WO2010125654A1 - Dispositif de génération de clé de cryptage - Google Patents

Dispositif de génération de clé de cryptage Download PDF

Info

Publication number
WO2010125654A1
WO2010125654A1 PCT/JP2009/058400 JP2009058400W WO2010125654A1 WO 2010125654 A1 WO2010125654 A1 WO 2010125654A1 JP 2009058400 W JP2009058400 W JP 2009058400W WO 2010125654 A1 WO2010125654 A1 WO 2010125654A1
Authority
WO
WIPO (PCT)
Prior art keywords
scalability
key
hierarchy
matrix
layer
Prior art date
Application number
PCT/JP2009/058400
Other languages
English (en)
Japanese (ja)
Inventor
洋一 畑
俊昭 柿井
康仁 藤田
由光 後藤
仁志 貴家
清史 西川
正明 藤吉
祥子 今泉
Original Assignee
住友電気工業株式会社
公立大学法人首都大学東京
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 住友電気工業株式会社, 公立大学法人首都大学東京 filed Critical 住友電気工業株式会社
Priority to PCT/JP2009/058400 priority Critical patent/WO2010125654A1/fr
Priority to CN200980159024.9A priority patent/CN102415049B/zh
Priority to JP2011511221A priority patent/JP5269984B2/ja
Publication of WO2010125654A1 publication Critical patent/WO2010125654A1/fr
Priority to US13/283,877 priority patent/US8634553B2/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms

Definitions

  • the present invention relates to an apparatus for generating an encryption key used for encoding (encryption) and decryption (decryption) of digital data having a plurality of types of hierarchical scalability, and in particular, each hierarchical data unit in each scalability.
  • the present invention relates to an apparatus for automatically generating a partial encryption key (hereinafter referred to as a partial key) corresponding to the above.
  • an encoded digital image or the like is decoded with quality (distortion, resolution, color expression, etc.) determined at the time of encoding.
  • quality disortion, resolution, color expression, etc.
  • scalability is required.
  • JPEG2000 Joint Photographic Experts Group 2000
  • an international standard for image compression provides hierarchical scalability on a scale such as resolution.
  • Patent Documents 1 and 2 and Non-Patent Documents 1 to 3 are known as such digital data protection techniques.
  • Non-Patent Document 1 discloses a technique for generating a partial key corresponding to a lower-layer data unit from one master key by using a one-way hash function for digital data having hierarchical scalability.
  • Non-Patent Document 2 discloses a technique that does not depend on the order of streaming data, which is a problem of Non-Patent Document 1.
  • Non-Patent Document 3 discloses a technique for improving resistance to collusion attacks, which is a problem of Non-Patent Document 1.
  • a collusion attack is an act of realizing image reproduction with a quality higher than the previously granted quality by sharing multiple types of encryption keys corresponding to different hierarchical levels for each scalability among multiple users.
  • the inventors discovered the following problems as a result of examining the conventional data protection technology in detail.
  • the encryption key partial key
  • Encryption encoding
  • the number of keys to be managed increases, and a sufficient key length is secured to maintain collusion resistance.
  • the total key length is significantly increased as the number of layers in each scalability increases.
  • the present invention has been made to solve the above-described problems, and generates an encryption key that can secure sufficient resistance against a collusion attack on digital data having hierarchical scalability, and is provided in each scalability hierarchy.
  • An object of the present invention is to provide an encryption key generation apparatus having a structure for dramatically reducing the key length of each corresponding encryption key.
  • An encryption key generation apparatus is an apparatus applicable to a communication system (hereinafter referred to as a distribution system) that provides a digital data distribution service having a plurality of types ( ⁇ 2) of hierarchical scalability.
  • a distribution system that provides a digital data distribution service having a plurality of types ( ⁇ 2) of hierarchical scalability.
  • the encryption key used for encoding and decrypting the digital data (in each of the scalability, higher than the layer corresponding to the master key)
  • the distribution system to which the encryption key generation device is applied includes an image transmission system and a video conference system using multimedia such as a JPEG2000 packet coded sequence, which is an international standard for image compression, as well as a streaming distribution service.
  • the encryption key generation apparatus includes an input unit, a recording unit, a key division unit, a matrix generation unit, a key generation unit, and an output unit, and is an encryption used for encoding and decrypting digital data for distribution.
  • a key for each scalability, a partial key is generated for each hierarchy that is subordinately positioned higher than the master key. Therefore, access control can be simultaneously performed for a plurality of scalability in a single coded sequence.
  • the input means captures a preset encryption key (partial key), and the recording means temporarily records the encryption key captured by the input means as a master key.
  • This master key is a partial key located at the lowest level in the hierarchy that satisfies the service level permitted in the communication system (distribution system) that provides the data distribution service for each scalability.
  • the key splitting unit generates a split key from the master key recorded in the recording unit.
  • the encryption key generation apparatus generates a partial key corresponding to the data unit of the hierarchy in each of the two selected types of scalability as the minimum processing unit.
  • the matrix generation unit generates a key element matrix corresponding to each of the split keys generated by the key splitting unit.
  • the key generation means generates a partial key corresponding to each layer by component combination of the key element matrix generated by the matrix generation means.
  • the output means outputs the partial key generated by the key generation means in the minimum processing unit described above to an apparatus that performs at least one of digital data encoding and decoding, such as an encoding means and a decoding means. To do.
  • the key element matrix is generated for each scalability layer based on the split key corresponding to each layer.
  • Each key element matrix defines each component coordinate by a hierarchical value (corresponding to a hierarchical level) of each of the two types of scalability, so that each matrix component has a data unit and a coordinate of each layer in the two types of scalability. It corresponds.
  • the encryption key generation apparatus is characterized in that it generates a partial key corresponding to each hierarchically located higher layer from a master key that is managed uniquely. Therefore, in the case of descrambling, a partial key corresponding to each hierarchy that is subordinately higher than the master key is generated in the same way. For example, in the multimedia distribution service, the lowest key of the packet group whose disclosure is permitted Only the decryption key for this packet is distributed to the user (contractor of distribution service). In such a case, the given decryption key itself becomes a master key recorded in the recording means of the encryption key generating apparatus, and each scalability layer corresponding to this master key is the lowest layer.
  • the master key recorded in the recording means is a layer that satisfies the service level permitted in the distribution system in each of the first and second scalability selected from the plurality of types of scalability of the digital data to be encoded. Among them, an encryption key used for encoding and decoding of the data unit in the lowest layer is set. Conversely, when a decryption key obtained by distribution or the like is used as a master key, each scalability layer corresponding to the master key is set as the lowest layer.
  • the master key is divided by the number of first scalability layers set as the reference scalability among the first and second scalability by the key dividing means, and a divided key corresponding to each layer of the first scalability is generated. .
  • the key element matrix generated by the matrix generation unit based on the split key corresponds to the data unit of each layer in the first and second scalability.
  • the generation of the key element matrix generated based on one split key among the obtained split keys at least the hierarchy in the first scalability corresponding to the one split key and the lowest in the second scalability
  • the operation data sequentially obtained by repeating the hash calculation of the one split key using the one-way hash function is assigned to the corresponding coordinate components from the hierarchy to the highest hierarchy. Thereby, the hierarchy of 2nd scalability is maintained.
