WO2006041082A1 - 正規コンテンツ確認システム - Google Patents
正規コンテンツ確認システム Download PDFInfo
- Publication number
- WO2006041082A1 WO2006041082A1 PCT/JP2005/018777 JP2005018777W WO2006041082A1 WO 2006041082 A1 WO2006041082 A1 WO 2006041082A1 JP 2005018777 W JP2005018777 W JP 2005018777W WO 2006041082 A1 WO2006041082 A1 WO 2006041082A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- content
- receiver
- update information
- transmitter
- regular
- Prior art date
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 66
- 238000000034 method Methods 0.000 title claims abstract description 54
- 238000012790 confirmation Methods 0.000 claims description 220
- 238000013475 authorization Methods 0.000 claims 1
- 238000004891 communication Methods 0.000 abstract description 7
- 238000012544 monitoring process Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 16
- 238000004364 calculation method Methods 0.000 description 12
- 238000012545 processing Methods 0.000 description 9
- 238000004458 analytical method Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 2
- 241000406668 Loxodonta cyclotis Species 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/254—Management at additional data server, e.g. shopping server, rights management server
- H04N21/2541—Rights Management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/20—Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
- H04N21/25—Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
- H04N21/258—Client or end-user data management, e.g. managing client capabilities, user preferences or demographics, processing of multiple end-users preferences to derive collaborative data
- H04N21/25808—Management of client data
- H04N21/25816—Management of client data involving client authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/40—Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
- H04N21/43—Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
- H04N21/44—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs
- H04N21/4405—Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream, rendering scenes according to MPEG-4 scene graphs involving video stream decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N21/00—Selective content distribution, e.g. interactive television or video on demand [VOD]
- H04N21/80—Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
- H04N21/83—Generation or processing of protective or descriptive data associated with content; Content structuring
- H04N21/835—Generation of protective data, e.g. certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/167—Systems rendering the television signal unintelligible and subsequently intelligible
- H04N7/1675—Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N7/00—Television systems
- H04N7/16—Analogue secrecy systems; Analogue subscription systems
- H04N7/173—Analogue secrecy systems; Analogue subscription systems with two-way working, e.g. subscriber sending a programme selection signal
- H04N7/17309—Transmission or handling of upstream communications
- H04N7/17318—Direct or substantially direct transmission and handling of requests
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2129—Authenticate client device independently of the user
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
- G11B20/00485—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier
- G11B20/00492—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/00731—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction
- G11B20/00746—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number
- G11B20/00753—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number wherein the usage restriction limits the number of copies that can be made, e.g. CGMS, SCMS, or CCI flags
- G11B20/00768—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number wherein the usage restriction limits the number of copies that can be made, e.g. CGMS, SCMS, or CCI flags wherein copy control information is used, e.g. for indicating whether a content may be copied freely, no more, once, or never, by setting CGMS, SCMS, or CCI flags
- G11B20/00775—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a digital rights management system for enforcing a usage restriction wherein the usage restriction can be expressed as a specific number wherein the usage restriction limits the number of copies that can be made, e.g. CGMS, SCMS, or CCI flags wherein copy control information is used, e.g. for indicating whether a content may be copied freely, no more, once, or never, by setting CGMS, SCMS, or CCI flags wherein said copy control information is encoded in an encryption mode indicator [EMI]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/60—Digital content management, e.g. content distribution
Definitions
- the present invention when content is distributed via a network, legitimate content confirmation related to data transmission security technology for transmitting / receiving legitimate content between a distribution source (transmitter) and a distribution destination (receiver) is performed.
- the present invention relates to a method, a content transmission / reception system, a transmitter and a receiver.
- FIGS 8 and 9 show the HTTP protocol (data is exchanged in such a way that the server returns a response to the request from the client after establishing a connection between the server and the client). It is an example of a functional block diagram of a transmitter and a receiver in a conventional transmission system using the DTCP-IP used.
- the transmitter 800 in FIG. 8 includes a certificate 'key holding unit 801, an exchange key creation unit 802, an authentication' key exchange unit 803, an update information creation / update unit 804, a copy control information management unit 805, and a content key calculation.
- Certificate 'key holding unit 801 holds a public key encryption key pair (public key, private key) and a certificate. is doing.
- Exchange key creation section 802 generates an exchange key (Kx) used to calculate a content key (Kc) for encrypting content.
- the authentication 'key exchange unit 803 receives an authentication request from the receiver and confirms whether or not the receiver is a legitimate device by authentication.
- a method of performing a range response authentication using a public key encryption key pair (public key and private key) and a certificate held by the transmitter and the receiver, respectively, is used.
- the authentication key (Kauth) is shared between the transmitter and receiver during authentication, and the exchange key (Kx) created by the exchange key creation unit 802 using the shared authentication key (Kauth) after authentication. Is passed to the receiver.
- the series of processes from authentication to key acquisition is performed by the authentication / key exchange unit 803.
- Update information creation ⁇ Update section 804 creates or updates update information (Nc).
- creation is to create new update information (Nc) by random number generation, etc., and update is to add 1 to the current value.
- Update information (Nc) is created by establishing a TCP connection. The update is performed according to a predetermined rule. As the predetermined rule, an HTTP request on the same TCP connection is updated for each response. Power Since it is not the main point of the present invention, the description is omitted here.
- the created and updated update information (Nc) is used to calculate the content key (Kc) according to a predetermined rule in order to maintain content protection. Further, the update information (Nc) is attached to the content encrypted with the content key (Kc) and passed to the receiver.
- the copy control information management unit 805 manages, as copy control information (E_EMI), the encryption mode adapted to the content, which is the management content of each content (for example, copy prohibition, one-generation copy is possible). To do.
- the copy control information (E_EMI) is used to calculate the content key (Kc), and is passed to the receiver along with the content encrypted with the calculated content key (Kc).
