CN101091172A - Method of controlling content access and method of obtaining content key using the same - Google Patents

Abstract

Provided is a method of controlling content access in a home network. The method includes: (a) defining a predetermined sub group and allocating a sub group key for the sub group; and (b) checking whether a user belongs to the sub group and transmitting the sub group key to a user device requested by the user, wherein the user device obtains an encrypted content key using a domain key and the sub group key. Since a content key is twice encrypted using a domain key and a sub group key and transmitted to a user device, it is possible to provide authorized content access to a user.

Description

The method of control content visit and the method for using this method acquisition content key

Technical field

The present invention relates to a kind of method of control content visit, more specifically, relate to a kind of by forming user's group and providing the access to content of mandate to come the method for control content visit to this user's group.

Background technology

Figure 1A is the figure that the structure of home network is shown.With reference to Figure 1A, home network comprises: home server and user's set.Home server is from the territory or the content of external source received content and leading subscriber device.Home server leading subscriber device joins the territory of user's set and the operation of leaving from the territory of user's set, and by content-encrypt being prevented unauthorized user from obtaining content.

The user is input to home server with order, and home server receives order and will reproduce order and sends to user's set, and user's set reproduces content according to reproducing order.

Figure 1B is the block diagram that the classic method of control content visit is shown.With reference to Figure 1B, home server use content key to content-encrypt to produce encrypted content.Home server use domain key to content key encryption to produce encrypted content key.Domain key is sent to the user's set in the territory that belongs to home network according to the territory management.Then, will send to user's set according to content and the content key that user's request is encrypted.

User's set uses domain key that encrypted content key is deciphered with the acquisition content key, and uses content key that encrypted content is deciphered to obtain content.

Summary of the invention

Technical matters

Yet the classic method of such control content visit can not provide the access to content of mandate to unique user.For example, can not come control content visit: all members of family are divided into adult group and teenage group, and authorize adult group to reproduce for teenage group of unallowed content by such mode.

Technical solution

The invention provides and a kind ofly comprise the member's of home network group, and provide the access to content of mandate to come the method for control content visit to this group by formation.

Beneficial effect

According to the present invention, owing to use domain key and subgroup key to twice encryption of content key and send it to user's set, so the access to content of mandate can be provided to the user.

The subgroup key that is used to obtain content key is not to send to user's set from home server, but use son group public information and verification function value to produce subgroup key by user's set, wherein the subgroup key that is produced equates with the subgroup key that is produced by home server.Therefore, subgroup key can avoid under attack.

Description of drawings

Figure 1A is the figure that the structure of home network is shown;

Figure 1B is the block diagram that the classic method of control content visit is shown;

Fig. 2 is the block diagram that illustrates according to the method for embodiments of the invention control content visit;

Fig. 3 illustrates the process flow diagram of the method for control content visit in home domain according to another embodiment of the present invention;

Fig. 4 illustrates the process flow diagram that uses the method shown in Fig. 3 to be obtained the method for content key by user's set;

Fig. 5 illustrates the process flow diagram of the method for control content visit in home domain according to another embodiment of the present invention;

Fig. 6 illustrates the process flow diagram that uses the method shown in Fig. 5 to be obtained the method for content key by user's set;

Fig. 7 illustrates the process flow diagram of the method for control content visit in home domain according to another embodiment of the present invention;

Fig. 8 is the figure that the information that the home server that used in the method for Fig. 7 by Fig. 5 handles is shown; With

Fig. 9 is the figure that the information that the user's set that used in the method for Fig. 7 by Fig. 5 handles is shown.

Embodiment

Optimal mode

A kind of method of control content visit in home network is provided according to an aspect of the present invention.

According to a further aspect in the invention, provide a kind of method that in home network, obtains content key by user's set.

According to a further aspect in the invention, provide a kind of method that is obtained content key in home network by user's set, wherein, twice encryption produces encrypted content key to content key by using domain key and subgroup key.