  • the key generation means combines the key elements coordinate-matched between the key element matrices generated for each split key, so that the partial key corresponding to each data unit of the hierarchy in the first and second scalability is obtained. Is generated. That is, the key generation means generates a partial key for encoding or decrypting an upper layer data unit including the master key layer for each data unit. With this configuration, the hierarchy of the first scalability is also maintained.
  • the key splitting unit selects scalability having a small number of layers among the first and second scalability as the above-described reference scalability. In this case, it becomes difficult to be affected by an increase in the number of layers of some scalability.
  • the matrix generation means is a layer positioned lower than the layer in the first scalability corresponding to the one split key as the component information of the key element matrix generated based on one split key among the split keys.
  • the same calculation data as the calculation data sequentially obtained for the hierarchy of the one split key is assigned to the coordinate components corresponding to the lowest hierarchy to the highest hierarchy of the second scalability.
  • the matrix generation means is a hierarchy positioned higher than the hierarchy in the first scalability corresponding to the one split key, and all coordinate components corresponding to the highest hierarchy from the lowest hierarchy in the second scalability, Of the key elements of the hierarchy corresponding to the one split key, the operation data obtained by the hash operation using the one-way hash function is assigned to the key element of the highest hierarchy of the second scalability.
  • the encryption key generation device is different from the conventional encryption key generation technology in which a plurality of encoded sequences and a master key must be prepared according to the progression order. There are no restrictions.
  • the encryption key generation device generates a hierarchy encryption key (partial key) corresponding to each data unit from the master key in a dependent manner, and simultaneously performs a plurality of scalability in a single encoded sequence. Enable access control. As a result, the information amount of the encoded sequence and the encryption key (master key) to be managed is drastically reduced, and the security in managing and distributing digital contents and encryption keys can be effectively improved.
  • the encryption key generation device selects two types of scalability from these three or more types of scalability, and selects the two selected types of scalability.
  • each scalability individually corresponds to each data unit of the upper hierarchy including the master key hierarchy
  • the partial key (used for encoding and decryption of the data unit to which each partial key corresponds) is generated.
  • the matrix generation means generates a partial key element matrix for each combination for all the two types of scalability combinations.
  • the matrix generation means also generates a hierarchy table indicating all combinations of hierarchy values in a plurality of types of scalability.
  • This hierarchical table is a coordinate representation of a partial key matrix whose components are partial keys corresponding to data units of hierarchical values in a plurality of types of scalability, by combining hierarchical values.
  • this hierarchical table shows the correspondence between scalability types and hierarchical values, and the components of the partial key element matrix generated for all the combinations of scalability can be specified from this relationship.
  • the key generation means for all combinations of hierarchy values in the hierarchy table, all the combinations of two types of scalability specified by two hierarchy values and the type of scalability among the hierarchy values constituting one combination.
  • the components of the partial key element matrices generated for are combined.
  • the elements combined for each combination of hierarchical values are the components of the partial key element matrix as they are. Therefore, by combining the components corresponding to each of the partial key element matrices by the hierarchy table in the key generation means, partial keys corresponding to each data unit of each hierarchy in a plurality of types of scalability are sequentially generated. become.
  • the output means outputs the generated partial key to a device that performs at least one of encoding and decoding of digital data, such as an encoding means or a decoding means.
  • the input means includes an encryption key used for encoding and decrypting a data unit of a layer located at the lowest layer among the layers satisfying the service level permitted in the distribution system.
  • the capturing / recording unit records the encryption key captured by the input unit as a master key (when a decryption key obtained by distribution or the like is used as a master key, each of the scalability layers corresponding to the master key is recorded at the highest level. Lower level).
  • the key splitting means also selects the first and second reference scalability from three or more types of scalability.
  • the first reference scalability is a scalability for generating a split key from the master key recorded by the recording means, and the key splitting means divides the master key by the number of layers of the first reference scalability to thereby generate the first key scalability.
  • a split key corresponding to each layer of 1 standard scalability is generated.
  • the second reference scalability is scalability for defining the calculation direction of the hash calculation using the one-way hash function as described above.
  • the matrix generation means is configured to remove a multidimensional key element matrix expressed in coordinates with hierarchical values in three or more types of scalability, excluding the first and second reference scalability among these three or more types of scalability.
  • the matrix generation means includes, as component information in each generated multidimensional key element matrix, at least a hierarchy in the first reference scalability corresponding to one of the generated divided keys, and the second reference
  • the operation data obtained sequentially by repeating the hash operation of the one split key using the one-way hash function is assigned to the corresponding coordinate components from the lowest layer to the highest layer in scalability.
  • at least the hierarchy of the second reference scalability is maintained in the obtained multidimensional key element matrix.
  • the key generation means generates a multidimensional key element matrix generated for each series of operations corresponding to each layer of the first reference scalability for each layer of the other scalability excluding the first and second reference scalability.
  • a partial key corresponding to each data unit of the hierarchy in a plurality of types of scalability is generated. That is, since the obtained multidimensional key element matrix is generated for each layer of each of the other scalability excluding the first and second reference scalability, the obtained multidimensional key is obtained.
  • the hierarchy of the first reference scalability is also maintained.
  • each component information of the multi-dimensional key element matrix generated for each series of operations corresponding to each layer of the first reference scalability for each layer of other scalability excluding the first and second scalability, the corresponding first and second reference scalability layers that are lower than the corresponding one of the first scalability and the coordinate components corresponding to the lowest and highest layers of the second reference scalability, respectively, The same operation data as the operation data sequentially obtained using one divided key assigned to the reference scalability layer is assigned.
  • the output means outputs the partial key generated by the key generation means in the minimum processing unit described above to an apparatus that performs at least one of encoding and decoding digital data, such as an encoding means and a decoding means.
  • the partial key of the hierarchy that is subordinately positioned using the one-way hash function is generated from the master key, so that one of the scalability levels can be specified.
  • a partial key corresponding to one data unit cannot be generated from a partial key corresponding to a data unit in which one of the scalability layers is positioned higher. Therefore, it becomes possible to prevent collusion attacks.
  • the key length of the generated partial key can be reduced.
  • FIG. 4 is a diagram in which each data unit (corresponding to each package of JPEG2000) of digital data having two types of three-layer scalability and a corresponding partial key are expressed in a matrix.
  • FIG. 6 is a diagram illustrating a key element generation process corresponding to each of the scalability levels L and R using a three-dimensionally displayed three-dimensional matrix in the encryption key generation that generalizes the encryption key generation operation executed by the fourth embodiment.
  • FIG. FIG. 4 is a diagram illustrating a key element generation process corresponding to each of the layers of scalability R and C using a three-dimensionally displayed three-dimensional matrix in encryption key generation that generalizes the encryption key generation operation executed by the fourth embodiment.