- the content key calculation unit 806 includes the exchange key (Kx) created by the exchange key creation unit 802, update information creation ⁇ created by the update unit 804 ⁇ updated update information (Nc), copy control information management unit
- the content key (Kc) is calculated from the copy control information (E_EMI) managed in 805 using a one-way function.
- the content storage unit 807 stores various contents to be distributed.
- the content encryption unit 808 encrypts the content to be distributed using the content key (Kc) calculated by the content key calculation unit 806.
- the content packet creation unit 809 updates the content encrypted by the content encryption unit 808, creates the update information, creates the updated unit 804, updates the updated information (Nc), and the copy control information management unit. Create a content packet with copy control information (E_EMI) managed in 805.
- Content packet transmission unit 810 transmits the content packet created by content packet creation unit 809.
- the HTTP protocol unit 811 performs HTTP server processing. Receives HTTP request's analysis, creates HTTP response and responds.
- the content packet created by the content packet creation unit 809 is transmitted as the body of the HTTP response to the HTTP GET request from the transmitter.
- the receiver 900 in FIG. 9 includes a certificate “key holding unit 901, an authentication” key exchange unit 902, an update information storage unit 903, a copy control information storage unit 904, a content key calculation unit 905, and a content usage unit. 906, a content decrypting unit 907, a content packet analyzing unit 908, a content packet receiving unit 909, and an HTTP protocol unit 910.
- Certificate / key holding unit 901 holds a key pair (public key, private key) of public key cryptography and a certificate.
- the authentication 'key exchange unit 902 makes an authentication request at a predetermined timing, the authentication key (Kauth) is shared between the transmitter and the receiver during the authentication, and is shared by the transmitter after the authentication. Receives and decrypts the exchange key (Kx) encrypted using the authentication key (Kauth).
- the update information storage unit 903 stores update information (Nc) associated with the encrypted content received by the transmitter.
- the copy control information storage unit 904 stores copy control information (E_EMI) accompanying the encrypted content.
- the content key calculation unit 905 includes the exchange key (Kx) passed from the transmitter by the authentication key exchange unit 902, the update information (Nc) stored in the update information storage unit 903, and copy control. Information storage unit 904 The content key (Kc) is calculated from the copy control information (E_EMI) stored in step 1 using a one-way function.
- the content using unit 906 uses the decrypted content by reproducing / recording it according to the copy control information (E_EMI) stored in the copy control information storage unit 904.
- E_EMI copy control information
- the content decryption unit 907 decrypts the encrypted content using the content key (Kc) calculated by the content key calculation unit 905.
- the content packet analysis unit 908 updates update information (Nc
- Content packet receiving section 909 receives a content packet.
- the HTTP protocol unit 910 performs HTTP client processing. Create HTTP request 'Send and Receive HTTP response' Parse.
- FIG. 10 shows an encryption communication protocol procedure in a conventional transmission system including the transmitter 800 shown in FIG. 8 and the receiver 900 shown in FIG.
- the transmitter 800 generates an exchange key (Kx).
- the transmitter 800 encrypts the exchange key (Kx) with the authentication key (Kauth) (Ksx) and sends it to the receiver 900.
- the receiver 900 decrypts the received Ksx with the authentication key (Kauth) to obtain the exchange key (Kx).
- the content request by the HTTP GET request is transmitted from the receiver 900 to the transmitter 800.
- the transmitter 800 generates update information (Nc).
- the transmitter 800 recognizes copy control information (E_EMI) of the content requested from the receiver 900.
- the transmitter 800 inputs the exchange key (Kx), update information (Nc), and copy control information (E_EMI).
- the content key (Kc) is calculated as a force parameter using a one-way function.
- the transmitter 800 encrypts the content requested from the receiver 900 with the content key (Kc).
- Transmitter 800 adds update information (Nc) and copy control information (E_EMI) to the encrypted content as the body of the HTTP GET response, and transmits it to the receiver.
- the receiver 900 acquires update information (Nc) from the received response.
- the receiver 900 acquires copy control information (E_EMI) from the received response.
- the receiver 900 calculates the content key (Kc) by a one-way function using the exchange key (Kx), update information (Nc), and copy control information (E—EMI) as input parameters. To do.
- the receiver 900 decrypts the encrypted content using the content key (Kc).
- FIG. 11 is a diagram illustrating a problem in the network configuration of the conventional transmission system. In the following, an example of a problem will be described with reference to FIG.
- Transmitter 800 and receiver 900 each have a valid encryption communication pair sharing an exchange key. Elephant equipment. Between the transmitter 800 and the receiver 900, the encrypted content (1112) with accompanying information is transmitted in response to the content request (1 111) of the receiver 900.
- Unauthorized device 1100 can monitor and record the HTTP request and response flowing on the bus (1113).
- Unauthorized device 1100 itself cannot decrypt and view content, but for example, after that, it hooks an HTTP request from receiver 900 to transmitter 800 (1114) and impersonates legitimate transmitter 800.
- the recorded content can be replaced with the content that should be received by the receiver 900 and transmitted (1115).
- the receiver 900 determines whether the replaced content is legitimate content transmitted from the legitimate transmitter 800 or content transmitted from the unauthorized device 1100. Since this is not possible, the user will be allowed to use the content that has been transmitted.
- the present invention solves the above-described conventional problem, and can determine whether the received content is valid content or not, a regular content confirmation method, a content transmission / reception system, a transmitter, and a reception
- the purpose is to provide machines.
- the first aspect of the present invention provides:
- Update information that is updated at a predetermined timing by the transmitter connected to the network in response to a content request of the receiver, and that is necessary for creating the content key used for content encryption and decryption.
- an update information collating step for collating whether the update information included in the regular confirmation request received from the receiver is predetermined update information; and in the transmitter, the update If it is determined that the information is the predetermined update information, an acknowledgment message is created using the update information and an exchange key shared in advance by both the transmitter and the receiver, and the receiver Send an acknowledgment message to Sending step,
- a regular content confirmation method comprising: a regular content determination step of determining that the content being received is regular content when the receiver receives the acknowledgment message from the transmitter. .