According to a further aspect in the invention, provide a kind of method of control content visit in home network, comprising: define predetermined child group and generator and son group public information are distributed to this child group; Use power user (supervisor) password to produce the subgroup key of son group; Use supervisor password (PW1) and user cipher to produce the verification function value; And verification function value and son group public information sent to user's set.

The invention pattern

Fig. 2 is the block diagram that illustrates according to the method for embodiments of the invention control content visit.With reference to Fig. 2, home server use content key to content-encrypt to produce encrypted content.Home server use domain key to content key encryption producing first encrypted content key, and use subgroup key that first encrypted content key is encrypted to produce second encrypted content key.Similar to the classic method of Figure 1B, manage the user's set that domain key is sent to the territory that belongs to home network according to the territory.To send to user's set respectively according to content and the second content key that user's request is encrypted.Produce subgroup key and send it to user's set (Fig. 3 and Fig. 4) by home server, perhaps in user's set, use the information that provides by home server to produce subgroup key (Fig. 5, Fig. 6 and Fig. 7).In this case, first encrypted content key is not sent to user's set.

User's set use subgroup key to the deciphering of second encrypted content key obtaining first encrypted content key, and use domain key to the deciphering of first encryption key to obtain content key.

Fig. 3 is the process flow diagram that illustrates according to embodiments of the invention method of control content visit in home domain.With reference to Fig. 3, home server HS definition comprises the user's who belongs to this child group user identifier ID and the child group SG of user cipher PW, and predetermined subgroup key SGK is distributed to son group SG (operation 310).

The child group information SGI that comprises user identifier ID, user cipher PW and subgroup key SGK is stored among the home server HS.

Home server HS uses domain key DK that content ciphering key K is encrypted to produce first content key ECK, the subgroup key SGK that use distributes in operation 310 encrypt producing the second encrypted content key EECK the first encrypted content key ECK, and the second encrypted content key EECK and domain key DK are sent to user's set UD_r (operation 320).User's set UD_r represents to be reproduced by user Ui request the user's set of content.User Ui is illustrated in the random user that content is reproduced in request among the member of home network.The first encrypted content key ECK is not sent to user's set UD_r.

Domain key DK is a domain key of distributing to the territory of home server HS, and all the authorized user devices in the territory all can obtain domain key DK.Content key CK is used for predetermined encrypted content deciphering.

Home server HS receives user identifier ID and user cipher PW from user Ui, user identifier ID that use to receive and user cipher PW determine that whether user Ui is among the member of son group SG, and in the time of one among the member that definite user Ui is the sub SG of group, the subgroup key SGK that son is organized SG sends to the user UD_r (operating 330) that is reproduced content by user Ui request.

According to the method shown in Fig. 3, can not obtain the first encrypted content key ECK and can only obtain the second encrypted content key EECK and domain key DK owing to belong to the user's set UD_r of home server HS, so UD_r can not obtain content key CK.More specifically, user's set UD_r only can use when the server HS of family determines the subgroup key SGK that the user of request subgroup key SGK obtains from home server HS when belonging to son group SG and obtain content key CK.The user can obtain the subgroup key of the child group under the user, and this will reproduce in the child group of content constraints under the user.

In another embodiment, home server HS comprises: sub-group identifier ID_sg, recognin group; User identifier ID, identification belongs to the user of son group; And son group table SGT, comprise user cipher PW.User cipher PW is by hash (hashed) and be stored among the home server HS.Can there be user's set UD_r more than one.

Fig. 4 illustrates the process flow diagram that uses the method shown in Fig. 3 to be obtained the method for content key by user's set.With reference to Fig. 4, home server HS receives user identifier IDi ' and user cipher PWi ' (step 410) from user Ui.

Home server HS uses the user identifier IDi ' and the user cipher PWi ' that receive in operation 410 to determine the child group SG that user Ui is affiliated, and the subgroup key SGK of the child group SG that will determine sends to user's set UD_r (operation 420).User Ui request user's set UD_r reproduces content.

