WO2003094422A1 - Systeme de communication chiffree, serveur de remise de cle associe, terminal, et procede de partage de cle - Google Patents
Systeme de communication chiffree, serveur de remise de cle associe, terminal, et procede de partage de cle Download PDFInfo
- Publication number
- WO2003094422A1 WO2003094422A1 PCT/JP2003/005482 JP0305482W WO03094422A1 WO 2003094422 A1 WO2003094422 A1 WO 2003094422A1 JP 0305482 W JP0305482 W JP 0305482W WO 03094422 A1 WO03094422 A1 WO 03094422A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- key
- group key
- information
- decryption
- group
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
Definitions
- the present invention relates to a cryptographic communication system, a key distribution server thereof, a terminal device, and a key sharing method.
- the present invention relates to a technology for distributing a key for decrypting encrypted information to subscriber terminals, and more particularly, to a technology for safely and quickly updating a key.
- a key (group key) is distributed only to group subscribers, and cryptographic communication using the key is performed.
- group key is distributed only to group subscribers, and cryptographic communication using the key is performed.
- application fields such as content distribution to mobile phones, DVD decryption / reproducer, software distribution by CD ROM, police radio, and intra-group communication in P2P services.
- the prior art 2 disclosed in this publication realizes the decoding process only by two modular exponentiation operations without depending on the number n of the subscriber terminals and the maximum number k of the terminals to be excluded. Therefore, even in a system with an extremely large number of subscriber terminals, group key distribution can be completed at high speed. You. In a broadcast cryptographic communication system, the members in the protocol are defined as follows.
- Key distribution server A trusted organization that determines system parameters during setup and distributes personal keys to each subscriber terminal. At the time of group key distribution, it decides which subscriber terminal is to be excluded, and then distributes the group key by broadcast.
- the key distribution server is represented by S.
- Subscriber terminal A terminal that receives a broadcast from the key distribution server.
- the subscriber terminal i receives the personal key from the key distribution server during setup.
- Excluded subscriber terminals Subscriber terminals eliminated by the key distribution server.
- Valid subscriber terminals subscriber terminals that are not excluded.
- the broadcast-type cryptosystem defined as above in the I-round, is delivered to the effective subscriber terminal ⁇ , of the entire subscriber terminal ⁇ .
- U broadcast-type encrypted communication within the group ⁇
- the key distribution server sends a group key U to each subscriber ie ⁇ . And the private key ke to a Key-to-Point int key distribution Delivery by mouth protocol.
- the key distribution server determines ⁇ , C ⁇ I.
- the key distribution server delivers a header ⁇ , for calculating U, to ⁇ .
- p and q are large prime numbers satisfying q IP — 1, and g is an element of order q on the finite field Z p .
- the sizes of p and q are set so that the discrete logarithm problem on the group GF (q) composed of g as a generator is computationally difficult.
- all calculations are performed on modp.
- E indicates the encryption of the message by symmetric key cryptography using the key (key).
- n is the total number of subscriber terminals, and k ( ⁇ n) is the maximum number of terminals to be excluded.
- the length of the header for distributing the group key and the size of the private key of each subscriber terminal do not depend on the total number of subscriber terminals.
- the number of modular exponentiation operations required from receipt of the header for calculating the group key to completion of decryption of the group key (decryption process) does not depend on n or k.
- Requirement 1 above is a requirement for the subscriber terminal to be able to decrypt efficiently independently.
- broadcast-type cryptographic communication when the subscriber terminal does not need to communicate with other terminals at the time of decryption, it is important to avoid generating unnecessary traffic on the network.
- Requirement 2 is necessary because the excluded subscriber terminal cannot decrypt the session key even after collusion.
- Requirement 3 is necessary to prevent the processing from becoming too large when there are too many subscriber terminals.
- Requirement 4 is a requirement for decrypting the group key with a processing amount independent of n and k when k needs to be set large in a large group.
- Prior art 2 focuses on the necessity of Requirement 4 and presents a method that satisfies this requirement.
- Prior Art 2 does not meet Requirement 2 which is the most important for safety. That is, if the group key is delivered a finite number of times, the non-excluded subscriber terminals can seek the secret information of the entire system, and can cancel the subsequent exclusion (for example, If k ⁇ 5, it can be attacked with three group key distributions').