- the second present invention provides:
- the predetermined update information is the regular content confirmation method according to the first aspect of the present invention, wherein the predetermined update information is update information currently in use or update information before a predetermined number of updates.
- the third aspect of the present invention provides
- the receiver transmits a number that is different every time the regular confirmation request is transmitted, including the regular confirmation request.
- the transmitter uses the number included in the regular confirmation request to create the acknowledgment message, and is the regular content confirmation method according to the first aspect of the present invention.
- the fourth aspect of the present invention provides
- the receiver transmits the identification message created using the exchange key and the update information sent from the transmitter, including the regular confirmation request,
- the transmitter determines that the update information is the predetermined update information, and the transmitter itself determines that the identification message included in the regular confirmation request is the exchange message.
- the confirmation message is transmitted to the receiver when it is confirmed that the identification message matches the identification message created using the key and the update information.
- the fifth aspect of the present invention provides:
- the transmitter transmits a non-acknowledgement message to the receiver when it is determined that the update information is not the predetermined update information, and in the regular content determination step, the reception If the machine receives the non-acknowledgement message from the transmitter, the content being received is not legitimate content. If it is determined that the content is not used, this is the regular content confirmation method of the first aspect of the present invention.
- the sixth aspect of the present invention provides
- the receiver further includes a confirmation request retry transmission step in which the receiver repeatedly transmits the regular confirmation request for a predetermined period,
- the receiver when the receiver cannot receive the acknowledgment message even after the predetermined period, the received content is not used. This is a regular content confirmation method.
- the seventh aspect of the present invention provides
- the receiver further includes a confirmation request retry transmission step in which the receiver repeatedly transmits the regular confirmation request a predetermined number of times.
- the receiver In the regular content determination step, when the receiver cannot receive the acknowledgment message even after transmitting the regular confirmation request a predetermined number of times, the received content is not used.
- 1 is a regular content confirmation method according to the present invention.
- the eighth aspect of the present invention provides
- the regular confirmation request is repeatedly transmitted until a predetermined limit number of times, a predetermined limit period, or a predetermined stop condition is satisfied.
- the receiver receives the consent message after not using the received content, the received content is used. 7.
- the regular content confirmation method according to any one of 7 of the present invention.
- the ninth aspect of the present invention provides:
- a receiver that transmits a content request and update information that is connected to the receiver via a network and is updated at a predetermined timing in response to the content request from the receiver.
- a content transmission / reception system including a transmitter that transmits the update information necessary for creating a content key used for encryption and decryption of the content along with the encrypted content.
- Confirmation request means for transmitting a regular confirmation request created using an exchange key shared in advance with both of the transmitters and the update information received from the transmitter; and A confirmation result matching means for judging that the content being received is legitimate content when the acknowledgment message is received,
- the transmitter is a signal
- Confirmation request receiving means for receiving the regular confirmation request transmitted from the receiver
- Update information confirmation means for collating whether or not the update information included in the received regular confirmation request is predetermined update information
- the acknowledgment message is created using the exchange key shared by both the update information and the receiver, and It is a content transmission / reception system having an acknowledgment means for transmitting to the receiver.
- the tenth aspect of the present invention is
- Update information that is updated at a predetermined timing by the transmitter connected to the network in response to a content request of the receiver, and that is necessary for creating the content key used for content encryption and decryption.
- a transmitter used in a content transmission / reception system for transmitting accompanying encrypted content
- a confirmation request receiving means for receiving the request In the receiver, a normal confirmation created using the exchange key shared in advance with both the receiver and the update information received from the transmitter and transmitted from the receiver.
- Update information confirmation means for collating whether or not the update information included in the regular confirmation request received from the receiver is predetermined update information
- the update information and Confirmation response means for generating an acknowledgment message for determining whether or not the content being received by the receiver is legitimate content using the exchange key, and transmitting to the receiver. It is a transmitter.
- Update information that is updated at a predetermined timing by the transmitter connected to the network in response to a content request for the receiver, and that is necessary for creating the content key used for content encryption and decryption.
- a receiver used in a content transmission / reception system that transmits data accompanying encrypted content
- Confirmation request means for transmitting a regular confirmation request created using an exchange key shared in advance with both the transmitter and the update information received from the transmitter, and the transmitter received When it is determined that the update information included in the regular confirmation request is predetermined update information and an acknowledgment message created and transmitted using the update information and the exchange key is received, It is a receiver provided with a confirmation result collating means for judging that the content inside is regular content.
- the confirmation request step of transmitting the regular confirmation request at the receiver, and whether or not the update information is the predetermined update information at the transmitter The update information collating step, the acknowledgment message transmitting step of creating the acknowledgment message at the transmitter and transmitting it to the receiver, and the receiver receiving the acknowledgment message of the transmitter power
- the thirteenth aspect of the present invention provides
- a recording medium on which a program of the twelfth aspect of the present invention is recorded which can be processed by a computer.
- FIG. 1 is a diagram showing functional blocks of a transmitter used in the content transmission / reception system according to Embodiment 1 of the present invention.
- FIG. 2 is a diagram showing functional blocks of a receiver used in the content transmission / reception system according to Embodiment 1 of the present invention.
- FIG. 3 shows a processing procedure in the content transmission / reception system according to Embodiment 1 of the present invention.
- FIG. 4 is a diagram showing functional blocks of a receiver used in the content transmission / reception system according to Embodiment 2 of the present invention.
- FIG. 5 shows a processing procedure in the content transmission / reception system according to Embodiment 2 of the present invention.
- FIG. 6 is a diagram showing functional blocks of a receiver used in the content transmission / reception system according to Embodiment 3 of the present invention.
- FIG. 7 shows a processing procedure in the content transmission / reception system according to Embodiment 3 of the present invention.