More specifically, home server HS determines that whether the user identifier IDi ' that receive in operation 410 and user cipher PWi ' equate with user identifier IDi and user cipher PWi among the child group information SGI, and when determining that they are equal to each other, from child group information SGI, extract the subgroup key SGK of son group, the subgroup key SGK that extracts is sent to user's set UD_r.

User's set UD_r receives the second encrypted content key EECK and domain key DK (operation 430) from home server HS.

Use subgroup key SGK that the first encrypted content key ECK is encrypted by home server HS and produce the second encrypted content key EECK.Use domain key DK that content ciphering key K is encrypted by home server HS and produce the first encrypted content key ECK.

Can obtain domain key DK by the user's set UD_r that belongs to home server HS.The known at large method that obtains domain key DK by user's set UD_r of those skilled in the art.

User's set UD_r uses the subgroup key SGK that receives in operation 420, to the second encrypted content key EECK deciphering that receives in operation 430 producing the first encrypted content key ECK, and use the domain key DK that receive in operation 430 to first encrypted content key ECK deciphering to produce content key CK (operation 440).

According to the method shown in Fig. 4, because user's set UD_r can receive the subgroup key SGK of the child group under the user Ui, and user Ui only can use the subgroup key SGK that is received by user's set UD_r to obtain content key CK, so user Ui is restricted to the content that visit is produced by user's set UD_r.

For example, when teenage user U2 belongs to son group SG1 and SG2 and son group SG1 and SG2 and has subgroup key SGK1 and SGK2 respectively, content key CK_adult is used for and will encrypts for the unallowed content Cont_adult of teenage user, and use domain key DK that content ciphering key K_adult is encrypted to produce the first encrypted content key ECK_adult, use subgroup key SGK5 that this encrypted content key ECK_adult is encrypted to produce the second encrypted content key EECK_adult.In this case, because user U2 can obtain subgroup key SGK1 and SGK2, so it can not obtain content key CK_adult, yet the user who belongs to son group SG5 can obtain content key CK_adult.

Fig. 5 is the process flow diagram that illustrates according to embodiments of the invention method of control content visit in home domain.With reference to Fig. 5, home server HS definition comprises the child group SG of the user's who belongs to the son group user identifier ID, and generator (generator) g and son group public information SGPI are distributed to son group SG (operation 510).

The child group information SGI that comprises user identifier ID, generator g and son group public information SGPI is stored among the home server HS.Provide son group public information SGPI by equation 1.

$\mathrm{SGPI}=\left\{x\right|x=g^{h^j\left(\mathrm{PW}1\right)},\left(1\mathrm{Djt}\right)\}$

$={\{x}_1,x_2,...,x_t\}$

$=\{g^{h^1\left(\mathrm{PW}1\right)},g^{h^2\left(\mathrm{PW}1\right)},...,g^{h^t\left(\mathrm{PW}1\right)}\}....\left(1\right)$

Wherein, PW1 represents supervisor password, and g represents generator, and h () represents hash function, and t represents random number, and h^j () represents j hash iteration (repetition).For example, h^3 (x)=h (h (h (x))).T is a random number.The power user be user U1, U2 ... among the Uk one.In equation 1, the power user is user U1, and t is relevant with participant's quantity, will be described in the back.

Home server HS uses supervisor password PW1 to produce subgroup key SGK (operation 515).Provide subgroup key SGK by equation 2.

SGK＝g ^(PW1)............................................(2)

Home server HS uses domain key DK that content ciphering key K is encrypted to produce the first encrypted content key ECK, the subgroup key SCK that use produces in operation 515 encrypt producing the second encrypted content key EECK the first encrypted content key ECK, and the second encrypted content key EECK and domain key DK are sent to user's set UD_r (operation 520).

The first encrypted content key ECK is not sent to user's set UD_r.Subgroup key SGK is not stored among the home server HS.

Home server HS receives user identifier IDi and user cipher PWi from user Ui, and uses the user cipher PWi of supervisor password PW1 and user Ui to produce verification function value Ai (operation 530).Provide verification function value Ai by equation 3.

