Data protection system that protects data by encrypting the data
First Claim
1. A decryption key determining device that determines decryption key groups for use in decryption to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, the decryption key determining device comprising:
- a non-transitory storage device storing a program, the program being executable by at least one processor;
a decryption key setting unit configured for;
(a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member,(b) determining a correspondence between an individual decryption key and each terminal and each determined terminal group,(c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member,(d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, andwhen each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three,(e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes,(f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node,(g) storing an individual decryption key in correspondence with each node in the lowest level,(h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, and(i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; and
a decryption key group assignment unit configured for;
(a) determining, for each terminal, a decryption key group based on the corresponding decryption key and the decryption keys corresponding with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal, respectively,(b) determining, for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as a decryption key group to be assigned to the terminal, and(c) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal,wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern.
0 Assignments
0 Petitions
Accused Products
Abstract
A data protection system includes terminals, and an encryption device that encrypts distribution data distributed to each terminal. Each terminal corresponds with one node on a lowest level of a tree structure having hierarchies. A data protection system excludes nodes on the lowest level, determines a plurality of combination patterns that include combinations of two or more of all four nodes that are reached one level below the node, decides an individual decryption key for each determined combination pattern, and decides an individual decryption key for each node on the lowest level. The data protection system prescribes nodes that are reached from the node on the lowest level and a terminal to the node on the highest level that is an invalid node. For invalid nodes, the data protection system designates an encryption key that corresponds to the decryption key determined in correspondence with the combination pattern that combines all nodes, excluding invalid nodes, and encrypts distribution data that uses each of the designated encryption keys.
52 Citations
24 Claims
-
1. A decryption key determining device that determines decryption key groups for use in decryption to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, the decryption key determining device comprising:
-
a non-transitory storage device storing a program, the program being executable by at least one processor; a decryption key setting unit configured for; (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member, (b) determining a correspondence between an individual decryption key and each terminal and each determined terminal group, (c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member, (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three, (e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes, (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node, (g) storing an individual decryption key in correspondence with each node in the lowest level, (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, and (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; and a decryption key group assignment unit configured for; (a) determining, for each terminal, a decryption key group based on the corresponding decryption key and the decryption keys corresponding with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal, respectively, (b) determining, for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as a decryption key group to be assigned to the terminal, and (c) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern. - View Dependent Claims (2, 3)
-
-
4. A decryption key determining method that determines decryption key groups, for use in decryption, to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, the decryption key determining method comprising:
-
in a decryption key setting unit, the decryption key setting unit including a non-transitory storage device storing a program, the program being executable by a processor; (a) determining, using the processor, two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member; (b) determining a correspondence between an individual decryption key and each terminal and each determined terminal group; (c) determining the terminals groups so that that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member; (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three; (e) determining for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes; (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node; (g) storing an individual decryption key in correspondence with each node in the lowest level; (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes; and (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; and in a decryption key group assignment unit, the decryption key group assignment unit including a non-transitory storage device storing a program, the program being executable by a processor; (a) determining, for each terminal, a decryption key group based on the corresponding decryption key and decryption keys corresponding with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal, respectively; (b) determining for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal; and (c) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern.
-
-
5. A non-transitory computer-readable recording medium having stored thereon a computer program causing a computer to execute a decryption key determining processing steps that determines decryption key groups, for use in decryption, to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, the decryption key determining processing steps comprising:
-
(a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member; (b) determining a correspondence between an individual decryption key and each terminal and each determined terminal group; (c) determining the terminals groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member as another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member; (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three; (e) determining for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes; (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node; (g) storing an individual decryption key in correspondence with each node in the lowest level; (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes; (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; (j) determining, for each terminal, a decryption key group based on the corresponding decryption key and decryption keys corresponding with each terminal group in which the terminal is included, as a decryption key group to be assigned to the terminal, respectively; (k) determining for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal; and (l) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern.