  • FIG. FIG. 4 is a diagram illustrating a key element generation process corresponding to each of the levels of scalability L and C using a three-dimensionally displayed three-dimensional matrix in the encryption key generation that generalizes the encryption key generation operation executed by the fourth embodiment.
  • the encryption key generation device generates an encryption key used for encoding and decoding digital data having a plurality of types of hierarchical scalability.
  • a partial key generation operation corresponding to each packet code string of JPEG 2000 which is an international standard for image compression, will be described as a specific example of digital data having hierarchical scalability.
  • JPEG2000 can give priority to the type of scalability.
  • this order is expressed as a packet composition order (progression order) which is a data unit.
  • progression order There are four types of scalability that determine the progression order: layer (L), resolution level (R), component (C), and position (P).
  • FIG. 1 is a diagram showing a schematic configuration of a digital data distribution system to which an encryption key generating apparatus according to the present invention is applied.
  • the distribution system shown in FIG. 1 includes a communication system that provides a streaming distribution service in addition to an image transmission system and an interactive video conference system that provide a distribution service of digital data having hierarchical scalability.
  • the distribution system includes a wired or wireless network 300, a plurality of information processing terminals (hereinafter referred to as PCs) 200 such as personal computers connected to the network 300, and a distribution server 100, respectively.
  • the PC 200 and the distribution server 100 are in a state in which multimedia bidirectional communication including digital data can be performed via the network 300.
  • the distribution server 100 manages, as an external recording device, a database (hereinafter referred to as “D / B”) 110 that stores a plurality of types of digital data contents prepared in advance for a distribution service.
  • D / B a database
  • Each PC 200 and the distribution server 110 are contracted in advance with respect to a digital data distribution service.
  • the distribution server 110 Upon receiving a distribution request from the PC 200, the distribution server 110 corresponds to a pre-contracted service level. Deliver high quality digital data.
  • FIG. 2 shows the configuration of information processing devices such as the distribution server 100 and the PC 200 that constitute a part of the distribution system as described above.
  • the area (a) shows the configuration of the distribution server 100 or the PC 200
  • the area (b) shows the logical configuration of the D / B 110 managed by the distribution server 100. .
  • the distribution server 100 or the PC 200 transmits / receives data to / from other information processing devices via the network 300 (hereinafter referred to as I / O).
  • I / O information processing devices
  • a calculation unit 220 that executes various calculation programs 231
  • a memory 230 as a storage unit that stores the calculation programs and data
  • a drawing unit that generates display data according to the control of the calculation unit 220 250 and input / output means (hereinafter referred to as I / O) 240 for exchanging data with various peripheral devices.
  • display data generated by the drawing unit 250 is displayed on the monitor 251.
  • the I / O 240 is connected to an external recording device 270 such as the D / B 110 managed by the distribution server 100, a keyboard 260 as an input means, and a pointing device.
  • a contract information table 110a In the D / B 110 as an external recording device managed by the distribution server 100, a contract information table 110a, a key management table 110b, and a distribution digital data group 110c are stored in advance.
  • a user who is an operator of the PC 200 is associated with a service level reflecting the contents of the contract.
  • the key information table 110b includes, for each user (contractor), digital data (various digital contents for distribution service) stored in the D / B 110 and partial keys (master keys) for encoding these digital contents. ) Are associated.
  • FIG. 3 is a conceptual diagram for explaining the data structure of digital data to be distributed in the distribution system shown in FIG. 1 and having a plurality of types of hierarchical scalability. Also, FIG. 3 shows, for example, a JPEG2000 packet coded sequence when the scalability to be controlled for access is limited to only the layer (L) and the resolution level (R) (in the case of grayscale images). The decoding pattern is shown. Specifically, in FIG. 3, the layer number N L of the layer (scalability L) is 3, and the layer number N R of the resolution level (scalability R) is 3.
  • the layer is also called an image quality layer and means arithmetically encoded data of a digital image corresponding to SNR (Signal / Noise Ratio) at the time of image reproduction. Since information having a higher influence on image quality is included in a higher layer, the quality of a reproduced image can be improved stepwise by adding lower layer data to upper layer data.
  • SNR Signal / Noise Ratio
  • JPEG2000 coded image of a quality Q L, in R, Q L the packet in order to obtain R is surrounded by the frame A in FIG. 3
  • all decrypted packets P i, j must be decrypted. Therefore, the packets P i, j need to be individually encrypted in order to maintain hierarchy in access control.
  • FIG. 4 is a conceptual diagram for explaining the progressive order indicating the priority when decoding the JPEG2000 packet coded sequence shown in FIG.
  • area (a) is a decoding order in the LRCP progression order where scalability L (layer) is given the highest priority
  • area (b) is an RLCP with priority given to scalability R (resolution level). This is the decoding order in the progression order.
  • the encryption key generation device generates an encryption key having a key length reduced from the aspects of security and ease of generation related to management and distribution and having resistance to a collusion attack.
  • the encryption key generation apparatus handles each packet as a matrix component specified by the hierarchical level of each scalability, and therefore the progression order in JPEG2000 does not matter.
  • the area (a) in FIG. 5 includes packets P L, R (L: 0 (highest), 1) represented in a matrix by the hierarchical level of scalability L (layer) and the hierarchical level of scalability R (resolution level). 2 (lowest); R: 0 (highest), 1, 2 (lowest)).
  • the area (b) in FIG. 5 is a partial key K L, R (L: 0, 1, 2; R: 0, expressed in matrix) corresponding to the packets PL , R in the area (a) in FIG. 1, 2).
  • the collusion attack refers to an attack that enables reproduction with higher image quality than a legally permitted image quality by illegally sharing an encryption key by two or more users.
  • a user who is permitted to disclose only the highest layer (layer 0) and a user who is permitted to disclose only the highest resolution level (resolution level 0) are colluding.
  • the encryption key for the packet P i, j is K i, j
  • the encryption key (partial key) for a packet is higher in the scalability of at least one of the packets.
  • the encryption key generated by the encryption key generation device according to the present invention is resistant to collusion attacks.
  • FIG. 6 is a logical block diagram for explaining the data distribution operation in the digital data distribution system (FIG. 1) to which the encryption key generating apparatus according to the present invention is applied. Further, the distribution server 100 and the PC 200 have the configuration shown in the area (a) of FIG.
  • the data distribution service from the distribution server 100 to the PC 200 is started when a distribution request is made from the PC 200 to the distribution server 100.
  • the distribution server 100 Upon receiving a distribution request from the PC 200, first, the distribution server 100 performs a request analysis. In this request analysis, an authentication procedure for a user who has transmitted a distribution request, identification of data to be distributed, identification of a service level, and the like are performed.
  • the data requested for distribution is read from the D / B 100, and a master key corresponding to the data (an encryption key for encoding the read data is generated). Partial key) is read out.
  • the encryption key generation device 400 (the encryption key generation device according to the present invention) inputs a master key and uses the master key to encode a partial key (an upper layer positioned higher than the layer corresponding to the master key) Each corresponding partial key) is generated. The partial key generated in this way is output from the encryption key generation device 400 to the encoding means 410.
  • the encoding means 410 receives the data read from the D / B 110 and corresponds to the packet to be encoded among the partial keys output from the encryption key generating device 400 for each packet constituting the data.