$\mathrm{Ai}=\mathrm{PW}1-\underset{j=1}{\overset{t}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j]\mathrm{mod}\left|G\right|.....\left(3\right)$

Wherein, the verification function value of Ai representative of consumer Ui, PW1 represents supervisor password, the user cipher of PWi representative of consumer Ui, t represents random number, and G represents the spanning set of generator g.

For example, when t=2, provide the verification function value A3 of user U3 by equation 4.

$A3=\mathrm{PW}1-\underset{j=1}{\overset{2}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PW}3\right)}^j]\mathrm{mod}\left|G\right|$

$=\mathrm{PW}1-[h\left(\mathrm{PW}1\right)*\left(\mathrm{PW}3\right)+h^2\left(\mathrm{PW}1\right)*{\left(\mathrm{PW}3\right)}^2]\mathrm{mod}\left|G\right|...\left(4\right)$

Home server HS will send to user's set UD_r (operation 540) at operation 530 verification function value Ai that produces and the child group public information SGPI that belongs to the child group of user identifier IDi '.

User's set UD_r uses verification function value Ai and son group public information SGPI to produce subgroup key SGK '.Provide subgroup key SGK ' by equation 5.

${\mathrm{SGK}}^{\′}=g^{\mathrm{Ai}}*\underset{j=1}{\overset{t}{O}}\left[{\left(g^{h^j\left(\mathrm{PW}1\right)}\right)}^{{\left(\mathrm{PWi}\right)}^j}\right]---\left(5\right)$

Subgroup key SGK ' is identical with the subgroup key SGK of equation 2, proves by equation 6.

${\mathrm{SGK}}^{\′}=g^{\mathrm{Ai}}*\underset{j=1}{\overset{t}{O}}\left[{\left(g^{h^j\left(\mathrm{PW}1\right)}\right)}^{{\left(\mathrm{PWi}\right)}^j}\right]$

$=g^{\mathrm{PW}1-\underset{j=1}{\overset{t}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j]}*\underset{j=1}{\overset{t}{O}}\left[{\left(g^{h^j\left(\mathrm{PW}1\right)}\right)}^{{\left(\mathrm{PWi}\right)}^j}\right]$

$=g^{\mathrm{PW}1-\underset{j=1}{\overset{t}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j]}*\underset{j=1}{\overset{t}{O}}\left[{\left(g^{h^j\left(\mathrm{PW}1\right)}\right)}^{{\left(\mathrm{PWi}\right)}^j}\right]$

$=g^{\mathrm{PW}1-\underset{j=1}{\overset{t}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j]}*g^{\underset{j=1}{\overset{t}{Q}}{h}^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j}$

$={\mathrm{<figure-callout\; id="1"\; label="g\; PW"\; filenames="A20068000149600201.png"\; state="\{\{state\}\}">g</figure-callout>}}^{\mathrm{PW}}$

$=\mathrm{SGK}....\left(6\right)$

The t that equation 1 provides in the equation 6 is that select at random and relevant with participant's quantity.The participant is the user who notifies the child group public information SGPI of its user cipher PWi that has and reception mutually.According to equation 3, when t=1, can obtain supervisor password PW1, so the method shown in Fig. 5 does not guarantee the safety of system.System is safer along with the t increase.Yet bigger t has increased the quantity that needs computing.Therefore, can use the method shown in Fig. 3 only to increase t according to the arithmetic capability of equipment.

According to the method shown in Fig. 5, home server HS does not store subgroup key SGK and supervisor password PW1 therein.Can not obtain subgroup key SGK and supervisor password PW1 owing to attack the unauthorized user of home server HS, so the method shown in Fig. 5 is than the method safety shown in Fig. 3.

Fig. 6 illustrates the process flow diagram that uses the method shown in Fig. 5 to be obtained the method for content key by user's set.With reference to Fig. 6, home server HS receives user identifier IDi and user cipher PWi (operation 610) from user Ui.

Home server HS uses the user cipher PWi of supervisor password PW1, user Ui and the child group public information SGPI of the child group under the user Ui to produce verification function value Ai, and verification function value Ai and son group public information SGPI are sent to user's set UD_r (operation 620).To operate 620 and be divided into operation 621 to operation 624.