-
-
6. A decryption terminal system including three or more terminals for obtaining encrypted data and decrypting the obtained encrypted data, each terminal comprising:
-
a non-transitory storage device storing a program, the program being executable by at least one processor; a decryption key group storage unit for storing a decryption key group including decryption keys that has been individually assigned to the terminal according to a predetermined key assignment method, the decryption key group storage unit being a non-transitory storage device; an encrypted data obtaining unit for obtaining encrypted data; and a decryption unit for decrypting the obtained encrypted data using one of the stored decryption keys, wherein the predetermined key assignment method comprises; (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member, (b) determining correspondence between one or more decryption keys individually and each terminal and each determined terminal group, (c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member as another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member, (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three, (e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes, (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node, (g) storing an individual decryption key in correspondence with each node in the lowest level, (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined, (j) assigning, to each terminal, the decryption key group, where the decryption key group is based on the decryption key determined in correspondence with the terminal and decryption keys determined in correspondence with all terminal groups that include the terminal, (k) assigning to each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal, and (l) assigning decryption keys to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern. - View Dependent Claims (7, 8, 9)
-
-
10. An encryption key designation device that designates one or more encryption keys to be used in encrypting distribution data that is distributed to three or more terminals, the encryption key designation device comprising:
-
a non-transitory storage device storing a program, the program being executable by at least one processor; a decryption key setting unit configured for; (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member, and (b) determining correspondence between one or more decryption keys individually and each terminal and each determined terminal group, (c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member, (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three, (e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes; (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node; (g) storing an individual decryption key in correspondence with each node in the lowest level, (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, and (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; and a decryption key group correspondence unit configured for; (a) determining, for each terminal, a decryption key group based on the decryption key determined in correspondence with the terminal and decryption keys determined in correspondence with all terminal groups that include the terminal, respectively; (b) determining for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal, and (c) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern; an invalid terminal designation unit for designating one or more terminals as invalid terminals; and an encryption key designation unit for, when all the decryption keys corresponding with the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, repeatedly selecting an assigned valid decryption key for the most terminals not designated as invalid terminals until all terminals not designated as invalid terminals have been assigned a selected valid decryption key, and designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the repeated selection. - View Dependent Claims (11, 12, 13)
-
-
14. An encryption device for encrypting distribution data that is to be distributed to three or more terminals, the encryption device comprising:
-
a non-transitory storage device storing a program, the program being executable by at least one processor; a decryption key setting unit configured for; (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member, and (b) determining correspondence of one or more decryption keys individually and each terminal and each determined terminal group, (c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member, (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three, (e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes, (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node, (g) storing an individual decryption key in correspondence with each node in the lowest level, (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, and (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; and a decryption key group correspondence unit configured for; (a) determining for each terminal, a decryption key group based on the decryption key determined in correspondence with the terminal and decryption keys determined in correspondence with all terminal groups that include the terminal, respectively, (b) determining for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal, and (c) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below the each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern; an invalid terminal designation unit for designating one or more terminals as invalid terminals; an encryption key designation unit for, when all the decryption keys corresponding with the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, repeatedly selecting an assigned valid decryption key for the most terminals not designated as invalid terminals until all terminals not designated as invalid terminals have been assigned a selected valid decryption key, and designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the repeated selection; an encryption unit for encrypting the distribution data successively by using all designated encryption keys, so as to generate an encrypted distribution data group; and an output unit for outputting the generated encrypted distribution data externally from the encryption device. - View Dependent Claims (15, 16, 17, 18)
-
-
19. An encryption key designation method that designates an encryption key to be used in encrypting distribution data that is distributed to three or more terminals, the encryption key designation method comprising:
-
in a decryption key setting unit; (a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member; (b) determining one or more decryption keys individually in correspondence with each terminal and each determined terminal group; (c) determining the terminals groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member; (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three; (e) determining for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes; (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node; (g) storing an individual decryption key in correspondence with each node in the lowest level; (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes; and (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; and in a decryption key group correspondence unit; (a) determining for each terminal, a decryption key group based on, in addition to the decryption key corresponding with the terminal, decryption keys prescribed in correspondence with all terminal groups that include the terminal, respectively; (b) determining for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal; and (c) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern; designating one or more terminals as invalid terminals; and when all the decryption keys corresponding with the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, repeatedly selecting an assigned valid decryption key for the most terminals not designated as invalid terminals until all terminals not designated as invalid terminals have been assigned a selected valid decryption key, and designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the repeated selection.
-
-
20. A non-transitory computer-readable recording medium storing a program for causing a computer to execute a designation processing that designates one or more encryption keys to be used in encrypting distribution data that is distributed to three or more terminals, the designation processing comprising:
-
(a) determining two or more terminal groups, which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups, and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups sharing the terminal as a member; (b) determining one or more decryption keys individually in correspondence with each terminal and each determined terminal group; (c) determining the terminals groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group with a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member; (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three; (e) determining for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes; (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node; (g) storing an individual decryption key in correspondence with each node in the lowest level; (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes; (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; (j) determining for each terminal, a decryption key group based on, in addition to the decryption key corresponding with the terminal, decryption keys prescribed in correspondence with all terminal groups that include the terminal, respectively; (k) determining for each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal; (l) determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal; (m) designating one or more terminals as invalid terminals; and (n) when all the decryption keys corresponding with the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, repeatedly selecting an assigned valid decryption key for the most terminals not designated as invalid terminals until all terminals not designated as invalid terminals have been assigned a selected valid decryption key, and designating encryption keys that respectively correspond to all of the valid decryption keys that are selected as a result of the repeated selection.