- FIG. 9 Diagram showing functional blocks of a receiver in a conventional transmission system
- FIG.10 Diagram showing cryptographic communication protocol procedures in a conventional transmission system
- FIG. 11 is a diagram for explaining the problems in the network configuration of the conventional transmission system.
- FIG. 1 is a functional block diagram of a transmitter used in the content transmission / reception system according to Embodiment 1 of the present invention.
- Transmitter 100 is similar to conventional transmitter 800 shown in FIG. 8. Certificate 'key holding unit 801, exchange key creation unit 802, authentication / key exchange unit 803, copy control information management unit 805, content key A calculation unit 806, a content storage unit 807, a content encryption unit 808, a content packet creation unit 809, a content packet transmission unit 810, and an HTTP protocol unit 811 are provided. Furthermore, a confirmation request receiving unit 101, an identification information confirmation unit 102, an update information confirmation unit 103, a confirmation response unit 104, and an update information creation / update unit 105 are provided.
- confirmation request receiving unit 101 the update information confirming unit 103, and the confirmation response unit 104 are examples of the confirmation request receiving unit, the update information confirming unit, and the confirmation response unit of the present invention, respectively.
- the identification information confirmation unit 102 confirms whether or not the identification information included in the received confirmation request is information indicating that the receiver is a correct receiver.
- the identification information is also calculated using the update information (Nc) and any number (N) included in the confirmation request, and the exchange key (Kx) shared with the receiver. By performing the same calculation, it is possible to confirm whether the transmitter is V, correct, or identification information.
- the identification information the number obtained by concatenating the exchange keys (Kx) is input to the hash function, and the calculated hash value, the update information (Nc), and an arbitrary number (N) are added. Furthermore, the lower 80 bits of the value (160 bits) obtained by entering the hash function. Since the original value cannot be reproduced based on this value, it is not possible to decrypt the exchange key (Kx) from this identification information. Can not ,.
- the confirmation request corresponds to an example of a regular confirmation request of the present invention
- the identification information corresponds to an example of an identification message of the present invention.
- the update information creation / update unit 105 like the conventional update information creation / update unit 804 of the transmitter 800, creates or updates the update information (Nc) at the same time as the update information (pre_ Nc) is retained.
- the update information confirmation unit 103 confirms whether or not the update information (test_Nc) included in the received confirmation request matches the update information currently used by the transmitter 100 for content transmission.
- the update information in use refers to the update information (Nc) managed by the update information creation / update unit 105 or the immediately preceding update information (pre_Nc). Also, considering that the update information is changed in a short period of time, a plurality of update information used so far may be held as the last update information.
- the update information in use used for confirming the coincidence with the update information corresponds to an example of the predetermined update information of the present invention.
- the plurality of update information used so far corresponds to an example of the update information before updating a predetermined number of times according to the present invention.
- the confirmation response unit 104 receives the update information (test_Nc), an arbitrary number (N), and the receiver Create an acknowledgment message using the exchange key (Kx) shared between and and send it to the receiver.
- the acknowledgment message is calculated as follows.
- the concatenated number of exchange keys (Kx) is input to the hash function and the hash value is calculated.
- the confirmation response unit 104 creates an unacknowledged message and transmits it to the receiver.
- the non-acknowledgement message may use a value different from that of the acceptance message as its purpose.
- the lower 80 bits of the value obtained in the same manner as the acknowledgment message may be used. Also, use the upper 80 bits of the value obtained by changing any number (N) used to calculate the hash value (for example, adding 1) as in the acknowledgment message.
- FIG. 2 is a functional block diagram of a receiver used in the content transmission / reception system according to Embodiment 1.
- the receiver 200 is similar to the conventional receiver 900 shown in FIG. 9 in that it includes a certificate 'key holding unit 901, an authentication / key exchange unit 902, an update information storage unit 903, a copy control information storage unit 904, content A key calculation unit 905, a content decryption unit 907, a content packet analysis unit 908, and an HTT p protocol unit 910 are provided. Furthermore, a confirmation parameter generation unit 201, a confirmation request unit 202, a confirmation result collation unit 203, a content packet reception unit 204, and a content use unit 205 are provided.
- confirmation requesting unit 202 and the confirmation result collating unit 203 are examples of the confirmation requesting unit and the confirmation result collating unit of the present invention, respectively.
- the confirmation parameter generation unit 201 generates a different number (N) for each confirmation request.
- the identification information is calculated using the update information (Nc), the created arbitrary number (N), and the exchange key (Kx) shared with the transmitter. Since the calculation method of the identification information has been described above, it will be omitted.
- the confirmation request unit 202 includes update information stored in the update information storage unit 903 (Nc attached to the currently received encrypted content and becomes Test_Nc), and a confirmation parameter generation unit 201.
- a confirmation request consisting of the arbitrary number (N) created in step 1 and identification information is sent to the transmitter.
- Confirmation result collating section 203 confirms whether or not the response message power acknowledgment message has also received the transmitter power.
- the transmitter is transmitted using the transmitted update information (test_Nc), an arbitrary number (N), and the exchange key (Kx) shared with the transmitter.
- the confirmation response unit 104 calculates the approval message in the same manner as the approval message is calculated, and compares it with the response message received from the transmitter. Since the method for calculating the acknowledgment message is described above, it will be omitted.
- the content packet receiving unit 204 receives the result determined by the confirmation result checking unit 203, and when it is determined that the response message received from the transmitter is not an acknowledgment message, the content packet receiving unit 204 includes the HTTP including the content. Until the response ends, the content packet received as the body is discarded. If the response message received from the transmitter is an acknowledgment message, that is, if it is determined that it is being transmitted from a legitimate transmitter, it is determined that the correct content has been received, and Continue receiving content.