- Conventional Technique 2 does not satisfy Requirement 2. First, a method of broadcast-type cryptographic communication according to Prior Art 2 will be described.
- the key distribution server sets the maximum number k of terminals to be excluded and sets the k-th order polynomial on Z q as shown in the following equation 1.
- the key distribution server randomly selects and broadcasts U.s GF (q).
- the effective subscriber terminal V e ⁇ , of the I round is V e ⁇ H, U, is obtained in the I — 1 round.
- the subscriber terminal V decrypts ⁇ , ⁇ ⁇ ⁇ ⁇ using U U, , for the received ciphertext E (U ⁇ ,,).
- the group key U is calculated by the following equation (3).
- L (j) is the Lagrange polynomial interpolation coefficient
- an object of the present invention is to provide a high-security and high-speed group key update method that satisfies all the above four requirements.
- Another object of the present invention is to realize a highly secure and efficient broadcast encryption communication in addition to the above objects. Disclosure of the invention
- the present invention that achieves the above object provides a cryptographic communication system including a key distribution server that distributes a key for decrypting encrypted information, and a predetermined number of subscriber terminals that use the information. Is realized.
- the key distribution server includes an encrypted first group key used for decrypting information and a decryption process for decrypting the first group key. 5482
- Subscriber separate decryption information for each subscriber terminal and individual key update information for each subscriber terminal to execute a part of decryption processing of the second group key updated after updating the group key Distributed to the terminal, and the subscriber terminal uses the processing result based on the key update information for decrypting the first group key acquired in advance and the decryption information distributed from the key distribution server to transmit the information from the key distribution server. It is characterized by decrypting the distributed first group key. The processing at the time of updating the group key is reduced by temporally dispersing the decryption processing of the group key.
- the subscriber terminal performs one of the decryption processing of the group key using the key update information. Run before distribution of this group key. By performing a part of the process of decrypting the group key in the subscriber terminal in advance, the process after the new group key is distributed can be performed without updating the group key. The required time has been shortened.
- the key distribution server distributes key update information for decrypting the first group key to the subscriber terminal together with the third group key before being updated to the first group key.
- the key distribution server updates the group key, it sets an exclusion target terminal among the subscriber terminals, and the subscriber terminals other than the exclusion target terminal can decrypt the updated group key.
- the decryption information is distributed to the subscriber terminal together with the updated group key.
- a key distribution server configured as follows that distributes a key for decrypting encrypted information.
- the key distribution server generates and encrypts a first group key used for decryption of information, and provides individual decryption for each subscriber terminal for executing the decryption process of the first group key.
- Means for generating key information means for generating individual key update information for each subscriber terminal for executing a part of the decryption processing of the second group key updated after updating the group key, and Means for distributing group key, decryption information, and key update information to subscriber terminals. It is characterized by the following. Still another embodiment of the present invention that achieves the above object is also realized as a terminal device configured as follows.
- This terminal device is means for obtaining an encrypted group key for decrypting the encrypted information and decryption information for decrypting the group key from a predetermined key distribution server; Means for executing a part of the group key before distributing the group key, means for decrypting the group key using a processing result based on a part of the decryption processing of the group key and decryption information obtained from the key distribution server, and It is characterized by having. Further, the present invention is also realized as a program that controls a computer to function as the key distribution server or the terminal device. This program can be provided by storing it on a magnetic disk, an optical disk, a semiconductor memory, or another recording medium and distributing it, or distributing it via a network.
- the present invention is realized as the following key sharing method in which a key for decrypting encrypted information is shared by a predetermined number of terminals using the information. That is, in this key sharing method, a part of a decryption process for decrypting an encrypted group key used for information decryption is performed in a terminal before the distribution of the group key; And a step of distributing the individual decryption information for each terminal for performing the rest of the group key decryption processing to the terminal; and a step of distributing the distributed decryption information and the previously executed decryption processing. And decrypting the group key using the result of the group in the terminal.
- this key sharing method a part of a decryption process for decrypting an encrypted group key used for information decryption is performed in a terminal before the distribution of the group key; And a step of distributing the individual decryption information for each terminal for performing the rest of the group key decryption processing to the terminal; and a step of distributing the distributed decryption
- FIG. 1 is a diagram illustrating a schematic configuration of a broadcast encryption communication system according to the present embodiment.