-
-
21. A decryption terminal that obtains encrypted data and decrypts the obtained encrypted data, the decryption terminal comprising:
-
a non-transitory storage device storing a program, the program being executable by at least one processor; a decryption key group storage unit for storing a decryption key group that has been individually assigned to the decryption terminal according to a predetermined key assignment method, the decryption key group storage unit being a non-transitory storage device; an encrypted data obtaining unit for obtaining encrypted data; and a decryption unit for decrypting the obtained encrypted data by using one of the stored decryption keys, wherein the predetermined key assignment method, when there are three or more terminals including the decryption terminal, comprises; (a) determining two or more terminal groups so that the decryption terminal belongs to a plurality of terminal groups, where each of the plurality of terminal groups includes two or more terminals as members, and the plurality of terminal groups exist so that a terminal group that includes the decryption terminal as a member does not completely include another one of the plurality of terminal groups and is not completely included in another one of the plurality of terminal groups, (b) determining one or more individual decryption keys in correspondence with the decryption terminal and in correspondence with each determined terminal group, (c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member, (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three, (e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes, (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node, (g) storing an individual decryption key in correspondence with each node in the lowest level, (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined, (j) assigning, to the decryption terminal, a decryption key group based on the one or more individual decryption keys determined in correspondence with the decryption terminal and one or more individual decryption keys determined in correspondence with all the terminal groups that include the decryption terminal, (k) assigning to each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal, and (l) assigning decryption keys to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern.
-
-
22. A decryption terminal that obtains encrypted data and decrypts the obtained encrypted data, the decryption terminal comprising:
-
a non-transitory storage device storing a program, the program being executable by at least one processor; a decryption key group storage unit for storing a decryption key group that has been individually assigned to the decryption terminal according to a predetermined key assignment method, the decryption key group storage unit being a non-transitory storage device; an encrypted data obtaining unit for obtaining encrypted data; and a decryption unit for decrypting the obtained encrypted data by using one of the stored decryption keys, wherein the predetermined key assignment method comprises; (a) determining two or more terminal groups so that the decryption terminal belongs to a plurality of terminal groups, where each of the plurality of terminal groups includes two or more terminals as members, and the plurality of terminal groups exist so that a terminal group that includes the decryption terminal as a member does not completely include another one of the plurality of terminal groups and is not completely included in another one of the plurality of terminal groups, (b) determining one or more individual decryption keys in correspondence with the decryption terminal and in correspondence with each determined terminal group, (c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member, (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three, (e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes, (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node, (g) storing an individual decryption key in correspondence with each node in the lowest level, (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined, (j) assigning, to the decryption terminal, a decryption key group based on the one or more individual decryption keys determined in correspondence with the decryption terminal and one or more individual decryption keys determined in correspondence with all the terminal groups that include the decryption terminal, (k) assigning to each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal, and (l) assigning decryption keys to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern, (m) determining, for each node other than leaves in an N-ary tree structure that has a plurality of hierarchies and whose leaves are in one-to-one correspondence with a plurality of decryption terminals that includes the decryption terminal, a plurality of combination patterns that each combine at least two of N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, deciding an individual decryption key for each determined combination pattern, and corresponding the determined decryption keys with the parent node, where N is a natural number equal to or greater than three, (n) designating, for each node, other than a leaf, on a path from the leaf corresponding to the decryption terminal to a root of the N-ary tree structure, from among the decryption keys corresponded with the node by the first procedure, decryption keys that correspond to all the combination patterns that relate to combinations that include a node that is one level below the node on the path, (o) assigning the designated decryption keys to said decryption terminal.