  • Encoded data (encoded string of a packet group to be distributed) is generated by encoding using a partial key.
  • the distribution server 100 distributes the encoded data generated together with the master key for generating the partial key used for encoding to the PC 200 (distribution request source) via the network 300.
  • specific data encoding is executed by the control unit 220 (area (a) in FIG. 2) in the distribution server 100. That is, when the control unit 220 executes the program 231 stored in advance in the memory 230, the control unit 220 operates as the encoding unit 410.
  • the encoded data and the master key distributed via the network 300 are taken in by the I / O 210 and temporarily stored in the memory 230.
  • the encryption key generation device 400 (the encryption key generation device according to the present invention) in the PC 200 inputs a master key stored in the memory 230, and uses this master key to decrypt a partial key (corresponding to the master key). A decryption key corresponding to each higher hierarchy located above the hierarchy).
  • the encryption key generation device 400 outputs the generated decryption keys to the decryption means 420.
  • the decryption means 420 receives the encoded data read from the memory 230, and combines each encoded packet using the corresponding decryption key among the decryption keys output from the encryption key generation device 400.
  • the encryption key generation apparatus corresponds to the encryption key generation apparatus 400 in FIG. 6 when applied to the distribution system in FIG. 1, and specifically has a structure as shown in FIG.
  • FIG. 7 is a logical block diagram for explaining the configuration of the encryption key generating apparatus according to the present invention.
  • the encryption key generating apparatus 400 includes an input unit 450 for taking in a master key, an arithmetic unit 460 for generating a partial key using the master key, a master key and an arithmetic unit.
  • the recording unit 470 for temporarily recording the calculation result in 460 and the partial key of the hierarchy that matches the contracted service level among the generated partial keys are sent to the encoding unit 410 and the decoding unit 420.
  • Output means 480 for outputting is provided.
  • the computing unit 460 includes a key dividing unit 461, a matrix generating unit 461, and a key generating unit 463.
  • the I / O 210 functions as the input unit 450 and the output unit 480.
  • the memory 230 functions as the recording unit 470.
  • the control unit 220 functions as the calculation unit 460.
  • the control unit 220 operates as each of the key dividing unit 461, the matrix generating unit 461, and the key generating unit 463.
  • the encryption key generation operation executed in the first embodiment of the encryption key generation apparatus according to the present invention will be described below.
  • the encryption key generating apparatus according to the first embodiment has the structure shown in FIG. 7, and more specifically, is realized by the hardware configuration shown in the area (a) of FIG.
  • the scalability subject to access control is assumed to be scalability L (layer) and scalability R (resolution level), the number of hierarchical levels N of scalability L is 3, and the number of hierarchical levels N of scalability R is 3.
  • FIG. 8 is a conceptual diagram for explaining the encryption key generation operation (operation of the computing means 460 shown in FIG. 7) executed in the first embodiment of the encryption key generation device according to the present invention.
  • FIG. 9 is a conceptual diagram for explaining generation of a key element matrix by the matrix generation means 462 of the encryption key generation apparatus according to the first embodiment.
  • the master key is a partial key distributed by the input unit 450 via the D / B 110 or the network 300 and is once recorded in the recording unit 470. That is, the master key is a partial key corresponding to the lowest packet that is managed in advance by the recording unit 470.
  • the packet P 2 in the layer located at the lowest level in both scalability L and R. which is an encryption key K 2,2 corresponding to the two.
  • the key dividing unit 461 divides the master keys K 2 and 2 by the minimum number of hierarchies 3 (the number of hierarchies of scalability R), thereby obtaining the divided keys e R2 , e R1 and e R0 .
  • These split keys e R2 , e R1 , and e R0 are root keys (keys for generating each matrix component) corresponding to each layer of scalability R, and matrix generating means 462 generates a key for each layer of scalability R.
  • Element matrices M1 to M3 are generated.
  • Each matrix component in each of the key element matrices M1 to M3 is sequentially generated from the corresponding split keys e R2 , e R1 , e R0 as shown in FIG.
  • the split key e R2 is assigned to the (2, 2) component as a matrix corresponding to the hierarchical level 2 (lowest hierarchy) of scalability R.
  • the upper subscript R2 of the matrix component e indicates the hierarchical level of scalability R (reference scalability) corresponding to the key element matrix M1
  • the lower subscript indicates the component coordinates of the key element matrix M1.
  • the hierarchy of scalability L is maintained for the hierarchy level 2 of scalability R.
  • the split key e R1 is assigned to the (2,1) component as a matrix corresponding to the hierarchical level 1 of scalability R.
  • H * e R1 (2, The calculation data of 1)
  • H * 2 e R1 (2, 1)
  • “CP” means copying.
  • the split key e R0 is assigned to the (2,0) component as a matrix corresponding to the hierarchical level 0 (highest hierarchy) of scalability R.
  • H * e R0 (2, 0
  • H * 2 e R0 (2, 0)
  • R resolution level
  • the encryption key generation apparatus according to the second embodiment also has the structure shown in FIG. 7 as in the second embodiment, and more specifically, the hardware shown in the area (a) of FIG. This is realized by the hardware configuration.
  • the scalability subject to access control is assumed to be scalability L (layer) and scalability R (resolution level), the number of hierarchical levels N of scalability L is 3, and the number of hierarchical levels N of scalability R is 2.
  • FIG. 10 is a conceptual diagram for explaining an encryption key generation operation (operation of the computing means 460 shown in FIG. 7) executed in the second embodiment of the encryption key generation device according to the present invention.
  • FIG. 11 is a conceptual diagram for explaining generation of a key element matrix by the matrix generation means 462 of the encryption key generation apparatus according to the second embodiment.
  • the master key is a partial key distributed by the input unit 450 via the D / B 110 or the network 300 and is once recorded in the recording unit 470. That is, the master key is a partial key corresponding to the lowest packet that is managed in advance by the recording unit 470.
  • the packet P 2 in the layer positioned at the lowest level in both scalability L and R. , 1 is an encryption key K 2,1 .
  • the key dividing means 461 divides the master keys K 2 and 1 by the number of layers of scalability R (minimum number of layers 2), whereby divided keys e R1 and e R0 are obtained. These split keys e R1 and e R0 are root keys corresponding to the respective layers of scalability R, and the matrix generation means 462 generates key element matrices M1 and M2 for each layer of scalability R.
  • Each matrix component in each of the key element matrices M1 and M2 is sequentially generated as shown in FIG. 11 from the split keys e R1 and e R0 which are corresponding root keys.
  • the split key e R1 is assigned to the (2,1) component as a matrix corresponding to the hierarchical level 1 (lowest hierarchy) of scalability R.
  • the upper subscript R1 of the matrix component e indicates the hierarchical level of scalability R (reference scalability) corresponding to the key element matrix M1
  • the lower subscript indicates the component coordinates of the key element matrix M1.
