuring request response sent from the communication apparatus, the first random number, the second random number and the first key, and check them based on the first authentication information; and
      
      an authentication information checking request unit configured to request the checking of the first authentication information to the communication apparatus when the authentication information checking unit succeeds in the checking,wherein the round trip time measuring unit sends a header of a UDP datagram, a sequence number corresponding to the round trip time measuring request identification information of which a value is updated every time the round trip time measuring request is performed, and the round trip time measuring request including the first random number and the sequence number, and receives the measuring request response including the second random number and the sequence number.
  - 5. An information processing apparatus according to claim 1, wherein the ID checking unit receives the identification information unique to the communication apparatus, which is encrypted by the first key and included in an HTTP request header, when HTTP is used for the contents sending request sent from the communication apparatus.
  - 6. An information processing apparatus according to claim 1, further comprising a receivable state notification receiver which receives a notification from the communication apparatus, which notifies that the communication apparatus is in a state where the communication apparatus can receive the round trip time measuring request,wherein the round trip time measuring unit sends the round trip time measuring request to the communication apparatus after the receivable state notification is received.
  - 7. An information processing apparatus according to claim 1, further comprising:
    - an ID search request receiver which receives a request for searching the identification information unique to the communication apparatus sent from the communication apparatus, before the round trip time measuring request is sent to the communication apparatus;
      
      an ID search unit configured to search whether the identification information unique to the communication apparatus is registered to the ID register unit, based on the ID search request;
      
      a search result transmitter which sends a result searched by the ID search unit to the communication apparatus; and
      
      a no-necessity notification unit configured to receive a notification from the communication, which indicates that the communication apparatus does not need to measure the round trip time,wherein the round trip time measuring unit cancels the round trip time measuring request when the ID searching unit confirms registration to the ID register unit and the communication apparatus receives a no-necessity notification of the round trip time measuring request.

8. An information processing apparatus which transmits encrypted contents for copyright protection to a communication apparatus via a network, comprising:
- an authentication/key exchange unit configured to perform authentication/key exchange processing with the communication apparatus through a first communication connection, and generate a first key shared with the communication apparatus;
  
  a round trip time measuring unit configured to send a round trip time measuring request including an encrypted value obtained by encrypting a measuring request identifier to the communication apparatus through the first communication connection, the measuring request identifier is updated every time the round trip time measuring request is sent and shared with the communication apparatus, to measure the round trip time indicating a time that a measuring request response for the request is received, and configured to check whether the measured round trip time is within a predetermined time, to check whether an encrypted value which is included in the measuring request response coincides with a value obtained by encrypting the measuring request identifier by using the first key and to check whether a transmitting source of the round trip request response is the communication apparatus sharing the first key;
  
  a common key transmitter which encrypts a second key used for contents transmission by using the first key and transmits the encrypted second key through the first communication connection when the round trip time measuring unit succeeds in the checking; and
  
  a contents transmitter which encrypts the contents requested by the communication apparatus by using the second key and sends the encrypted contents to the communication apparatus through the second communication connection.
- View Dependent Claims (9, 10, 11, 12, 13, 25, 26)
- - 9. An information processing apparatus according to claim 8, further comprising an ID register unit configured to register the identification information which is unique to the communication apparatus and is sent from the communication apparatus, the identification information being included in its certificate used in the authentication/key exchange processing through the first communication connection when the round trip time measuring unit succeeds in the checking.
  - 10. An information processing apparatus according to claim 9 further comprising an RTT measuring skip unit configured to skip the round trip time at next time if the unique identification information is registered to the ID register unit.
  - 11. An information processing apparatus according to claim 8, further comprising a first authentication information generator which generates first authentication information by using round trip time measuring request identification information shared with the communication apparatus, a first random number, a second random number sent from the communication apparatus and the first key;
    - an authentication information checking unit configured to receive second authentication information generated by the communication apparatus by using measuring request response identification information included in the measuring request response sent from the communication apparatus, the first random number, the second random number and the first key, and check them based on the first authentication information; and
      
      an authentication information checking request unit configured to request the checking of the first authentication information to the communication apparatus when the authentication information checking unit succeeds in the checking,wherein the round trip time measuring unit sends a sequence number corresponding to the round trip time measuring request identification information of which a value is updated every time the round trip time measuring request is performed, and the round trip time measuring request including the sequence number, and receives the measuring request response including the second random number and the sequence number.
  - 12. An information processing apparatus according to claim 8, further comprising a receivable state notification receiver which receives a notification from the communication apparatus, which notifies that the communication apparatus is in a state that the communication apparatus can receive the round trip time measuring request,wherein the round trip time measuring unit sends the round trip time measuring request to the communication apparatus after the receivable state notification is received.
  - 13. An information processing apparatus according to claim 9, further comprising:
    - an ID search request receiver which receives a request for searching the identification information unique to the communication apparatus sent from the communication apparatus, before the round trip time measuring request is sent to the communication apparatus;
      