-
-
23. A non-transitory computer-readable recording medium having stored thereon a plurality of pieces of encrypted distribution data that have been generated by using each of a plurality of encryption keys to encrypt distribution data that is distributed to three or more terminals, the plurality of encryption keys having been designated by designation processing, the designation processing comprising:
-
(a) determining two or more terminal groups so that the decryption terminal belongs to a plurality of terminal groups, where each of the plurality of terminal groups includes two or more terminals as members, and the plurality of terminal groups exist so that a terminal group that includes the decryption terminal as a member does not completely include another one of the plurality of terminal groups and is not completely included in another one of the plurality of terminal groups; (b) determining one or more individual decryption keys in correspondence with the decryption terminal and in correspondence with each determined terminal group; (c) determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups, and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member; (d) determining the terminal groups so that each terminal group includes three or more terminals as members, and so that a terminal group exists that contains three or more terminal groups, and when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N is a natural number equal to or greater than three; (e) determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes; (f) determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node; (g) storing an individual decryption key in correspondence with each node in the lowest level; (h) determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes; (i) storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; (j) assigning, to the decryption terminal, a decryption key group based on the one or more individual decryption keys determined in correspondence with the decryption terminal and one or more individual decryption keys determined in correspondence with all the terminal groups that include the decryption terminal; (k) assigning to each terminal, the corresponding decryption key and all decryption keys corresponding with all terminal groups that include the terminal, as the decryption key group to be assigned to the terminal; (l) assigning decryption keys to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal, wherein the terminal groups have a one-to-one correspondence with the combination patterns, and each terminal group is a group whose members are all the terminals that correspond to all nodes on the lowest level that are reached from all the combined nodes in the corresponding combination pattern; (m) determining, for each node, other than leaves, in an N-ary tree structure that has a plurality of hierarchies and whose leaves are in one-to-one correspondence with the terminals, a plurality of combination patterns that each combine at least two of N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, deciding an individual decryption key for each determined combination pattern, and corresponding the determined decryption keys with the parent node, where N is a natural number equal to or greater than three; (n) designating, for each terminal, decryption keys to each node, other than a leaf, on a path from the leaf corresponding to the terminal to a root of the N-ary tree structure, the decryption keys being from among the decryption keys corresponded with the node by the decryption key correspondence step and corresponding to all the combination patterns that relate to combinations that include a node that is one level below the node on the path, and corresponding all the designated decryption keys with the terminal; (o) designating one or more terminals as invalid terminals; and (p) when all the decryption keys assigned to the terminals, other than decryption keys assigned to the one or more invalid terminals, are prescribed as valid decryption keys, repeatedly selecting an assigned valid decryption key that is in correspondence with the most terminals not designated as invalid terminals until all terminals not designated as invalid terminals have been assigned a selected valid decryption key, and designating encryption keys that correspond to all of the valid decryption keys that are selected as a result of the repeated selection.
-
-
24. A decryption key determining device that determines decryption key groups for use in decryption to be individually assigned to at least three terminals that obtain encrypted data and decrypt the obtained encrypted data, the decryption key determining device comprising:
-
a non-transitory storage device storing a program, the program being executable by at least one processor; a decryption key setting unit configured for; determining two or more terminal groups. which are groups having two or more terminals as members, so that each of the terminals is a member of at least one of the terminal groups. and any one of the terminal groups that shares a terminal as a member with another one of the terminal groups does not completely include the other one of the terminal groups sharing the terminal as a member and is not completely included in the other one of the terminal groups haring the terminal as a member, determining the terminal groups so that at least one terminal group exists that completely includes the two or more terminal groups. and so that any one of the terminal groups within the two or more terminal groups that shares a same terminal group as a member with another one of the terminal groups does not completely include the other one of the terminal groups that shares the same terminal group as a member and is not completely included in the other one of the terminal groups that shares the same terminal group as a member, when each terminal is corresponding with a node on a lowest level in an N-ary tree structure having a plurality of hierarchies, where N. is a natural number equal to or greater than three, determining, for each node other than the nodes on the lowest level, a plurality of combination patterns, for each one of N nodes that are reached from each node constituting a parent node of the one of the N nodes, that are combinations of two or more of the N nodes including the one of the N nodes, and that include a combination of all of the N nodes, and determining an individual decryption key for each determined combination pattern and storing the determined decryption key in correspondence with the parent node, and storing an individual decryption key in correspondence with each node in the lowest level, determining the plurality of combination patterns for each node excluding the nodes on the lowest level in the N-ary tree structure by prescribing combination patterns so that each combination pattern corresponds to one of all combinations of two or more of the N nodes that are one level below and are reached from the each node constituting a parent node of the N nodes, and storing, in correspondence with the parent node, all combination patterns determined for the parent node as invalidation pattern information that is made by connecting values in a predetermined order, each value showing whether or not one of the N nodes that are reached from the parent node is a target of combination, deciding an individual decryption key for each invalidation pattern information, and storing the individual decryption key in correspondence with the parent node and the invalidation information for which the individual decryption key has been determined; and a decryption key group correspondence unit configured for; determining, for each terminal, a decryption key group based on the corresponding decryption key and the decryption keys corresponding with each terminal group in which the terminal is include, as a decryption key group to the assigned to the terminal, respectively, and determining decryption keys to be assigned to each terminal, the decryption keys being (1) decryption keys selected from among the decryption keys stored in the decryption key setting unit in correspondence with each node on a same path, which is a path from the node corresponding to the terminal on the lowest level to a node on a highest level, excluding the node that corresponds to the terminal, and corresponding with all of the combination patterns that include a node that is one level below the each node on the same path, and (2) the decryption key stored in the decryption key setting unit in correspondence with the terminal.
-
Specification