Home server HS uses user identifier IDi to determine the child group SG that user Ui is affiliated, and extracts son group public information SGPI (operating 621) from the child group information SGI of definite child group SG.

Home server HS receives supervisor password PW1 and password PWi (operation 622) respectively from power user and user Ui.

Home server HS uses the user cipher PWi of supervisor password PW1, user Ui and produces verification function value Ai (operation 623) at the child group public information SGPI that operation 621 is extracted.Provide verification function value Ai by top equation 3.

Home server HS will send to user's set UD_r (operation 624) at the verification function value Ai of operation 623 generations with at the child group public information SGPI that operation 621 is extracted.User's set UD_r is reproduced content by user Ui request.

User's set UD_r receives the second encrypted content key EECK and domain key DK (operation 630) from home server HS.

Use subgroup key SGK that the first encrypted content key ECK is encrypted by home server HS and produce the second encrypted content key EECK.Use domain key DK that content ciphering key K is encrypted by home server HS and produce the first encrypted content key ECK.Home server HS produces subgroup key SGK by top equation 2.

User's set UD_r uses the verification function value Ai and the son group public information SGPI that send in operation 620 to produce subgroup key SGK ' (operation 640).

In the verification function value Ai that provides by equation 3, provide subgroup key SGK ' by top equation 5.According to equation 6, the subgroup key SGK that is produced by home server HS is identical with the subgroup key SGK ' that is produced by user's set UD_r.

User's set use the subgroup key SGK ' that produce in operation 640 to the second encrypted content key EECK deciphering that receives in operation 630 producing the first encrypted content key ECK, and use the domain key DK that receive in operation 630 to first encrypted content key ECK deciphering to produce content key CK.

According to the method shown in Fig. 6, because user's set UD_r can produce the subgroup key SGK of the child group under the user Ui, and user Ui only can use subgroup key SGK to obtain content key CK, so user Ui is restricted to the content that visit is reproduced by user's set UD_r.

According to the method shown in Fig. 6, home server HS does not store subgroup key SGK and supervisor password PW1 therein.Can not obtain subgroup key SGK and supervisor password PW1 owing to attack the unauthorized user of home server HS, so the method shown in Fig. 6 is than the method safety shown in Fig. 4.

Fig. 7 is the process flow diagram that illustrates according to embodiments of the invention method of control content visit in home domain.Except t is not a random number but the t=i-1, the method shown in Fig. 7 is identical with the method shown in Fig. 5, wherein, i-1 is user's sequence number.With reference to Fig. 7, home server HS definition comprises the child group SG of the user's who belongs to the son group user identifier ID, and generator g and son group public information SGPI are distributed to son group SG (operation 710).

The child group information SGI that comprises user identifier ID, generator g and son group public information SGPI is stored among the home server HS.Provide son group public information SGPI by equation 7.

$\mathrm{SGPI}=\left\{x\right|x=g^{h^j\left(\mathrm{PW}1\right)},(1\mathrm{DjDi}-1)\}$

$=\{x_1,x_2,...,x_2\}$

$=\{g^{h^1\left(\mathrm{PW}1\right)},g^{h^2\left(\mathrm{PW}1\right)},...,g^{h^{i-1}\left(\mathrm{PW}1\right)}................\left(7\right)$

Wherein, PW1 represents supervisor password, and g represents generator, and h () represents hash function, t=i-1, and h^j () represents the hash iteration j time.For example, h^3 (x)=h (h (h (x))).Unlike Fig. 5, t is not a random number, but t=i-1.In Fig. 5, t is fixed as random number, yet, in Fig. 7,, calculate son group public information SGPI one by one whenever i increases.More specifically, in comprising the current son group of user U1, U2 and U3, home server HS produces son group public information SGPI={g ^{H (PW1)}, g ^{H^2 (PW1)}, g ^{H^3 (PW1)}.Yet if user U4 adds current son group, home server HS produces new child group public information SGPI=g ^{H^4 (PW1)}Thereby all son is organized public information SGPI={g ^{H (PW1)}, g ^{H^2 (PW1)}, g ^{H^3 (PW1)}, g ^{H^4 (PW1)}.

