Encryption key distribution method in mobile broadcasting system and system for the same
First Claim
Patent Images
1. A method of distributing an encryption key for protecting a broadcasting service in a mobile broadcasting system, comprising the steps of:
- generating, by a network, first information for encryption key derivation in response to providing the broadcasting service to a terminal, and transmitting a long term key message including the generated first information to the terminal; and
generating, by the network, second information for encryption key derivation before a lifetime of the first information expires, and transmitting a long term key message including the generated second information to the terminal,wherein the lifetime of the first information and a lifetime of the second information are an integer multiple of a lifetime of a traffic encryption key, the first information and the second information derive a plurality of traffic encryption keys, and the first information and the second information are derived from at least one key seed pair (KSP) composed of KS1, KS2 arbitrarily generated in the network, andwherein the traffic encryption key is calculated based on a hash value of KS1 to which a hash function is applied and a hash value of KS2 to which a hash function is applied, andwherein a message sent for requesting the traffic encryption key includes at least one of a key domain ID and a KSP ID.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and a system for distributing an encryption key for service protection and content protection in a mobile broadcasting system are provided where a network generates a first encryption key when a broadcasting service is first provided to the terminal, and transmits a long term key message including the generated first encryption key to the terminal. Also, the network generates a second encryption key before the lifetime of a first access value pair expires, and transmits a long term key message including the generated second encryption key to the terminal.
29 Citations
14 Claims
-
1. A method of distributing an encryption key for protecting a broadcasting service in a mobile broadcasting system, comprising the steps of:
-
generating, by a network, first information for encryption key derivation in response to providing the broadcasting service to a terminal, and transmitting a long term key message including the generated first information to the terminal; and generating, by the network, second information for encryption key derivation before a lifetime of the first information expires, and transmitting a long term key message including the generated second information to the terminal, wherein the lifetime of the first information and a lifetime of the second information are an integer multiple of a lifetime of a traffic encryption key, the first information and the second information derive a plurality of traffic encryption keys, and the first information and the second information are derived from at least one key seed pair (KSP) composed of KS1, KS2 arbitrarily generated in the network, and wherein the traffic encryption key is calculated based on a hash value of KS1 to which a hash function is applied and a hash value of KS2 to which a hash function is applied, and wherein a message sent for requesting the traffic encryption key includes at least one of a key domain ID and a KSP ID. - View Dependent Claims (2, 3, 4)
-
-
5. A method of distributing an encryption key for protecting a broadcasting service in a mobile broadcasting system, comprising the steps of:
-
verifying, by a terminal, a long term key message using a subscriber management key if the long term key message is received from a network; performing, by the terminal, replay detection if the long term key message is valid; confirming, by the terminal, validity of information for encryption key derivation included in the long term key message using a security function if the replay detection succeeds; and decoding, by the terminal, the information, generating and storing a traffic encryption key from the information if the information is valid, wherein a lifetime of the information is an integer multiple of a lifetime of a traffic encryption key, a plurality of the traffic encryption keys are derived from the information, and the information is derived from a key seed pair (KSP) composed of KS1, KS2 arbitrarily generated in the network, wherein the traffic encryption key is calculated based on a hash value of KS1 to which a hash function is applied and a hash value of KS2 to which a hash function is applied, and wherein a message sent for requesting the traffic encryption key includes at least one of a key domain ID and a KSP ID. - View Dependent Claims (6, 7)
-
-
8. A network for distributing an encryption key for protecting a broadcasting service in a mobile broadcasting system, the network comprising:
-
a controller configured to generate first information for encryption key derivation in response to providing the broadcasting service to a terminal, and generate second information for encryption key derivation before a lifetime of the first information expires; and a transmitter configured to transmit a long term key message including the generated first information to the terminal, and transmit a long term key message including the generated second information to the terminal, wherein the lifetime of the first information and a lifetime of the second are an integer multiple of a lifetime of a traffic encryption key, the first information and the second information derive a plurality of traffic encryption keys, and the first information and the second information are derived from at least one key seed pair (KSP) composed of KS1, KS2 arbitrarily generated in the network, wherein the traffic encryption key is calculated based on a hash value of KS1 to which a hash function is applied and a hash value of KS2 to which a hash function is applied, and wherein a message sent for requesting the traffic encryption key includes at least one of a key domain ID and a KSP ID. - View Dependent Claims (9, 10, 11)
-
-
12. A terminal for distributing an encryption key for protecting a broadcasting service in a mobile broadcasting system, the terminal comprising:
-
a processor configured to verify a long term key message using a subscriber management key if the long term key message is received from a network, perform replay detection if the long term key message is valid, confirm validity of information for encryption key derivation included in the long term key message using a security function if the replay detection succeeds, decode the information, and generate and store a traffic encryption key from the information if the information is valid, wherein a lifetime of the information is an integer multiple of a lifetime of a traffic encryption key, a plurality of traffic encryption keys are derived from the information, and the information is derived from a key seed pair (KSP) composed of KS1, KS2 arbitrarily generated in the network, wherein the traffic encryption key is calculated based on a hash value of KS1 to which a hash function is applied and a hash value of KS2 to which a hash function is applied, and wherein a message sent for requesting the traffic encryption key includes at least one of a key domain ID and a KSP ID. - View Dependent Claims (13, 14)
-
Specification