- FIG. 2 illustrates the flow of processing of encrypted communication according to the present embodiment. It is a flow chart.
- FIG. 3 is a diagram showing the configuration of a peer-to-peer network system to which the present embodiment is applied.
- FIG. 4 is a diagram showing a configuration of a real-time content distribution system to which the present embodiment is applied.
- FIG. 5 is a diagram showing a configuration of a service providing system for a mobile phone to which the present embodiment is applied.
- FIG. 6 is a diagram showing a configuration of a multimedia content distribution system to which the present embodiment is applied.
- FIG. 7 is a diagram showing a configuration of a secret broadcasting system to which the present embodiment is applied.
- FIG. 1 is a diagram illustrating a schematic configuration of a broadcast encryption communication system according to the present embodiment.
- the broadcast-type cryptographic communication system includes a key distribution server 10 that generates and distributes a group key used for cryptographic communication, and a group key distributed from the key distribution server 10. And a subscriber terminal 20 for obtaining and performing cryptographic communication using the obtained information.
- the key distribution server 10 is realized by a workstation, a personal computer, or another computer device having a network function. At the time of setup, the system determines system parameters, and sends a message to each subscriber terminal 20. Distribute personal keys. At the time of group key delivery, it decides which subscriber terminal 20 is to be excluded, encrypts the group key, and delivers it by broadcast. Processing such as generation and delivery of a private key group key is realized, for example, as a program-controlled CPU function.
- the subscriber terminal 20 includes a workstation, a personal computer, a mobile phone, a PDA (Personal Digital Assistant), It is realized by an information terminal device having another network function, and receives a broadcast from the key distribution server 10.
- Subscriber terminal ⁇ i-th subscriber terminals 2 0
- it receives a private key S i from the key distribution server 1 0 during setup. Then, it decrypts the group key encrypted with the private key S i, is et to use in decoding a predetermined message using the group key.
- the subscriber terminal 20 as a whole constitutes a group ⁇ for performing cryptographic communication using the group key distributed from the key distribution server 10.
- the individual subscriber terminals 20 that make up this group are initially “valid subscriber terminals” that can all participate in cryptographic communication, but for some reason, the “subscriber terminal J that has been eliminated is After that, they cannot participate in encrypted communication, ie, they cannot use the private key to recover the group key.
- the communication mode in the present embodiment may be a client server type system in which information is exchanged between the key distribution server 10 or a predetermined server and the subscriber terminal 20, Peers that exchange information between terminals 20 ⁇ Peer-to-peer type systems may be used. That is, the provider of the message (content) used by the subscriber terminal 20 may exist separately from the key distribution service / ⁇ 10.
- encryption communication using a group key consists of four steps: group key setup, information encryption using the group key, information decryption using the group key, and key update.
- FIG. 2 is a flowchart illustrating a flow of a process of the encrypted communication according to the present embodiment.
- the decryption processing of the encrypted group key In this embodiment, in the decryption process of the encrypted group key, The calculation part that depends on the maximum number k of exclusion target terminals is divided into precalculation (key update processing). As a result, while maintaining provable security, the decryption processing of the group key except for the key update processing can be executed at high speed by two modular exponentiation operations.
- the receiver In the following description, the receiver is the user of the subscriber terminal 20 and the subscriber itself.
- the secret key is distributed to ⁇
- the group key U.e GF (q) is distributed to all the subscriber terminals 20 (step 201).
- a set of d excluded subscriber terminals 20 is determined (step 202). Let k-1 d integers be selected from n + k (R-1) and n + kR, and let the set consisting of them be ,,.
- the key distribution server 10 calculates MM, ⁇ ⁇ ⁇ , M lk by the following equation (9). Number 9
- the effective subscriber terminal 20 is ⁇ , (hereinafter, the subscriber terminal ⁇ ,) Calculates the header information H necessary for calculating the distribution key U of the I-round by the following formula 10 (step 203).
- the key update information for delivering the group key to the I + 1 round (that is, used by the subscriber terminal 20 in the key update processing in the decryption processing of the I + 1 round group key) is used.