  • the operation data sequentially obtained by repeating the hash operation of the split key e R1 using the one-way hash function H * is assigned. That is, the calculation data of H * (e R1 (2,1)) is calculated for e R1 (1,1), and the calculation data of H * 2 (e R1 (2,1)) is calculated for the component e R1 (0,1). Data is allocated.
  • the hierarchical level of scalability L is maintained for hierarchical level 1 of scalability R.
  • the split key e R0 is assigned to the (2,0) component as a matrix corresponding to the hierarchical level 0 (highest hierarchy) of scalability R.
  • H * e R0 (2, 0
  • H * 2 e R0 (2, 0)
  • CP indicates a copy operation.
  • CP means copying.
  • R resolution level
  • L layer
  • the encryption key generation apparatus (Third embodiment) The encryption key generation operation executed in the third embodiment of the encryption key generation apparatus according to the present invention will be described below.
  • the encryption key generating apparatus also has the structure shown in FIG. 7 as in the first embodiment, and more specifically, the hardware shown in the area (a) of FIG. It is realized by the hardware configuration.
  • the scalability subject to access control is assumed to be scalability L (layer) and scalability R (resolution level), the number of hierarchical levels N of scalability L is 4, and the number of hierarchical levels N of scalability R is 3.
  • FIG. 12 is a conceptual diagram for explaining an encryption key generation operation (operation of the computing means 460 shown in FIG. 7) executed in the third embodiment of the encryption key generation device according to the present invention.
  • FIG. 13 is a conceptual diagram for explaining generation of a key element matrix by the matrix generation means 462 of the encryption key generation apparatus according to the third embodiment.
  • the master key is a partial key distributed by the input unit 450 via the D / B 110 or the network 300 and is once recorded in the recording unit 470. That is, the master key is a partial key corresponding to the lowest packet that is managed in advance by the recording unit 470.
  • the key dividing unit 461 divides the master keys K 3 and 2 by the number of layers of scalability R (minimum number of layers 3), whereby divided keys e R2 , e R1 , and e R0 are obtained.
  • These split keys e R2 , e R1 , and e R0 are root keys corresponding to the respective layers of scalability R, and matrix generation means 462 generates key element matrices M1 to M3 for each layer of scalability R.
  • Each matrix component in each of the key element matrices M1 to M3 is sequentially generated as shown in FIG. 13 from the corresponding split keys e R2 , e R1 , and e R0 .
  • the split key e R2 is assigned to the (3, 2) component as a matrix corresponding to the hierarchical level 2 (lowest hierarchy) of scalability R.
  • the upper subscript R2 of the matrix component e indicates the hierarchical level of scalability R (reference scalability) corresponding to the key element matrix M1
  • the lower subscript indicates the component coordinates of the key element matrix M1.
  • the split key e R1 is assigned to the (3, 1) component as a matrix corresponding to the hierarchical level 1 of scalability R.
  • the hierarchical level of scalability L is maintained for hierarchical level 1 of scalability R.
  • “CP” means copying.
  • the split key e R0 is assigned to the (3, 0) component as a matrix corresponding to the hierarchical level 0 (highest hierarchy) of scalability R.
  • the hierarchical level of scalability L is maintained for hierarchical level 0 of scalability R.
  • R resolution level
  • L layer
  • the subkeys must be generated subordinately.
  • the element e Rj of the partial key K i, b1 targeting all the packets P i, b1 (i 0, 1,..., N L ⁇ 1) which are the lower layer b1 ( ⁇ j) of the scalability R
  • the hash calculation value H * (NL-1-i) (e Rj ) of the upper layer in the key element matrix Mj is reflected (copied) as it is.
  • the element e Rj i of the partial key K i, b2 for all the packets P i, b2 (i 0, 1,..., N L ⁇ 1) that are the upper layer b2 (> j).
  • B2 is assigned a hash operation value H * NL (e Rj ).
  • the elements that make up the lower layer partial key reflect the upper layer partial key, while the elements that make up the upper layer partial key reflect the element of the lower layer partial key.
  • the lower-layer partial key is not generated from the upper-layer partial key, and thus resistance to a collusion attack is obtained.
  • the PC 200 requesting R ⁇ N R ) is permitted to disclose an image with the JPEG 2000 packet code sequence P L, R as the lowest packet (the packet at the lowest layer in each of the scalability L, R).
  • the input means 450 receives the key K L, R (0 ⁇ L ⁇ 2, 0 ⁇ R ⁇ 2) for the packet. Note that the keys K L, R (0 ⁇ L ⁇ 2, 0 ⁇ R ⁇ 2) received by the input unit 450 are once recorded in the recording unit 470.
  • FIG. 3 grayscale images Q L, R (0 ⁇ L ⁇ N L , 0 ⁇ L ) up to scalability L (layer) and scalability R (resolution level).
  • the PC 200 requesting R ⁇ N R ) is permitted to disclose an image with the JPEG 2000 packet code sequence P
  • the encryption key generating apparatus 400 uses the keys K L and R corresponding to the encoded images Q L and R as the master key. Then, the decryption key (decryption key) corresponding to each packet P surrounded by the frame A ((N L ⁇ R + 1) ⁇ (N R ⁇ L + 1)) is generated.
  • the key element matrices M1 to M3 corresponding to the split keys e R2 , e R1 , and e R0 generated from the keys K L and R are also (N L ⁇ R + 1) ⁇ (N R ⁇ L + 1) matrices. .
  • the key generation in the cryptographic key generation device 400 is equivalent to a part of FIG. 9, by using the key K 1, 1 corresponding to the encoded image Q 1, 1, 1, surrounded by a frame A
  • a decryption key (decryption key) corresponding to each packet P 1,0 , P 0,1 , P 0,0 is generated.
  • the key division unit 461 uses the partial key K 1,1 recorded in the recording unit 470 as a master key and divides it by the number of layers of scalability R (three divisions). Keys e R2 , e R1 and e R0 are generated.
  • the matrix generation unit 462 generates a key element matrix for each of the three layers of scalability R.
  • the split key whose corresponding scalability R is lower than the corresponding hierarchy of the master key K 1 , 1 is another scalability L hierarchy.
  • Hash operation data with a level of -1 Therefore, in this case, the same value as the partial key corresponding to all components of the key element matrix is assigned in advance.
  • the partial key e R2 is hash operation data corresponding to the layer-1 of scalability L. That is, since the hierarchy (hierarchy level: 2) corresponding to the split key e R2 of scalability R is lower than the hierarchy of hierarchy R (hierarchy level: 1) corresponding to the master key K 1,1 , the split key e
  • the value of R2 is a hash operation value when the hierarchical level of scalability L is -1.
  • the value of the split key e R1 is assigned to the e R1 (1,1) component.
  • the operation data H * (e R1 (1, 1)) of the hash operation using the one-way hash function H * is assigned to the component e R1 (0, 1) in which the hierarchy of scalability L is located at the upper level.
  • the hierarchy (hierarchy level: ⁇ 1) higher than the hierarchy (hierarchy level: 0) corresponding to the split key e R0 of scalability R Does not exist. Therefore, first, the value of the split key e R0 is assigned to the e R0 (1, 0) component.