      an ID search unit configured to search whether the identification information unique to the communication apparatus is registered to the ID register unit, based on the ID search request;
      
      a search result transmitter which sends a result searched by the ID search unit to the communication apparatus; and
      
      a no-necessity notification unit configured to receive a notification from the communication, which indicates that the communication apparatus does not need to measure the round trip time measuring request,wherein the round trip time measuring unit cancels the round trip time measuring request when the ID searching unit confirms registration to the ID register unit and the communication apparatus receives a no-necessity notification of the round trip time measuring request.
  - 25. An information processing apparatus according to claim 8, wherein the round trip time measuring unit increments the measuring request identifier by 1 every time the round trip time measuring request is sent.
  - 26. An information processing apparatus according to claim 8, wherein the round trip time measuring unit sends the round trip time measuring request including an upper bit or upper bit string of the encrypted value obtained by encrypting the measuring request identifier by the first key, and receives the measuring request response including a lower bit or lower bit string of the encrypted value obtained by encrypting the measuring request identifier by the first key.

14. An information processing apparatus which receives encrypted contents for copyright protection sent from a communication apparatus via a network, comprising:
- an authentication/key exchange unit configured to perform authentication/key exchange processing with the communication apparatus by using a first communication connection and generate a first key shared with the communication apparatus;
  
  a round trip time measuring request response transmitter which receives a round trip time measuring request sent from the communication apparatus and including a first encrypted measuring request identifier encrypted by the first key, and sends a round trip time measuring request response including a second encrypted measuring request identifier obtained by encrypting a measuring request identifier by the first key, the measuring request identifier is shared with the communication apparatus and updated every time the round trip time measuring request is conducted;
  
  an ID transmitter which sends unique identification information encrypted by using the first key to the communication apparatus through the first communication connection when a round trip time measurement conducted with the communication apparatus fulfills a predetermined condition;
  
  a common key receiver which receives a second key encrypted by using the first key, which is sent by the communication apparatus through the first communication connection, when the round trip time measurement fulfills the predetermined condition;
  
  a contents request transmitter which sends a contents sending request to the communication apparatus through a second communication connection; and
  
  a contents receiver which receives the contents encrypted by using the second key, which is sent from the communication apparatus through the second communication connection, and decrypts the contents.
- View Dependent Claims (15, 16, 17, 18)
- - 15. An information processing apparatus according to claim 14, further comprising:
    - a first authentication information generator which generates first authentication information generated by using round trip time measuring request response identification information shared with the communication apparatus, a first random number, a second random number sent from the communication apparatus and the first key;
      
      an authentication information checking unit configured to receive the round trip time measuring request identification information included in the round time measurement request sent from the communication apparatus, the first random number, the second random number and the first key, and check them based on the first authentication information; and
      
      a checking result transmitter which transmits a result checked by the authentication information checking unit to the communication apparatus,wherein the round trip time measuring request response transmitter receives a header of UDP datagram, a sequence number corresponding to the round trip time measuring request response updated every time the round trip time measuring request is conducted, and a round trip time measuring request including the second random number and the sequence number, and sends the header of UDP datagram, the sequence number and the round trip time measuring request response including the first random number and the sequence number.
  - 16. An information processing apparatus according to claim 14, wherein the ID transmitter sends the encrypted unique identification information encrypted by the first key to the communication apparatus including in HTTP request header, when HTTP is used for the contents sending request.
  - 17. An information processing apparatus according to claim 14, further comprising a receivable state notification unit configured to send a notification indicating that the communication apparatus is in a state where the round trip time measuring request can be received from the communication apparatus.
  - 18. An information processing apparatus according to claim 14, further comprising:
    - an ID search request transmitter which requests the communication apparatus to search whether the communication apparatus holds the unique identification information before receiving the round trip time measuring request from the communication apparatus;
      
      a search result receiver which receives a result searched by the communication apparatus based on the ID search request; and
      
      a measuring request no-necessity notification unit configured to notify the communication apparatus that the round trip time measuring request is unnecessary when detected that the communication apparatus holds the unique identification information based on a result received by the search result receiver.

19. An information processing apparatus which receives encrypted contents for copyright protection sent from a communication apparatus via a network, comprising:
- an ID transmitter which sends an authentication request and unique identification information to the communication apparatus through a first communication connection;
  
  an authentication/key exchange unit configured to perform authentication/key exchange processing with the communication apparatus by using the first communication connection and generate a first key shared with the communication apparatus;
  
  a round trip time measuring request response transmitter which receives a round trip time measuring request sent from the communication apparatus and including a first encrypted measuring request identifier encrypted by the first key, and sends a round trip time measuring request response including a second encrypted measuring request identifier obtained by encrypting a measuring request identifier by the first key, the measuring request identifier is shared with the communication apparatus and updated every time the round trip time measuring request is conducted;
  