- the key distribution server 10 distributes ( ⁇ ,, C,) to all the subscriber terminals 20 (that is, ⁇ ) by broadcast (step 205).
- the subscriber terminal V ( ⁇ ,) which is the subscriber terminal 20 capable of decoding in the I-round, decodes the I-round according to the following equation (12) (step 206).
- Each valid subscriber terminal V e ⁇ is pre-calculated using the key update information included in the URL distributed from the key distribution server 10 according to the following equation 13 (that is, I + 1 round Key update processing (processing before group key distribution) is performed (step 207).
- the key distribution server 10 performs the following pre-calculation of the following equation (14) prior to generation of the I + 1 round group key.
- the key update process (pre-computation) by these subscriber terminals 20 and the key distribution server 10 uses the information distributed together with the I-round group key to obtain the I + 1 round group key. Run it before distribution. It is examined whether the broadcast-type cryptographic communication system according to the present embodiment configured as described above satisfies the above-mentioned four requirements for security and efficiency.
- the length of the ciphertext distributed in the present embodiment is O (k)
- the size of the private key is O (1), which also meets requirement 3.
- the decoding process in the present embodiment is configured by two modulo operations, and also satisfies requirement 4. Next, it is shown that the present embodiment satisfies the remaining requirement 2.
- Requirement 2 can be paraphrased as follows using the DDH problem (Decision Diffie-HeI Iman Problem).
- the group key sharing method when updating the group key, certifiable security can be ensured, and part of the decryption processing of the group key is performed by a pre-calculation before the group key is distributed.
- the decryption processing can be realized only by two modular exponentiation operations without depending on the number n of the subscriber terminals and the maximum number k of the terminals to be excluded. Therefore, it is particularly effective in a network system in which the number of subscriber terminals 20 is enormous.
- the configuration in the case where the broadcast cryptographic communication system according to the present embodiment is applied to various network systems. An example will be described.
- Peer ⁇ In a peer-to-peer (P2P) type network system, the present embodiment can be used to perform intra-group communication safely and at high speed. In other words, all peers in the group in the network system share one key (group key) and perform broadcast encryption communication.
- group key group key
- FIG. 3 is a diagram showing a configuration of a peer-to-peer network system to which the present embodiment is applied.
- the group manager 1 of the target network system constitutes the key distribution server 10 of the present embodiment
- each peer (Peer) in the group constitutes the subscriber terminal 20.
- the game consoles are regarded as peers, and a peer-to-peer network is constructed to facilitate online user interaction.
- Game has appeared.
- a server equivalent to a group manager provides game content to each game machine, and progresses the game while performing peer-to-peer communication between the game machines.
- FIG. 4 is a diagram showing the configuration of this type of content distribution system to which the present embodiment is applied.
- a server that distributes game contents constitutes a key distribution server 10 of the present embodiment, and each game machine constitutes a subscriber terminal 20.
- the broadcast-type encrypted communication according to the present embodiment realizes high-speed decryption processing and can support a large-scale network, it can be applied to content distribution in the system shown in FIG.
- the group key can be shared at high speed, and the encrypted content can be decrypted in real time upon receipt.
- the time-consuming key update process can be performed by using the surplus processing capacity at the time of executing the content after the content is received.
- the content distribution for executing an online game has been described as an example, but in the case of distributing various other types of content to be executed in real time in addition to the game, the present invention is not limited to this. It goes without saying that the broadcast encryption communication according to the embodiment can be applied.
- FIG. 5 is a diagram showing a configuration of a service providing system for mobile phones to which the present embodiment is applied.
- the server that provides the service constitutes the key distribution server 10
- the mobile phone for which the use of the service has been registered constitutes the subscriber terminal 20.
- FIG. 6 is a diagram showing a configuration of a multimedia content distribution system to which the present embodiment is applied.
- a content provider that provides multimedia content constitutes a key distribution server 10 of the present embodiment, and a reproducing device of the multimedia content constitutes a subscriber terminal 20.
- DVD media is distributed with encrypted digital content (movies, music, software, etc.) stored.
- the encrypted content is decrypted using a decryption key stored in a playback decoder mounted on the playback device.
- the decryption key is different for each manufacturer of the decryption device and is stored in the secure memory area of the decryption device.