Home server HS uses supervisor password PW1 to produce subgroup key SGK (operation 715).Provide subgroup key SGK by equation 2, this is identical with the method shown in Fig. 5.

Home server HS uses domain key DK that content ciphering key K is encrypted to produce the first encrypted content key ECK, the subgroup key SGK that use produces in operation 715 encrypt producing the second encrypted content key EECK the first encrypted content key ECK, and the second encrypted content key EECK and domain key DK are sent to user's set UD_r (operation 720).

The same with the method shown in Fig. 5, the first encrypted content key ECK is not sent to user's set UD_r, and subgroup key SGK is not stored among the home server HS.

Home server HS receives user identifier IDi and user cipher PWi from user Ui, and uses the user cipher PWi of user Ui to produce verification function value Ai (operation 730).Unlike the method shown in Fig. 5, provide verification function value Ai by equation 8.

$\mathrm{Ai}=\mathrm{<figure-callout\; id="1"\; label="PW"\; filenames="A20068000149600201.png"\; state="\{\{state\}\}">PW</figure-callout>}1\&CenterDot;\underset{j=1}{\overset{i-1}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j]\mathrm{mod}\left|G\right|...........\left(8\right)$

Wherein, the verification function value of Ai representative of consumer Ui, PW1 represents supervisor password, the user cipher of PWi representative of consumer Ui, t representative of consumer sequence number, and G represents the spanning set of generator g.

Different with the method shown in Fig. 5, t is not a random number in equation 8, but t=i-1.In Fig. 5, t is fixed as random number, yet, in Fig. 7, when i increases, just calculate son group public information SGPI one by one.More specifically, when new member adds the son group, calculate the verification function value that is used for this new member.

For example, when new user U4 added current sub group that comprises user U1, U2 and U3, user U1, U2, U3 and U4 received verification function value A1, A2, A3 and the A4 that is provided by equation 9 respectively in the method shown in Fig. 5.In this case, t is 2.

A2＝PW1-[h(PW1)*(PW2)+h ²(PW1)*(PW2) ²]mod|G|

A3＝PW1-[h(PW1)*(PW3)+h ²(PW1)*(PW3) ²]mod|G|

A4＝PW1-[h(PW1)*(PW4)+h ²(PW1)*(PW4) ²]mod|G|......(9)

Simultaneously, user U1, U2, U3 and U4 receive verification function value A1, A2, A3 and the A4 that is provided by equation 10 respectively in the method shown in Fig. 7.

A2＝PW1-[h(PW1)*(PW2)] mod|G|

A3＝PW1-[h(PW1)*(PW3)+h ²(PW1)*(PW3) ²] mod|G|

A4＝PW1-[h(PW1)*(PW4)+h ²(PW1)*(PW4) ²+h ²(PW1)*(PW4) ²]mod|G|

......(10)

Home server HS will send to user's set UD_r (operation 740) at operation 730 verification function value Ai that produces and the child group public information SGPI that belongs to the child group of user identifier IDi.

User's set UD_r uses verification function value Ai and son group public information SGPI to produce subgroup key SGK ' (operation 750).Unlike the method shown in Fig. 5, provide subgroup key SGK ' by equation 11.

${\mathrm{SGK}}^{\&prime;}=g^{\mathrm{AT}}*\underset{j=1}{\overset{t-1}{O}}\left[{\left(g^{h^j\left(\mathrm{PW}1\right)}\right)}^{{\left(\mathrm{PWi}\right)}^j}\right]..................\left(11\right)$

Equation 11 is t=i-1 with equation 5 differences.Method shown in Figure 5, t selects and fixing at random.If member's quantity increases, then must proofread and correct t.Yet, according to the method shown in Fig. 5, because t is the number of fixing, so when new member's adding group, owing to must upgrade t, so the safety that endangers system.In this case, home server HS must produce new verification function value and send it to user's set.User's set must use new t value to produce subgroup key.