  • the calculation data H * (e R1 (1, 0)) of the hash calculation using the one-way hash function H * is assigned to the component e R0 (0, 0) in which the hierarchy of scalability L is located at the upper level.
  • the component e R0 (1, 0) is included in the e R0 (1, 1) component.
  • the value is copied, and a hash operation is sequentially performed based on the copy value. That is, the operation data H * (e R0 (1, 1)) of the hash calculation using the one-way hash function H * is assigned to the component e R0 (0, 1) in which the scalability L hierarchy is positioned higher. It is done.
  • the key generation means 463 combines the components that are coordinate-matched between the 2 ⁇ 2 key element matrices M1 to M3 corresponding to each layer of scalability R generated by the matrix generation means 462 as described above.
  • the decryption keys K 1,0 , K 0,1 and K 0,0 corresponding to the packets P 1,0 , P 0,1 and P 0,0 are generated from the master key K 1,1 .
  • a partial key for a certain packet is not generated from a packet that is higher in at least one scalability than the packet, and can be generated from a packet that is the same or lower in any scalability. Therefore, it is resistant to collusion attacks.
  • FIG. 14 is a conceptual diagram for explaining the generation of partial keys for digital data having three or more types of hierarchical scalability as an encryption key generation operation executed by the fourth embodiment of the encryption key generation apparatus according to the present invention. It is.
  • FIG. 15 is a diagram showing the coordinate correspondence between the hierarchical table 11a, the partial key element matrices MPa to MPc, and the partial key matrix MP4 in the partial key generation of FIG.
  • FIG. 16 is a diagram for explaining the correspondence between elements of the partial key element matrices MPa to MPc and the partial key matrix MP4 in the partial key generation of FIG.
  • the encryption key generating apparatus according to the fourth embodiment has the structure shown in FIG. 7, and more specifically, the hardware shown in the area (a) of FIG. Realized by configuration.
  • the above key generation procedure (the operation of the key generation unit 461, the matrix generation unit 462, and the key generation unit 463) is first set as the minimum processing unit for the combination of two types of scalability A method of repeating is conceivable.
  • N S the number of repetitions of the minimum processing unit
  • encryption corresponding to each packet in digital data having three layers of L (layer), two layers of R (resolution level), and three layers of C (component) as three types of scalability.
  • the key is generated by the encryption key generating apparatus 400 according to the fourth embodiment.
  • the partial key element matrix MPb (component K RL (0,0) to component K RL (2,1)) for the pair of scalability R, L and the partial key element matrix MPc (component) for the pair of scalability R, C Partial key element matrix MPa (component K LC (0,0) to component K LC (2,2)) for a combination of K RC (0,0) to component K RC (2,1)) and scalability L and C
  • the partial key element matrix MPb component K RL (0,0) to component K RL (2,1)
  • the partial key element matrix MPc (component) for the pair of scalability R
  • C Partial key element matrix MPa (component K LC (0,0) to component K LC (2,2)) for a combination of K RC (0,0) to component K RC (2,1)) and scalability L and C
  • the matrix generation means 462 also generates a hierarchy table 11a indicating all combinations of hierarchy values in scalability L, R, and C.
  • This hierarchical table 11a is a coordinate representation of a partial key matrix MP4 whose components are partial keys corresponding to the data units of each of the hierarchies in scalability L, R, and C, with the hierarchical value group of each combination.
  • the hierarchy table 11a shows the relationship between the type of scalability and the hierarchy value, and the components of the partial key element matrices MPa to MPc generated for all the combinations of scalability can be specified from this relationship. That is, the matrix generation unit 462 generates the partial key element table 11b corresponding to all combinations of the hierarchy values in the hierarchy table 11a.
  • the key combinations listed in the partial key element table 11b generated in this way correspond to the hierarchical value combinations in the hierarchical table 11a indicating the component coordinates of the partial key matrix MP4.
  • the key elements K RL R, L , K RC R, C , K LC L, C constituting one combination in the partial key element table 11b are obtained. Therefore, by combining the key elements in the partial key element table 11b corresponding to one combination for all combinations of the hierarchical table 11a indicating the component coordinates of the partial key matrix MP4 (region (b) in FIG. 16).
  • the partial key matrix MP4 is obtained.
  • each component of the partial key matrix MP4 generated by the matrix generating means 462 has a digital structure having three layers of L (layer), two layers of R (resolution level), and three layers of C (component) as scalability. It becomes an encryption key corresponding to each packet in the data. That is, each component of the partial key matrix MP4 is a partial key corresponding to a packet specified by a scalability hierarchy value representing the component coordinates.
  • the cryptographic key generation operation performed by the cryptographic key generation apparatus according to the fourth embodiment described above has been described using the two-dimensional matrix representation as in the first to third embodiments.
  • An encryption key generation operation that is generalized in the fourth embodiment in a three-dimensional state using the.
  • the number of layers N L of scalability L (layer) is 6
  • the number of layers N R of scalability R (resolution level) is 4,
  • the area (a) in FIG. 17 is a three-dimensional display of each coordinate component arrangement in the three-dimensional partial key matrix QM (the same applies to the three-dimensional key element matrix).
  • coordinate components K 5 , 3, and 2 corresponding to the lowest layers of scalability L, R, and C are master keys.
  • the coordinate components K 0,0,0 are coordinate components corresponding to the highest layers of scalability L, R, and C, respectively.
  • the lowest order partial keys K 5, 3, and 2 are divided by the minimum processing unit iteration number NS C 2 performed for two types of scalability, and master keys K RL , K RC , and K LC for each minimum processing unit are generated.
  • the master key K RL is a master key for generating key elements related to scalability L and R.
  • the master key KRC is a master key for generating key elements related to scalability R and C.
  • the master key KLC is a master key for generating key elements related to scalability L and C (see area (b) in FIG. 17).
  • FIG. 18 is a diagram illustrating a key element generation process corresponding to each layer of scalability L and R using a three-dimensionally displayed three-dimensional matrix in an encryption key generation operation that generalizes the operation executed by the fourth embodiment.
  • FIG. In the minimum processing unit for scalability L and R, the reference scalability is R, and the master key KRL is divided by the number of hierarchies 4 of the scalability R, whereby four divided keys e RL R3 , e RL R2 , e RL R1 and eRL R0 are obtained (see region (b) in FIG. 17).
  • the split key e RL R3 is assigned to the coordinate components P 5, 3, 2 (shaded portions in the area (a) of FIG. 18) of the three-dimensional matrix
  • the split key e using the one-way hash function H is used.
  • the hash calculation of RL R3 is performed in order from the lowest hierarchy of scalability L to the highest hierarchy. That is, every time hash calculation is performed, calculation data obtained is assigned to the corresponding coordinate components (all components located in the area surrounded by the solid line in the area (a) of FIG. 18). At this time, the calculation data H * 5 (e RL R3 ) is assigned to the coordinate component corresponding to the highest layer of the scalability L.
  • the split key e RL R2 is assigned to the coordinate component P 5,2,2 (shaded portion in the region (b) of FIG. 18) of the three-dimensional matrix
  • the split key e RL R2 is once set to the coordinate component P. It is copied (CP) to 5,3,2 .