- cracker analysis and manufacturer A situation where the decryption key is leaked due to mishandling may occur.
- an encryption method that makes some decryption keys unusable is required.
- FIG. 7 is a diagram showing a configuration of a secret broadcasting system to which the present embodiment is applied.
- the broadcast station of the secret broadcast constitutes the key distribution server 10
- each wireless receiver constitutes the subscriber terminal 20.
- the lost radio is used by excluding the radio from the group ( ⁇ ) of the subscriber terminal 20 and sharing a new group key. Can be impossible.
- a high-security and high-speed group key updating method can be provided.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
- Mobile Radio Communication Systems (AREA)
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/511,466 US7539315B2 (en) | 2002-04-30 | 2003-04-28 | Encrypted communication system, key delivery server thereof, terminal device and key sharing method |
EP03720980A EP1501237A4 (en) | 2002-04-30 | 2003-04-28 | NUMERIC COMMUNICATION SYSTEM, ASSOCIATED KEY TRANSMITTING SERVER, TERMINAL, AND KEY SHARING METHOD |
AU2003235971A AU2003235971A1 (en) | 2002-04-30 | 2003-04-28 | Encrypted communication system, key delivery server thereof, terminal device, and key sharing method |
JP2004502536A JP4156588B2 (ja) | 2002-04-30 | 2003-04-28 | 暗号通信システム、その鍵配布サーバ、端末装置及び鍵共有方法 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2002-129359 | 2002-04-30 | ||
JP2002129359 | 2002-04-30 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2003094422A1 true WO2003094422A1 (fr) | 2003-11-13 |
Family
ID=29397305
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2003/005482 WO2003094422A1 (fr) | 2002-04-30 | 2003-04-28 | Systeme de communication chiffree, serveur de remise de cle associe, terminal, et procede de partage de cle |
Country Status (7)
Country | Link |
---|---|
US (1) | US7539315B2 (ja) |
EP (1) | EP1501237A4 (ja) |
JP (1) | JP4156588B2 (ja) |
CN (1) | CN100505618C (ja) |
AU (1) | AU2003235971A1 (ja) |
TW (1) | TWI246298B (ja) |
WO (1) | WO2003094422A1 (ja) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2006324929A (ja) * | 2005-05-18 | 2006-11-30 | Toshiba Corp | 匿名認証システム、装置及びプログラム |
JP2009505448A (ja) * | 2005-04-25 | 2009-02-05 | サムスン エレクトロニクス カンパニー リミテッド | デジタルコンテンツの管理方法及びこのための装置 |
WO2009107474A1 (ja) * | 2008-02-29 | 2009-09-03 | 三菱電機株式会社 | 鍵管理サーバ、端末、鍵共有システム、鍵配信プログラム、鍵受信プログラム、鍵配信方法及び鍵受信方法 |
US8161296B2 (en) | 2005-04-25 | 2012-04-17 | Samsung Electronics Co., Ltd. | Method and apparatus for managing digital content |
JP2013128159A (ja) * | 2011-12-16 | 2013-06-27 | Secom Co Ltd | 鍵管理システム |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3761557B2 (ja) * | 2004-04-08 | 2006-03-29 | 株式会社日立製作所 | 暗号化通信のための鍵配付方法及びシステム |
FR2881300B1 (fr) * | 2005-01-21 | 2007-03-16 | Gemplus Sa | Procede de generation d'une courbe elliptique, application a un procede cryptographique, et procede cryptographique une telle courbe |
KR100708162B1 (ko) * | 2005-04-25 | 2007-04-16 | 삼성전자주식회사 | 도메인 관리 방법 및 그를 위한 장치 |
ATE411666T1 (de) * | 2005-12-01 | 2008-10-15 | Bravis Gmbh | Verfahren zum ändern eines gruppenschlüssels in einer gruppe von netzelementen in einem netz |
WO2007071265A1 (en) * | 2005-12-19 | 2007-06-28 | Telecom Italia S.P.A. | Group signature scheme with improved efficiency, in particular in a join procedure |