Yet according to the method shown in Fig. 7, because t=i-1, the verification function value that the user receives is used the different t value of using with another verification function value (seeing equation 10) of t value.Therefore, even member's quantity is increased to the safety that is enough to threaten system, do not need to recomputate the verification function value or it is resend user's set yet.That is to say, according to the method shown in Fig. 7, because t value do not fix, so it is easier to add new member.

Fig. 8 is the figure that the information that the home server that used in the method for Fig. 7 by Fig. 5 handles is shown.With reference to Fig. 8, E indicates encryption, and the indication of the number in frame is used for the number of the equation of process information.Home server uses the password PWi of supervisor password, son group public information and user Ui to produce verification function value Ai, and sends it to user's set.

Home server sends to user's set with verification function value Ai and son group public information (rather than encrypted content key).

Fig. 9 is the figure that the information that the user's set that used in the method for Fig. 7 by Fig. 5 handles is shown.With reference to Fig. 9, D indicates decryption processing, and the representative of the number in frame is used for the number of the equation of process information.User's set receives son group public information SGPI, verification function value Ai, the second encrypted content key EECK and domain key DK from home server, use son group public information SGPI and verification function value Ai to produce subgroup key SGK, and use subgroup key SGK to obtain content key CK.

In the method for acquisition content key shown in Figure 4, receive subgroup key, yet in the method for acquisition content key shown in Figure 6, user's set produces subgroup key from home server.

Can realize the present invention by the computer-readable code on the object computer readable medium recording program performing.Computer readable recording medium storing program for performing comprises various types of pen recorders of storage computation machine system readable data.Use ROM, RAM, CD-ROM, tape, floppy disk, optical storage of data etc. as computer readable recording medium storing program for performing.Form (for example, passing through internet transmission) that can carrier wave realizes computer-readable code.

Although specifically illustrate and described the present invention with reference to its exemplary embodiment, but it should be appreciated by those skilled in the art, under the situation that does not break away from the spirit and scope of the present invention that are defined by the claims, can carry out various changes on form and the details to it.

Claims (17)

1, a kind of method of control content visit in home network comprises:

(a) the predetermined child group of definition and be sub-set of dispense subgroup key; And

(b) whether the inspection user belongs to this child group and subgroup key is sent to by user's requesting users device.

2, the method for claim 1 also comprises:

Use domain key to content key encryption to produce first encrypted content key;

Use subgroup key that first encrypted content key is encrypted to produce second encrypted content key; And second encrypted content key and domain key sent to user's set.

3, the method for claim 1, wherein operation (b) comprising:

Receive user identifier and password from the user;

Check whether user identifier and password and son group interior user identifier and user cipher be identical; And

When checking that the mutually the same and password of indication user identifier is mutually the same, the subgroup key of child group is sent to user's set.

4, a kind of method that in home network, obtains content key by user's set, described method comprises:

Home server uses the user identifier that receives from the user and user cipher to determine child group under the user, and the subgroup key that will distribute to definite child group sends to user's set;

User's set receives encrypted content key and domain key from home server; And

User's set uses domain key and subgroup key that encrypted content key is deciphered.

5, method as claimed in claim 4, wherein, twice encryption produces encrypted content key to described content key by using domain key and subgroup key.

6, a kind of method of control content visit in home network comprises:

(a) the predetermined child group of definition and generator and son group public information distributed to the son group;

(b) use supervisor password to produce the subgroup key of son group;

(c) use supervisor password PW1 and user cipher to produce the verification function value; And

(d) verification function value and son group public information are sent to user's set,

Wherein, use generator and supervisor password to produce described son group public information, and user's set obtain subgroup key from verification function value and son group public information.