- the content utilization unit 205 receives the result determined by the confirmation result matching unit 203, and when it is determined that the response message received by the transmitter is not an acknowledgment message, Stop using the content. If the response message received from the transmitter is an acknowledgment message, that is, it is determined that the message is transmitted from a legitimate transmitter, it is determined that the correct content is received and the content is used as it is. Continue.
- FIG. 3 is a diagram showing a processing procedure (protocol) in the content transmission / reception system of the first embodiment provided with the transmitter 100 of FIG. 1 and the receiver 200 of FIG.
- the processing procedures for authentication 'key sharing and content request / reception are the same as those described in FIG.
- Step S321 The content use unit 205 starts using the decrypted content.
- Step S322 The confirmation parameter generation unit 201 creates an arbitrary number (N) and identification information.
- N is created so that it is not equal to the number used in the last confirmation request.
- Step S323 The confirmation request unit 202 creates and transmits a confirmation request using the update information (Nc), the arbitrary number (N), and the identification information attached to the content.
- Step S324 The confirmation result matching unit 203 receives a response message from the transmitter 100.
- Step S325 Confirmation result collating section 203 confirms whether or not the received response message is an acknowledgment message. If it is an acknowledgment message, proceed to step S326 and continue using the content. If it is not an acknowledgment message, proceed to step S327 and stop using the content.
- Step S326 The content ⁇ IJ unit 205 continues to use the decrypted content.
- Step S327 The content using unit 205 stops using the content, and the content packet receiving unit 204 discards the content packet being received.
- Step S311 The confirmation request receiving unit 101 receives a confirmation request from the receiver.
- Step S312 The identification information confirmation unit 102 determines whether or not the identification information included in the received confirmation request is correct. If it is correct, the process proceeds to step S313 to check the update information. If not correct, proceed to step S316 to create a non-acknowledgement message.
- Step S313 The update information confirmation unit 103 determines whether or not the update information included in the received confirmation request can be regarded as being used. If it is in use, proceed to step S314 and create an acknowledgment message. If not, go to step S316 and create a non-acknowledgement message.
- Step S314 The acknowledgment unit 104 uses the update information received from the receiver 200, an arbitrary number (N), and an acknowledgment message using the exchange key (Kx) shared with the receiver. Create
- Step S316 The confirmation response unit 104 creates an unacknowledged message different from the acknowledged message. Continue to step S315.
- Step S315 The confirmation response unit 104 transmits a response message (acknowledgment message or unacknowledgement message).
- step S323 power corresponds to an example of the confirmation request step of the present invention
- step S32 5 power corresponds to an example of the regular content determination step of the present invention
- step S313 corresponds to an example of the update information collation step of the present invention
- processing power combining step S314 and step S315 corresponds to an example of the acknowledgment message transmission step of the present invention.
- the update information is updated by the transmitter according to a predetermined rule. Therefore, when an unauthorized device replaces content, the update information attached to the replaced content does not match the update information held by the transmitter at that time. Therefore, the transmitter can confirm whether or not the receiver is currently receiving the content correctly! / From the update information included in the confirmation request transmitted from the receiver.
- an acknowledgment message which is a notification of the confirmation result
- the receiver can receive the received acknowledgment message.
- the legitimate transmitter power can also be confirmed as to whether it has been sent. As a result, it is possible to discriminate content that has been improperly impersonated and has been replaced.
- the update information update in the transmitter is an internal process, so the last update information is attached. Since it is possible that the content will be processed at an earlier timing than the receiver receives it, the latest update information is also subject to approval, reducing the frequency of incorrect confirmation regarding correct content transmission / reception. The effect of doing is obtained.
- an unauthorized device stores a combination of update information and an acknowledgment message exchanged between a transmitter and a receiver. Even if the receiver sends a confirmation request while receiving the content to be impersonated by the spoofing device, even if it sends an acknowledgment message corresponding to the same confirmation request stored by the unauthorized device, it is received. The success of identification in the machine can be prevented.
- the unauthorized device can update information that is currently in use. Even if it is transmitted to the transmitter, the corresponding acknowledgment message cannot be obtained, so that the receiver can prevent identification success at the receiver while the spoofing device is receiving replacement content. Can do.
- the receiver cannot receive an acknowledgment message, that is, if it receives a non-acknowledgment message, the received content will not be used and an unauthorized device will interfere. It is possible to prevent substitution content from unauthorized impersonation equipment from being made available to the user.
- the present invention is not limited to this.
- the transmission and reception are performed. It can also be applied to the case where the machine delivers content in real time.
- FIG. 4 is a functional block diagram of a receiver used in the content transmission / reception system according to Embodiment 2 of the present invention.
- the configuration of the transmitter used in the content transmission / reception system of the second embodiment is the same as that of the first embodiment, as shown in FIG.
- a confirmation request is retried up to a predetermined number of times from the receiver and the transmitter.
- the receiver 400 is similar to the receiver 200 of the first embodiment shown in FIG. 2.
- a numeric key calculation unit 905, a content decryption unit 907, a content packet analysis unit 908, an HTTP protocol unit 910, a confirmation parameter generation unit 201, a confirmation request unit 202, and a confirmation result matching unit 203 are provided.
- a retry determining unit 401, a content packet receiving unit 402, and a content using unit 403 are provided.
- the retry determining unit 401 determines whether or not to perform a retry when the confirmation result checking unit 203 determines NO. Here, for example, if it is determined whether or not to retry further by the number of confirmation requests, and if the same update information has already been used for two confirmation requests in succession, further retry is performed. Judge that there is no.
- the content packet receiving unit 402 receives the result determined by the confirmation result matching unit 203 via the retry determining unit 401, and determines that the response message received from the transmitter is not an acknowledgment message. If this happens, the content packet received as that body is discarded until the end of the HTTP response containing that content. If it is determined that the response message received from the transmitter is an acknowledgment message, that is, it is transmitted from a legitimate transmitter !, it is determined that the correct content is received, and the content is received as it is. continue.