  • the hash operation of the split key e RL R2 using the one-way hash function H is sequentially performed from the lowest hierarchy of the scalability L to the highest hierarchy. That is, every time hash calculation is performed, calculation data obtained is assigned to the corresponding coordinate components (all components located in the area surrounded by the solid line in the area (b) of FIG. 18).
  • the calculation data H * 5 (e RL R2 ) is assigned to the coordinate component corresponding to the highest layer of scalability L.
  • Operation data H * 6 (e RL R2 ) is assigned.
  • the three-dimensional key element matrix QM RL2 is generated.
  • the three-dimensional key element matrix QM RL3 shown in the area (c) of FIG. 18 is obtained by the hash calculation of the split key e RL R1 (assigned as coordinate components P 5 , 1, and 2 shown by diagonal lines) . Is also generated.
  • H indicates a hash calculation
  • CP indicates a copy operation of calculation data between coordinate components.
  • the three-dimensional key element matrix QM RL4 is obtained by hash calculation of the split key e RL R0 (assigned as coordinate components P 5,0,2 shown by oblique lines) . Is also generated.
  • FIG. 19 shows a key element generation process corresponding to each layer of scalability R and C using a three-dimensionally displayed three-dimensional matrix in the encryption key generation operation generalizing the operation executed by the fourth embodiment. It is a figure for demonstrating.
  • the reference scalability is R
  • the master key K RC is divided by the number of hierarchies 4 of the scalability R, thereby dividing the four divided keys e RC R3 , e RC R2 , and e RC.
  • R1 and e RC R0 are obtained (see region (b) in FIG. 17).
  • the split key e RC R3 is assigned to the coordinate component P 5,3,2 of the three-dimensional matrix (the hatched portion in the area (a) of FIG. 19)
  • the split key e RC R3 using the one-way hash function H is used. Are performed in order from the lowest hierarchy of scalability C to the highest hierarchy. That is, every time hash calculation is performed, the calculated data obtained is assigned to the corresponding coordinate components (all components located in the area surrounded by the solid line in the area (a) of FIG. 19). At this time, the calculation data H * 2 (e RC R3 ) is assigned to the coordinate component corresponding to the highest layer of scalability C.
  • the three-dimensional key element matrix QM RC2 shown in the area (b) of FIG. 19 includes a split key e RC R2 (coordinate components P 5, 2, 2 ) and a hash operation from the lowest layer of scalability C to the highest layer (a hash operation of the split key e RC R2 using the one-way hash function H). .
  • the three-dimensional key element matrix QM RC3 shown in the area (c) of FIG. 19 is also divided into a split key e RC R1 (coordinate component P 5 indicated by diagonal lines) to the lower hierarchy than the hierarchy 1 of the reference scalability R.
  • the three-dimensional key element matrix QM RC4 shown in the area (d) of FIG. 19 is also divided into the split key e RC R0 (indicated by the oblique lines) to the lower hierarchy than the hierarchy 0 (the highest hierarchy) of the reference scalability R.
  • FIG. 20 is a diagram illustrating a key element generation process corresponding to each layer of scalability L and C using a three-dimensionally displayed three-dimensional matrix in an encryption key generation operation that generalizes the operation executed by the fourth embodiment.
  • the reference scalability is C
  • the master key K LC is divided by the number of hierarchies 3 of the scalability C, whereby three divided keys e LC C2 , e LC C1 , e LC are obtained.
  • C0 is obtained (see region (b) in FIG. 17).
  • the split key e LC C2 When the split key e LC C2 is assigned to the coordinate component P 5,3,2 of the three-dimensional matrix (the hatched portion in the area (a) of FIG. 20), the split key e LC C2 using the one-way hash function H is used. Are sequentially performed from the lowest layer of scalability L toward the highest layer. That is, every time a hash operation is performed, the operation data obtained is assigned to the corresponding coordinate component (all components located in the region surrounded by the solid line in the region (a) in FIG. 20). At this time, the calculation data H * 5 (e LC C2 ) is assigned to the coordinate component corresponding to the highest layer of scalability L.
  • the three-dimensional key element matrix QM LC2 shown in the area (b) of FIG. 20 includes a split key e LC C1 (coordinate components P 5, 3, 1 ) and a hash operation from the lowest layer of scalability L to the highest layer (a hash operation of the split key e LC C1 using the one-way hash function H). .
  • the three-dimensional key element matrix QM LC3 shown in the area (c) of FIG. 20 is also divided into the split key e LC C0 (indicated by diagonal lines) that is lower than the hierarchy 0 (highest hierarchy) of the reference scalability C.
  • a three-dimensional partial key matrix QM is obtained by an encryption key generation operation that generalizes the operation executed by the fourth embodiment.
  • the encryption key generation operation executed by the encryption key generation apparatus according to the fourth embodiment described above uses the partial key generation procedure related to two types of scalability as a minimum processing unit, the number of layers of each scalability increases.
  • the resulting partial key cannot prevent a collusion attack of three or more people (in a multidimensional partial key matrix such as the three-dimensional partial key matrix QM in the area (a) of FIG. 17), a plurality of coordinate lines having the same partial key. Minute exists). Therefore, the encryption key generating apparatus according to the fifth embodiment generates an encryption key having sufficient resistance against collusion attacks of three or more people.
  • the encryption key generation apparatus according to the fifth embodiment will also be described with reference to the three-dimensional partial key matrix QM shown in the area (a) of FIG.
  • the prepared master key has coordinate components K 5 , 3, and 2 corresponding to the lowest layers of scalability L, R, and C as master keys.
  • the encryption key generation apparatus also has the structure shown in FIG. 7 as in the first embodiment, and more specifically, is shown in the area (a) of FIG. Realized by hardware configuration. It is assumed that the master key that can be easily recorded is recorded in the recording unit 470 through the input unit 450 in advance.
  • the key splitting means 461 has two types of scalability out of three or more types of scalability as shown in FIG. Is set to the standard scalability in advance.
  • scalability L and R are set as reference scalability.
  • the reference scalability R (first reference scalability) is scalability for generating a split key from the master keys K 5 , 3, and 2.
  • the key dividing means 461 divides the master key by the number of hierarchies 4 of the reference scalability R, whereby four divided keys e RL R3 , e RL R2 , e RL R1 , e RL corresponding to each layer of the reference scalability R are obtained. R0 is generated.
  • the reference scalability L is scalability for defining the calculation direction of the hash calculation using the one-way hash function as described above.
  • FIG. 21 shows the operation of generating the split key from the master key (the operation of the key splitting means 461 shown in FIG. It is a figure for demonstrating an example.
  • the matrix generation means 462 of the encryption key generation apparatus is a three-dimensional key element matrix expressed in coordinates with hierarchical values of three or more types of scalability L, R, and C (see region (a) in FIG. 17).
  • L, R, and C are generated for each series of hash operations corresponding to each layer of the reference scalability R for each layer of the scalability C other than the reference scalability L and R. Therefore, in this fifth embodiment, three types of scalability L, R, and C (the number of L layers: 6; the number of R layers: 4; the number of C layers: 3) are given by the above equation (1).