  a common key receiver which receives a second key encrypted by using the first key, which is sent by the communication apparatus through the first communication connection, when a result of the round trip time measurement fulfills the predetermined condition;
  
  a contents request transmitter which sends a contents request to the communication apparatus through a second communication connection; and
  
  a contents receiver which receives the contents encrypted by using the second key, which is sent from the communication apparatus through the second communication connection, and decrypts the contents.
- View Dependent Claims (20, 21, 22)
- - 20. An information processing apparatus according to claim 19, further comprising:
    - a first authentication information generator which generates first authentication information generated by using round trip time request response identification information shared with the communication apparatus, a first random number, a second random number sent from the communication apparatus, and the first key;
      
      an authentication information checking unit configured to receive second authentication information generated by using the round trip time measuring request identification information included in the round trip time measuring request sent from the communication apparatus, the first random number, the second random number and the first key, and check the second authentication information based on the first authentication information; and
      
      a checking result transmitter which transmits a result checked by the authentication information checking unit to the communication apparatus,wherein the round trip time measuring request response transmitter receives a round trip time measuring request including a sequence number corresponding to the round trip time measuring request updated every time the round trip time measuring request is conducted and the round trip time measuring request including the second random number and the sequence number, and sends the sequence number and a round trip time measuring request response including the first random number and the sequence number.
  - 21. An information processing apparatus according to claim 19, further comprising a receivable state notification transmitter which transmits a receivable state notification indicating that the communication apparatus is in a state where the round trip time measuring request can be received from the communication apparatus.
  - 22. An information processing apparatus according to claim 19, further comprising:
    - an ID search request transmitter which requests the communication apparatus to search whether the communication apparatus holds the unique identification information before receiving the round trip time measuring request is received from the communication apparatus;
      
      a search result receiver which receives a result searched by the communication apparatus based on the ID search request; and
      
      a measuring request no-necessity notification unit configured to notify the communication apparatus that the round trip time measuring request is unnecessary when detected that the communication apparatus holds the unique identification information based on a result received by the search result receiver.

23. An information processing method which transmits encrypted contents for copyright protection from a first communication apparatus to a second communication apparatus via a network, comprising:
- performing an authentication/key exchange processing between the first and second communication apparatuses through a first communication connection, to generate a first key shared between the first and second communication apparatuses;
  
  transmitting a round trip time measuring request including an encrypted value obtained by encrypting a measuring request identifier from the first communication apparatus to the second communication apparatus through the first communication connection, the measuring request identifier being updated every time the round trip time measuring request is sent and shared with the communication apparatus, to measure a round trip time indicating a time that a measuring request response for the request is received, checking whether the measured round trip time is within a predetermined time, checking whether an encrypted value included in the measuring request response coincides with a value being obtained by encrypting the measuring request identifier by using the first key, and checking whether a transmitting source of the round trip request response is the communication apparatus sharing the first key;
  
  encrypting a second key used for contents transmission and transmitting the second key to the second communication apparatus through the first communication connection when the first communication apparatus succeeds in both of the checking; and
  
  encrypting contents requested from the second communication by using the second key, and transmitting the encrypted contents to the second communication apparatus through a second communication connection.

24. A computer readable medium comprising a computer program code capable of executing by computer, which transmits encrypted contents for copyright protection from a first communication apparatus to a second communication apparatus via a network, the computer program comprising:
- performing an authentication/key exchange processing between the first and second communication apparatuses through a first communication connection, to generate a first key shared between the first and second communication apparatuses;
  
  transmitting a round trip time measuring request including an encrypted value obtained by encrypting a measuring request identifier from the first communication apparatus to the second communication apparatus through the first communication connection, the measuring request identifier being updated every time the round trip time measuring request is sent and shared with the communication apparatus, to measure a round trip time indicating a time that a measuring request response for the request is received, checking whether the measured round trip time is within a predetermined time, checking whether an encrypted value included in the measuring request response coincides with a value being obtained by encrypting the measuring request identifier by using the first key, and checking whether a transmitting source of the round trip request response is the communication apparatus sharing the first key;
  
  encrypting a second key used for contents transmission and transmitting the second key to the second communication apparatus through the first communication connection when the first communication apparatus succeeds in both of the checking; and
  
  encrypting contents requested from the second communication by using the second key, and transmitting the encrypted contents to the second communication apparatus through a second communication connection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Isozaki, Hiroshi, Kokubo, Takashi, Kanazawa, Koji
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
SHEHNI, GHAZAL B

Application Number

US11/130,135
Publication Number

US 20050259824A1
Time in Patent Office

1,771 Days
Field of Search

713168-181, 380/201, 726/4, 726 27- 30
US Class Current

713/171
CPC Class Codes

H04L 2463/101   applying security measures ...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

Information processing apparatus, information processing method, and information processing program

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Information processing apparatus, information processing method, and information processing program

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links