- the content utilization unit 403 receives the result determined by the confirmation result verification unit 203 via the retry determination unit 401, and determines that the response message received by the transmitter is not an acknowledgment message. Stops using the content. If it is determined that the response message received from the transmitter is an acknowledgment message, that is, it is transmitted from a legitimate transmitter, it is determined that the correct content has been received and the content is used as it is. .
- FIG. 5 is a diagram showing a processing procedure (protocol) in the content transmission / reception system of the second embodiment provided with the transmitter 100 of FIG. 1 and the receiver 400 of FIG.
- Steps S321 to S324 are the same as those described with reference to FIG.
- Step S325 Confirmation result collating section 203 confirms whether or not the received response message is an acknowledgment message. If it is an acknowledgment message, proceed to step S326 to Continue to use the tentsu. If it is not an acknowledgment message, the process proceeds to step S501 to determine whether or not to retry.
- Step S326 Content ⁇ IJ part 403 ⁇ Continue using the decrypted content.
- Step S501 Retry determination unit 401 determines whether or not to retry the confirmation request. When retrying, the process returns to step S322 to prepare for sending a confirmation request. If not, go to S327.
- step S501 corresponds to an example of a confirmation request retry transmission step of the present invention.
- the maximum predetermined number of retries of 2 set in the retry determining unit 401 here is an example of the predetermined number of times that the regular confirmation request is repeatedly transmitted in the confirmation request retry step of the present invention.
- Step S327 The content use unit 403 stops using the content, and the content packet receiving unit 402 discards the content packet being received.
- the maximum predetermined number of retries has been described as two, but an appropriate number may be set in accordance with the usage status and usage environment of the content transmission / reception system used. .
- the number of retries is limited, but it may be set in a period (time).
- the period set in the retry determination unit 401 as a retry limit if the determination in step S501 is made during the set period, the process returns to step S322 and the setting is made. If the determination in step S501 is made after the elapse of the set period, the process proceeds to S327 without returning to step S322.
- the period set in the retry determination unit 401 as the retry limit is an example of a predetermined period in which the regular confirmation request is repeatedly transmitted in the confirmation request retry step of the present invention.
- the update information used at the time of the retry is fixed to be the same as the update information used in the first confirmation request, but may be synchronized with the update information that changes with the received content. .
- FIG. 6 is a functional block diagram of a receiver used in the content transmission / reception system according to Embodiment 3 of the present invention.
- the configuration of the transmitter used in the content transmission / reception system of the third embodiment is the same as that of the first embodiment and is as shown in FIG.
- Embodiment 3 after the receiver stops using the received content, a confirmation request is made until an acknowledgment message can be received.
- Receiver 600 is similar to receiver 400 of Embodiment 2 shown in FIG. 4. Certificate 'key holding unit 901, authentication / key exchange unit 902, update information storage unit 903, copy control information storage unit 904, a content key calculation unit 905, a content decryption unit 907, a content packet analysis unit 908, an HTTP protocol unit 910, a confirmation parameter generation unit 201, a confirmation result collation unit 203, a retry determination unit 401, and a content use unit 403. Furthermore, a check request unit 601 and a content packet receiving unit 602 are provided.
- the confirmation request unit 601 transmits a confirmation request to the transmitter even after the use of the content is stopped.
- the timing at which the confirmation request is transmitted is the repetition of the retry retry time set in advance.
- content packet receiving unit 602 passes the received content packet to content packet analyzing unit 908 without discarding it. This is to store the update information (Nc) and copy control information (E_EMI) associated with the content currently being received that is necessary for creating the confirmation request.
- FIG. 7 shows the container of the third embodiment including the transmitter 100 of FIG. 1 and the receiver 600 of FIG. It is a figure which shows the process sequence (protocol) in the transmission / reception system.
- Steps S321 to S327 are the same as those described with reference to FIG.
- Step S701 Confirmation request unit 601 confirms whether the retry restart time has elapsed since the previous confirmation request was transmitted. If it has elapsed, reception by content packet reception unit 602 Cancels the discard of the content packet, returns to step S322, and sends a confirmation request. Step S701 corresponds to an example of the confirmation request retransmission step according to the present invention.
- the confirmation request unit 601 may be set with a limit number of times or a limit time for restarting retries so that retries are not performed indefinitely.
- the continuous judgment in step S701 is limited by the number of consecutive times or the elapsed time from the first judgment.
- the limit number or time limit is exceeded, the retry transmission of the confirmation request is stopped until a content request from the receiver 600 is transmitted.
- the limit number or limit time set in the confirmation request unit 601 corresponds to an example of a predetermined limit number or a predetermined limit period in which the regular confirmation request is repeatedly transmitted in the confirmation request retransmission step of the present invention.
- Retry may be stopped when a preset stop condition such as a stop instruction by the user occurs.
- the issuance of the confirmation request after the use of the content is canceled may be specified by the user's input by repeating the retry restart time.
- the regular content confirmation method of the present invention when used, whether the transmitter is receiving the correct content from the update information transmitted from the receiver. I can confirm. In addition, the confirmation message that is the confirmation result notification is valid. Since it is created using an exchange key shared in advance between the correct transmitter and the receiver, the receiver can check whether the received acknowledgment message is sent from a legitimate transmitter. As a result, it is possible to determine the content to be replaced from the unauthorized impersonation device.
- the update information update at the transmitter is an internal process and may be performed at an earlier timing than the receiver receives the content with the latest update information attached.
- the update information update at the transmitter is an internal process and may be performed at an earlier timing than the receiver receives the content with the latest update information attached.
- an unauthorized device stores a combination of update information and an acknowledgment message exchanged between a transmitter and a receiver. Even if the receiver sends a confirmation request while receiving the replacement content of the spoofed device, even if an unauthorized device sends an acknowledgment message corresponding to the same confirmation request stored, Successful identification at the receiver can be prevented.
- the unauthorized device can update the update information currently in use. Since the corresponding acknowledgment message cannot be obtained even if it is transmitted to the transmitter, it is possible to prevent the receiver from succeeding in identification while receiving the impersonation device-replacement content.
- the receiver does not use the received content to prevent the substitute content from the impersonation device from being made available to the user. Can do.
- the receiver cannot receive the acknowledgment message, it does not use the received content after retrying for a predetermined period or a predetermined number of times. It is possible to prevent content from being used (viewable) while retrying.
- the receiver issues a confirmation request until an acknowledgment message can be received. The effect of being able to resume is obtained.
- the program of the present invention is the above-described regular content confirmation method of the present invention, in the confirmation request step of transmitting the regular confirmation request at the receiver, and at the transmitter, the update information is the predetermined content.
- the update information collating step for collating whether the update information is the update information, the acknowledge message sending step for creating the acknowledgment message at the transmitter and transmitting it to the receiver, and the transmitter from the transmitter at the receiver
- a program for causing a computer to execute the operation of all or a part of the regular content determination step for confirming that the transmitter is a regular transmitter when an acknowledgment message is received,
- the confirmation request step of transmitting the regular confirmation request at the receiver, and the update information at the transmitter is the update information.
- the update information collation step for collating whether or not the update information is predetermined
- the acknowledgment message transmitting step for generating the acknowledgment message at the transmitter and transmitting it to the receiver, and the transmitter from the transmitter at the receiver.
- the computer executes all or part of the operation of all or some of the regular content determination steps for confirming that the transmitter is a regular transmitter. Is a recording medium on which a program for recording is recorded, is readable by a computer, and the read program is connected to the computer. A recording medium to be used in work.
- step operation of the present invention means the operation of all or part of the step.
- one usage form of the program of the present invention may be an aspect in which the program is recorded on a computer-readable recording medium and operates in cooperation with the computer.
- the recording medium includes ROM and the like.
- the computer of the present invention described above is not limited to pure hardware such as a CPU, and may include firmware, an OS, and peripheral devices.
- the configuration of the present invention may be realized in software or hardware.
- the legitimate content confirmation method, content transmission / reception system, transmitter, receiver, etc. of the present invention monitor and receive communication between a legitimate transmitter and a receiver by an unauthorized device on the network. Sending unjust content to the machine! Useful as content confirmation technology to escape the attack.
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/577,115 US8510844B2 (en) | 2004-10-13 | 2005-10-12 | Authorized content verification method, content transmission/reception system, transmitter, and receiver |
EP05793204.8A EP1802025B1 (en) | 2004-10-13 | 2005-10-12 | Regular content check method, content transmission/reception system, transmitter, and receiver |
CN2005800343886A CN101036341B (zh) | 2004-10-13 | 2005-10-12 | 正规内容确认系统 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004298722A JP4725070B2 (ja) | 2004-10-13 | 2004-10-13 | 正規コンテンツ確認方法、コンテンツ送受信システム、送信機、および受信機 |
JP2004-298722 | 2004-10-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006041082A1 true WO2006041082A1 (ja) | 2006-04-20 |
Family
ID=36148370
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2005/018777 WO2006041082A1 (ja) | 2004-10-13 | 2005-10-12 | 正規コンテンツ確認システム |
Country Status (6)
Country | Link |
---|---|
US (1) | US8510844B2 (ja) |
EP (1) | EP1802025B1 (ja) |
JP (1) | JP4725070B2 (ja) |
KR (1) | KR20070063534A (ja) |
CN (1) | CN101036341B (ja) |
WO (1) | WO2006041082A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007043475A (ja) * | 2005-08-03 | 2007-02-15 | Sony Corp | 情報通信システム、情報通信装置及び情報通信方法、並びにコンピュータ・プログラム |
CN103229451A (zh) * | 2010-11-30 | 2013-07-31 | 英特尔公司 | 用于硬件设备的密钥供应的方法和装置 |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100858975B1 (ko) * | 2006-10-30 | 2008-09-17 | 한국전자통신연구원 | 전자감시 방법 및 그 시스템 |
US8909714B2 (en) * | 2007-08-21 | 2014-12-09 | Microsoft Corporation | Electronic mail delay adaptation |
US8706819B2 (en) * | 2007-08-21 | 2014-04-22 | Microsoft Corporation | Electronic mail delay adaptation |
US8606862B2 (en) * | 2007-08-21 | 2013-12-10 | Microsoft Corporation | Electronic mail delay adaptation |
DE102007056788A1 (de) * | 2007-11-23 | 2009-06-10 | T-Mobile Internationale Ag | Verfahren zum Zugang zu geschlossenen Gruppen in Radiozugangsnetzen |
CN102663297A (zh) * | 2012-04-06 | 2012-09-12 | 天地融科技股份有限公司 | 一种字模获取方法、字符显示装置和系统,电子签名工具 |
JP6112874B2 (ja) * | 2013-01-21 | 2017-04-12 | キヤノン株式会社 | 通信装置、通信装置の制御方法、および、プログラム |
US20150039752A1 (en) * | 2013-07-30 | 2015-02-05 | Edward Hague | Advanced BACNet router |
JP6433951B2 (ja) * | 2016-08-09 | 2018-12-05 | 東芝デジタルソリューションズ株式会社 | ネットワーク監視装置およびプログラム |
US11075887B2 (en) * | 2016-10-24 | 2021-07-27 | Arm Ip Limited | Federating data inside of a trusted execution environment |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001358706A (ja) * | 2000-04-06 | 2001-12-26 | Matsushita Electric Ind Co Ltd | 著作物保護システム、暗号化装置、復号化装置および記録媒体 |
JP2002207639A (ja) * | 2001-01-09 | 2002-07-26 | Sony Corp | コンテンツ並びにその処理方法及びその処理装置 |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2176032A1 (en) * | 1994-01-13 | 1995-07-20 | Bankers Trust Company | Cryptographic system and method with key escrow feature |
US20010011253A1 (en) * | 1998-08-04 | 2001-08-02 | Christopher D. Coley | Automated system for management of licensed software |
JPH10145354A (ja) * | 1996-11-14 | 1998-05-29 | Nippon Telegr & Teleph Corp <Ntt> | 機能遠隔変更方法 |
EP1143656B1 (en) * | 2000-04-06 | 2004-11-03 | Matsushita Electric Industrial Co., Ltd. | Copyright protection system, encryption device, decryption device, and recording medium |
US7552333B2 (en) * | 2000-08-04 | 2009-06-23 | First Data Corporation | Trusted authentication digital signature (tads) system |
JP4710132B2 (ja) * | 2000-12-26 | 2011-06-29 | ソニー株式会社 | 情報処理システム、および情報処理方法、並びにプログラム記録媒体 |
US20040047308A1 (en) * | 2002-08-16 | 2004-03-11 | Alan Kavanagh | Secure signature in GPRS tunnelling protocol (GTP) |
JP2004157864A (ja) * | 2002-11-07 | 2004-06-03 | Canon Inc | コンテンツ配信システム |
US7584353B2 (en) * | 2003-09-12 | 2009-09-01 | Trimble Navigation Limited | Preventing unauthorized distribution of media content within a global network |
US7475322B2 (en) * | 2003-11-14 | 2009-01-06 | Avocent Huntsville Corporation | Wireless broadcast protocol |
-
2004
- 2004-10-13 JP JP2004298722A patent/JP4725070B2/ja active Active
-
2005
- 2005-10-12 EP EP05793204.8A patent/EP1802025B1/en active Active
- 2005-10-12 US US11/577,115 patent/US8510844B2/en active Active
- 2005-10-12 WO PCT/JP2005/018777 patent/WO2006041082A1/ja active Application Filing
- 2005-10-12 KR KR1020077008199A patent/KR20070063534A/ko not_active Application Discontinuation
- 2005-10-12 CN CN2005800343886A patent/CN101036341B/zh active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001358706A (ja) * | 2000-04-06 | 2001-12-26 | Matsushita Electric Ind Co Ltd | 著作物保護システム、暗号化装置、復号化装置および記録媒体 |
JP2002207639A (ja) * | 2001-01-09 | 2002-07-26 | Sony Corp | コンテンツ並びにその処理方法及びその処理装置 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007043475A (ja) * | 2005-08-03 | 2007-02-15 | Sony Corp | 情報通信システム、情報通信装置及び情報通信方法、並びにコンピュータ・プログラム |
CN103229451A (zh) * | 2010-11-30 | 2013-07-31 | 英特尔公司 | 用于硬件设备的密钥供应的方法和装置 |
CN103229451B (zh) * | 2010-11-30 | 2015-11-25 | 英特尔公司 | 用于硬件设备的密钥供应的方法和装置 |
Also Published As
Publication number | Publication date |
---|---|
JP4725070B2 (ja) | 2011-07-13 |
CN101036341B (zh) | 2010-04-21 |
EP1802025A1 (en) | 2007-06-27 |
JP2006115083A (ja) | 2006-04-27 |
CN101036341A (zh) | 2007-09-12 |
EP1802025B1 (en) | 2013-04-10 |
KR20070063534A (ko) | 2007-06-19 |
US20080244698A1 (en) | 2008-10-02 |
EP1802025A4 (en) | 2011-12-14 |
US8510844B2 (en) | 2013-08-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2006041082A1 (ja) | 正規コンテンツ確認システム | |
JP4219965B2 (ja) | ワンタイムidによる認証 | |
JP3858527B2 (ja) | データ生成装置およびデータ検証装置ならびにその方法 | |
EP2779524A1 (en) | Secure data transmission method, device and system | |
JP6573880B2 (ja) | 更新プログラム及び方法、及び、管理プログラム及び方法 | |
US8452015B2 (en) | Propagating keys from servers to clients | |
JP2005102163A (ja) | 機器認証システム、機器認証サーバ、端末機器、機器認証方法、機器認証プログラム、及び記憶媒体 | |
JP2006238273A (ja) | 暗号通信システムおよび方法 | |
JP2010011400A (ja) | 共通鍵方式の暗号通信システム | |
US8271788B2 (en) | Software registration system | |
JP2020532928A (ja) | デジタル署名方法、装置及びシステム | |
WO2006028094A1 (ja) | 通信装置 | |
CN111080299B (zh) | 一种交易信息的防抵赖方法及客户端、服务器 | |
KR20150135032A (ko) | Puf를 이용한 비밀키 업데이트 시스템 및 방법 | |
KR20030019344A (ko) | 은닉 데이터 통신 방법 | |
US7171000B1 (en) | Simplified addressing for private communications | |
WO2015178597A1 (ko) | Puf를 이용한 비밀키 업데이트 시스템 및 방법 | |
JP2007013366A (ja) | 通信処理装置、通信処理システム、および方法、並びにコンピュータ・プログラム | |
JP2006115083A5 (ja) | ||
JP2000216773A (ja) | 暗号化情報の正当性を判断する方法及び装置 | |
WO2010067797A1 (ja) | 通信装置、サーバ装置及び通信プログラム | |
JP2004274134A (ja) | 通信方法並びにこの通信方法を用いた通信システム、サーバおよびクライアント | |
US7327845B1 (en) | Transmission of encrypted messages between a transmitter and a receiver utilizing a one-time cryptographic pad | |
GB2570292A (en) | Data protection | |
CN112787990B (zh) | 一种电力终端可信接入认证方法和系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS KE KG KM KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
DPEN | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 200580034388.6 Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020077008199 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11577115 Country of ref document: US Ref document number: 2005793204 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWP | Wipo information: published in national office |
Ref document number: 2005793204 Country of ref document: EP |