User key management method for broadcast encryption (BE)
First Claim
1. An encryption key management method of an encryption key management system for a broadcast encryption (BE) of a data transmission system, comprising:
- generating a plurality of subgroups, each subgroup consisting of at least one of a plurality of nodes, and forming layers according to a number of nodes which form the subgroup;
assigning prime numbers to the subgroups not to overlap one another, and connecting a subgroup at an upper layer with a subgroup, which includes nodes forming the subgroup of the upper layer, at a lower layer; and
re-assigning a prime number assigned to a subgroup at an upper layer, a prime number assigned to an unconnected subgroup at the same layer, and a prime number assigned to an unconnected subgroup at a lower layer, to each of the subgroups, and assigning an encryption key which is generated from the re-assigned prime numbers only except for the prime numbers assigned by the assigning to each of the subgroups,wherein, if a revoked node is included in the nodes, a session key is encrypted using an encryption key which is assigned to a subgroup consisting of nodes other than the revoked node, thereby the revoked node is not capable of obtaining the session key.
1 Assignment
0 Petitions
Accused Products
Abstract
A broadcast encryption (BE) for acquiring an encryption key which is used to decrypt a session key by a node receiving services, with less computation overhead. A plurality of subgroups, each consisting of at least one of a plurality of nodes, are generated, and layers are formed according to a number of nodes which form the subgroup. Prime numbers are assigned to the subgroups not to overlap one another, and a subgroup at an upper layer is connected with a subgroup, which includes nodes forming the subgroup of the upper layer, at a lower layer. A prime number assigned to a subgroup at an upper layer, a prime number assigned to an unconnected subgroup at the same layer, and a prime number assigned to a subgroup at a lower layer, are re-assigned to each subgroup, and an encryption key which is generated from the re-assigned prime numbers is assigned to the each group.
5 Citations
7 Claims
-
1. An encryption key management method of an encryption key management system for a broadcast encryption (BE) of a data transmission system, comprising:
-
generating a plurality of subgroups, each subgroup consisting of at least one of a plurality of nodes, and forming layers according to a number of nodes which form the subgroup; assigning prime numbers to the subgroups not to overlap one another, and connecting a subgroup at an upper layer with a subgroup, which includes nodes forming the subgroup of the upper layer, at a lower layer; and re-assigning a prime number assigned to a subgroup at an upper layer, a prime number assigned to an unconnected subgroup at the same layer, and a prime number assigned to an unconnected subgroup at a lower layer, to each of the subgroups, and assigning an encryption key which is generated from the re-assigned prime numbers only except for the prime numbers assigned by the assigning to each of the subgroups, wherein, if a revoked node is included in the nodes, a session key is encrypted using an encryption key which is assigned to a subgroup consisting of nodes other than the revoked node, thereby the revoked node is not capable of obtaining the session key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification