User key management method for broadcast encryption (BE)
First Claim
1. An encryption key management method of an encryption key management system for a broadcast encryption (BE) of a data transmission system, comprising:
- generating a plurality of subgroups, each subgroup consisting of at least one of a plurality of nodes, and forming layers according to a number of nodes which form the subgroup;
assigning prime numbers to the subgroups not to overlap one another, and connecting a subgroup at an upper layer with a subgroup, which includes nodes forming the subgroup of the upper layer, at a lower layer; and
re-assigning a prime number assigned to a subgroup at an upper layer, a prime number assigned to an unconnected subgroup at the same layer, and a prime number assigned to an unconnected subgroup at a lower layer, to each of the subgroups, and assigning an encryption key which is generated from the re-assigned prime numbers only except for the prime numbers assigned by the assigning to each of the subgroups,wherein, if a revoked node is included in the nodes, a session key is encrypted using an encryption key which is assigned to a subgroup consisting of nodes other than the revoked node, thereby the revoked node is not capable of obtaining the session key.
1 Assignment
0 Petitions
Accused Products
Abstract
A broadcast encryption (BE) for acquiring an encryption key which is used to decrypt a session key by a node receiving services, with less computation overhead. A plurality of subgroups, each consisting of at least one of a plurality of nodes, are generated, and layers are formed according to a number of nodes which form the subgroup. Prime numbers are assigned to the subgroups not to overlap one another, and a subgroup at an upper layer is connected with a subgroup, which includes nodes forming the subgroup of the upper layer, at a lower layer. A prime number assigned to a subgroup at an upper layer, a prime number assigned to an unconnected subgroup at the same layer, and a prime number assigned to a subgroup at a lower layer, are re-assigned to each subgroup, and an encryption key which is generated from the re-assigned prime numbers is assigned to the each group.
5 Citations
7 Claims
-
1. An encryption key management method of an encryption key management system for a broadcast encryption (BE) of a data transmission system, comprising:
-
generating a plurality of subgroups, each subgroup consisting of at least one of a plurality of nodes, and forming layers according to a number of nodes which form the subgroup; assigning prime numbers to the subgroups not to overlap one another, and connecting a subgroup at an upper layer with a subgroup, which includes nodes forming the subgroup of the upper layer, at a lower layer; and re-assigning a prime number assigned to a subgroup at an upper layer, a prime number assigned to an unconnected subgroup at the same layer, and a prime number assigned to an unconnected subgroup at a lower layer, to each of the subgroups, and assigning an encryption key which is generated from the re-assigned prime numbers only except for the prime numbers assigned by the assigning to each of the subgroups, wherein, if a revoked node is included in the nodes, a session key is encrypted using an encryption key which is assigned to a subgroup consisting of nodes other than the revoked node, thereby the revoked node is not capable of obtaining the session key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
-
Current AssigneeSamsung Electronics Co. Ltd.
-
Original AssigneeSamsung Electronics Co. Ltd.
-
InventorsUrivskiy, Alexei V., Chmora, Andrey L.
-
Primary Examiner(s)Orgad; Edan
-
Assistant Examiner(s)Tolentino; Roderick
-
Application NumberUS11/285,296Publication NumberTime in Patent Office2,176 DaysField of Search380/278, 380/277, 705/71, 713/171, 726/1, 726/2, 726/22, 726/26US Class Current380/278CPC Class CodesG06Q 20/3829 involving key managementH04L 2209/601 Broadcast encryptionH04L 9/0836 using tree structure or hie...H04L 9/0891 Revocation or update of sec...