FR2895177B1 (fr) * | 2005-12-20 | 2008-06-13 | Eads Telecom Soc Par Actions S | Partage d'un element secret |
EP1890493A1 (fr) | 2006-08-17 | 2008-02-20 | Nagracard S.A. | Méthode de révocation de modules de sécurité utilisés pour sécuriser des messages diffusés |
EP2163029A2 (en) * | 2007-05-22 | 2010-03-17 | Koninklijke Philips Electronics N.V. | Updating cryptographic key data |
TWI378702B (en) * | 2007-08-24 | 2012-12-01 | Ind Tech Res Inst | Group authentication method |
CN102065135B (zh) * | 2010-12-15 | 2013-02-13 | 中国联合网络通信集团有限公司 | 点对点数据获取方法、系统及服务器 |
CN102324994B (zh) * | 2011-09-30 | 2014-04-30 | 香港应用科技研究院有限公司 | 用于广播加密最优化和可扩展性的系统和方法 |
US8842840B2 (en) * | 2011-11-03 | 2014-09-23 | Arvind Gidwani | Demand based encryption and key generation and distribution systems and methods |
US9075992B2 (en) * | 2012-05-01 | 2015-07-07 | Harris Corporation | Systems and methods for identifying, deterring and/or delaying attacks to a network using shadow networking techniques |
WO2015167381A1 (en) * | 2014-04-30 | 2015-11-05 | Telefonaktiebolaget L M Ericsson (Publ) | Residential local break out in a communication system |
US11227057B2 (en) * | 2018-11-08 | 2022-01-18 | International Business Machines Corporation | Membership access management of a database |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000216766A (ja) * | 1999-01-20 | 2000-08-04 | Kodo Ido Tsushin Security Gijutsu Kenkyusho:Kk | 排他的鍵共有法 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3620138B2 (ja) | 1996-02-05 | 2005-02-16 | 松下電器産業株式会社 | 鍵共有システム |
DE69940842D1 (de) * | 1998-12-25 | 2009-06-18 | Matsushita Comm Ind Co Ltd | Verfahren zur gemeinsamen nutzung eines exklusiven schlüssels |
US6240188B1 (en) * | 1999-07-06 | 2001-05-29 | Matsushita Electric Industrial Co., Ltd. | Distributed group key management scheme for secure many-to-many communication |
US7065643B1 (en) * | 2000-03-28 | 2006-06-20 | Motorola, Inc. | Network compromise recovery methods and apparatus |
EP1249964A3 (en) * | 2001-04-12 | 2004-01-07 | Matsushita Electric Industrial Co., Ltd. | Reception terminal, key management apparatus, and key updating method for public key cryptosystem |
US7308583B2 (en) * | 2002-01-25 | 2007-12-11 | Matsushita Electric Industrial Co., Ltd. | Data distribution system |
-
2003
- 2003-04-25 TW TW092109715A patent/TWI246298B/zh not_active IP Right Cessation
- 2003-04-28 AU AU2003235971A patent/AU2003235971A1/en not_active Abandoned
- 2003-04-28 CN CNB038094223A patent/CN100505618C/zh not_active Expired - Fee Related
- 2003-04-28 EP EP03720980A patent/EP1501237A4/en not_active Withdrawn
- 2003-04-28 US US10/511,466 patent/US7539315B2/en not_active Expired - Fee Related
- 2003-04-28 JP JP2004502536A patent/JP4156588B2/ja not_active Expired - Fee Related
- 2003-04-28 WO PCT/JP2003/005482 patent/WO2003094422A1/ja active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000216766A (ja) * | 1999-01-20 | 2000-08-04 | Kodo Ido Tsushin Security Gijutsu Kenkyusho:Kk | 排他的鍵共有法 |
Non-Patent Citations (2)
Title |
---|
ANZAI J ET AL.: "A Flexible Method for Masked Sharing of Group Keys", IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS, COMMUNICATIONS AND COMPUTER SCIENCES, INSTITUTE OF ELECTRONICS INFORMATION AND COMM. ENG. TOKYO, vol. E84-A, no. 1, 1 January 2001 (2001-01-01), pages 239 - 246, XP001006545 |