7, method as claimed in claim 6 wherein, provides operation (a) by following equation

$\mathrm{SGPI}=\left\{x\right|x=g^{h^j\left(\mathrm{PW}1\right)},\left(1D_j{D}_t\right)\}$

$=\{x_1,x_2,...,x_t\}$

$=\{g^{h^1\left(\mathrm{PW}1\right)},g^{h^2\left(\mathrm{PW}1\right)},...,g^{h^t\left(\mathrm{PW}1\right)}\}$

Wherein, SGPI represents son group public information, and PW1 represents supervisor password, and g represents generator, and h () represents hash function, and t represents random number, and h^j () represents the hash iteration j time.

8, method as claimed in claim 7 wherein, provides operation (b) by following equation

SGK＝g ^(PW1)

Wherein, SGK represents subgroup key, and PW1 represents supervisor password, and g represents generator.

9, method as claimed in claim 8 provides operation (c) by following equation

$\mathrm{Ai}=\mathrm{PW}1\&CenterDot;\underset{j=1}{\overset{t}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j]\mathrm{mod}\left|G\right|$

Wherein, the verification function value of Ai representative of consumer Ui, PW1 represents supervisor password, the user cipher of PWi representative of consumer Ui, t represents random number, and G represents the spanning set of generator g.

10, method as claimed in claim 8 also comprises:

(e) use domain key to content key encryption to produce first encrypted content key, use subgroup key that first encrypted content key is encrypted producing second encrypted content key, and

(f) second encrypted content key and domain key DK are sent to user's set.

11, method as claimed in claim 10 wherein, provides described random number t by equation t=i-1, and wherein, i is user's sequence number.

12, a kind of method that in home network, obtains content key by user's set, described method comprises:

(a) home server uses the user identifier that receives from the user and user cipher to determine child group under the user, and generator and son group public information are distributed to the son group;

(b) user's set receives encrypted content key, domain key, verification function value and son group public information from home server;

(c) user's set uses verification function value and son group public information to produce subgroup key; And

(d) user's set uses subgroup key and domain key that encrypted content key is deciphered with the generation content key,

Wherein, use generator and supervisor password to produce described son group public information, use supervisor password and user cipher to produce described verification function value.

13, method as claimed in claim 12 wherein, provides described son group public information by following equation,

$\mathrm{SGPI}=\left\{x\right|x=g^{h^j\left(\mathrm{PW}1\right)},\left(1D_j{D}_t\right)\}$

$=\{x_1,x_2,...,x_t\}$

$=\{g^{h^1\left(\mathrm{PW}1\right)},g^{h^2\left(\mathrm{PW}1\right)},...,g^{h^t\left(\mathrm{PW}1\right)}\}$

Wherein, SGPI represents son group public information, and PW1 represents supervisor password, and g represents generator, and h () represents hash function, and t represents random number, and h^j () represents the hash iteration j time.

14, method as claimed in claim 13 wherein, provides described verification function value by following equation,

$\mathrm{Ai}=\mathrm{PW}1-\underset{j=1}{\overset{t}{Q}}[h^j\left(\mathrm{PW}1\right)*{\left(\mathrm{PWi}\right)}^j]\mathrm{mod}\left|G\right|$

Wherein, the verification function value of Ai representative of consumer Ui, PW1 represents supervisor password, the user cipher of PWi representative of consumer Ui, t represents random number, and G represents the spanning set of generator g.

15, method as claimed in claim 14 wherein, provides described random number t by equation t=i-1, and wherein, i is user's sequence number.

16, method as claimed in claim 12 wherein, provides operation (c) by following equation

$\mathrm{SG}{K}^{\&prime;}=g^{\mathrm{Ai}}*\underset{j=1}{\overset{t}{O}}\left[{\left(g^{h^j\left(\mathrm{PW}1\right)}\right)}^{{\left(\mathrm{PWi}\right)}^j}\right]$

Wherein, SGK ' represents subgroup key, and PW1 represents supervisor password, the user cipher of PWi representative of consumer Ui, and the verification function value of Ai representative of consumer Ui, g represents generator, and t represents random number.

17, a kind of computer-readable recording medium comprises thereon and is used for the computer program that enforcement of rights requires 1 method.

Images