See also references of EP1501237A4 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2009505448A (ja) * | 2005-04-25 | 2009-02-05 | サムスン エレクトロニクス カンパニー リミテッド | デジタルコンテンツの管理方法及びこのための装置 |
US8161296B2 (en) | 2005-04-25 | 2012-04-17 | Samsung Electronics Co., Ltd. | Method and apparatus for managing digital content |
JP2006324929A (ja) * | 2005-05-18 | 2006-11-30 | Toshiba Corp | 匿名認証システム、装置及びプログラム |
WO2009107474A1 (ja) * | 2008-02-29 | 2009-09-03 | 三菱電機株式会社 | 鍵管理サーバ、端末、鍵共有システム、鍵配信プログラム、鍵受信プログラム、鍵配信方法及び鍵受信方法 |
JPWO2009107474A1 (ja) * | 2008-02-29 | 2011-06-30 | 三菱電機株式会社 | 鍵管理サーバ、端末、鍵共有システム、鍵配信プログラム、鍵受信プログラム、鍵配信方法及び鍵受信方法 |
JP5241818B2 (ja) * | 2008-02-29 | 2013-07-17 | 三菱電機株式会社 | 端末 |
JP2013128159A (ja) * | 2011-12-16 | 2013-06-27 | Secom Co Ltd | 鍵管理システム |
Also Published As
Publication number | Publication date |
---|---|
US7539315B2 (en) | 2009-05-26 |
TW200407023A (en) | 2004-05-01 |
JPWO2003094422A1 (ja) | 2005-09-08 |
US20050141720A1 (en) | 2005-06-30 |
JP4156588B2 (ja) | 2008-09-24 |
TWI246298B (en) | 2005-12-21 |
CN100505618C (zh) | 2009-06-24 |
EP1501237A1 (en) | 2005-01-26 |
CN1650570A (zh) | 2005-08-03 |
AU2003235971A1 (en) | 2003-11-17 |
EP1501237A4 (en) | 2005-06-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4156588B2 (ja) | 暗号通信システム、その鍵配布サーバ、端末装置及び鍵共有方法 | |
CN109756329B (zh) | 基于私钥池的抗量子计算共享密钥协商方法和系统 | |
US6941457B1 (en) | Establishing a new shared secret key over a broadcast channel for a multicast group based on an old shared secret key | |
JP3864247B2 (ja) | ネットワークシステム、端末装置、情報の配信方法及び復号方法 | |
EP2700187B1 (en) | Discovery of security associations | |
US6987855B1 (en) | Operational optimization of a shared secret Diffie-Hellman key exchange among broadcast or multicast groups | |
EP1526676A1 (en) | Conference session key distribution method on an id-based cryptographic system | |
JP4071870B2 (ja) | 秘密鍵生成方法 | |
US20020191796A1 (en) | Symmetric and asymmetric encryption method with arbitrarily selectable one-time keys | |
JP2011501585A (ja) | キー配信用の方法、システムおよび機器 | |
JP2004015241A (ja) | 暗号通信システム、その端末装置及びサーバ並びに復号方法 | |
WO2009143766A1 (zh) | 一种密钥分配方法及系统和在线更新公钥的方法及系统 | |
US10630476B1 (en) | Obtaining keys from broadcasters in supersingular isogeny-based cryptosystems | |
CN110493272B (zh) | 使用多重密钥的通信方法和通信系统 | |
CN111478911A (zh) | 一种采用轻量化密钥交换算法的即时通信加密方法 | |
CN114765543B (zh) | 一种量子密码网络扩展设备的加密通信方法及系统 | |
CN113297599A (zh) | 数据传输系统、数据获取方法、终端和存储介质 | |
US10880278B1 (en) | Broadcasting in supersingular isogeny-based cryptosystems | |
CN106452736B (zh) | 密钥协商方法和系统 | |
JP3074164B2 (ja) | 排他的鍵共有法 | |
CN110061836B (zh) | 一种具有前向安全性的组密钥分发方法 | |
IL142449A (en) | A method for creating a common key between its exchanges and a group of subscribers | |
KR100588302B1 (ko) | 모바일 환경에서의 그룹통신을 위한 세션키 생성 방법 | |
Mishra et al. | A certificateless authenticated key agreement protocol for digital rights management system | |
Al-Bakri et al. | A novel peer-to-peer SMS security solution using a hybrid technique of NTRU and AES-Rijndael |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 10511466 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 20038094223 Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2004502536 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2003720980 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2003720980 Country of ref document: EP |