  • the total number of packets is 72, and the number of generated three-dimensional key element matrices given by Equation (2) is 12.
  • FIGS. 22 to 24 are diagrams for explaining a process of generating a three-dimensional key element matrix by the matrix generating means 462 of the encryption key generating apparatus according to the fifth embodiment.
  • FIG. 22 shows that the operation data obtained by performing the hash operation sequentially from the lowest hierarchy of scalability L to the highest hierarchy for the lowest hierarchy (hierarchy 2) of scalability C other than the reference scalability L and R is predetermined.
  • 3D key element matrix QM 1-1 generated by assigned to the coordinate component, QM 2-1, QM 3-1, showing the QM 4-1.
  • FIG. 24 shows the calculation data obtained by sequentially hashing from the lowest hierarchy of scalability L toward the highest hierarchy for the highest hierarchy (hierarchy 0) of scalability C other than the reference scalability L and R.
  • the three-dimensional key element matrices QM 1-3 , QM 2-3 , QM 3-3 , and QM 4-3 generated by being assigned to are shown.
  • the area (a) in FIG. 22 shows a three-dimensional generated using the split key e RL R3 corresponding to the lowest hierarchy of the reference scalability R for the lowest hierarchy 2 of the scalability C other than the reference scalability L and R.
  • the key element matrix QM 1-1 is shown.
  • the split key e RL R3 When the split key e RL R3 is assigned to the coordinate component P 5,3,2 of the three-dimensional matrix (the hatched portion in the area (a) of FIG. 22), the split key e RL R3 using the one-way hash function H is used. Are sequentially performed from the lowest layer of scalability L toward the highest layer. That is, every time hash calculation is performed, calculation data obtained is assigned to the corresponding coordinate components (all components located in the area surrounded by the solid line in the area (a) of FIG. 22). At this time, the calculation data H * 5 (e RL R3 ) is assigned to the coordinate component corresponding to the highest layer of the scalability L.
  • the area (b) in FIG. 22 shows the split key e corresponding to the hierarchy 2 of the reference scalability R (one hierarchy higher than the lowest hierarchy) for the lowest hierarchy 2 of the scalability C other than the reference scalability L and R.
  • a three-dimensional key element matrix QM 2-1 generated using RL R2 is shown.
  • the split key e RL R2 is assigned to the coordinate component P 5,2,2 (the hatched portion in the region (b) of FIG. 22) of the three-dimensional matrix.
  • the split key e RL R2 is temporarily copied (CP) to the coordinate components P 5 , 3, and 2 .
  • the hash operation of the split key e RL R2 using the one-way hash function H is sequentially performed from the lowest hierarchy of the scalability L to the highest hierarchy.
  • the calculated data obtained is assigned to the corresponding coordinate component (all components located in the area surrounded by the solid line in the area (b) of FIG. 22).
  • the calculation data H * 5 (e RL R2 ) is assigned to the coordinate component corresponding to the highest layer of scalability L.
  • the three-dimensional key element matrix QM 3-1 shown in the area (c) of FIG. 22 is similar to the above-described generation of the three-dimensional key element matrices QM 1-1 and QM 2-1 in the reference scalability R.
  • Copy operation of split key e RL R1 (assigned as coordinate components P 5 , 1, 2 indicated by diagonal lines) to hierarchy lower than hierarchy 1 and hash operation from the lowest hierarchy to the highest hierarchy of scalability L It is generated by repeating (the hash operation of the split key e RL R1 using the one-way hash function H).
  • the area (a) in FIG. 23 is a division corresponding to the lowest hierarchy of the reference scalability R with respect to the hierarchy 1 of the scalability C other than the reference scalability L and R (the hierarchy one level higher than the lowest hierarchy).
  • a three-dimensional key element matrix QM 1-2 generated using the key e RL R3 is shown.
  • the split key e RL R3 When the split key e RL R3 is assigned to the coordinate component P 5,3,2 of the three-dimensional matrix (the hatched portion in the region (a) of FIG. 23), the split key e RL R3 is once assigned to the coordinate component P 5,3. , 1 is copied (CP). Then, the hash operation of the split key e RL R3 using the one-way hash function H for each of the scalability C hierarchy 2 (lowest hierarchy) and hierarchy 1 (one hierarchy higher than the lowest hierarchy) is scalable. It is performed in order from the lowest hierarchy of L to the highest hierarchy. That is, every time hash calculation is performed, calculation data obtained is assigned to the corresponding coordinate component (all components located in the area surrounded by the solid line in the area (a) of FIG. 23).
  • the calculation data H * 5 (e RL R3 ) is assigned to the coordinate component corresponding to the highest layer of the scalability L.
  • Operation data H * 6 (e RL R3 ) is assigned.
  • the area (b) of FIG. 23 shows the split key e RL R2 corresponding to the layer 2 of the reference scalability R (one layer higher than the lowest layer) for the layer 1 of the scalability C other than the reference scalability L and R. 3D key element matrix QM 2-2 generated using shown.
  • the split key e RL R2 is 3-dimensional coordinate components of the matrix P 5, 2, 1 (the hatched portion in the region of FIG. 23 (b)).
  • the split key e RL R2 is temporarily copied (CP) to the coordinate components P 5,2 to 3, 1 and 2 .
  • the hash operation of the split key e RL R2 using the one-way hash function H is performed from the lowest layer of scalability L. It is performed in order toward the upper hierarchy.
  • the calculated data obtained is assigned to the corresponding coordinate component (all components located in the area surrounded by the solid line in the area (b) of FIG. 23).
  • the calculation data H * 5 (e RL R2 ) is assigned to the coordinate component corresponding to the highest layer of scalability L.
  • the operation data H * 5 (e RL R2 ) assigned to the coordinate component corresponding to the highest layer of scalability L is further hashed using the one-way hash function H.
  • the obtained calculation data H * 6 (e RL R2 ) is assigned.
  • the three-dimensional key element matrix QM 2-2 is generated.
  • the three-dimensional key element matrix QM 3-2 shown in the area (c) of FIG. 23 is also a layer of scalability C, similar to the generation of the above-described three-dimensional key element matrices QM 1-2 and QM 2-2.
  • Copy operation of the split key e RL R1 (assigned as coordinate components P 5 , 1, 1 indicated by hatching) to each of the layers lower than 1 and lower than layer 1 of the reference scalability R, and scalability It is generated by repeating a hash operation (the hash operation of the split key e RL R1 using the one-way hash function H) from the lowest hierarchy of L to the highest hierarchy.
  • the three-dimensional key element matrix QM 4-2 shown in the area (d) of FIG. 23 is lower than the hierarchy 1 of the reference scalability C and from the hierarchy 0 (the highest hierarchy) of the reference scalability R.
  • the area (a) in FIG. 24 shows the split key e RL R3 corresponding to the hierarchy 3 (lowest hierarchy) of the reference scalability R for the hierarchy 0 (highest hierarchy) of scalability C other than the reference scalability L and R.
  • a three-dimensional key element matrix QM 1-3 generated using the above is shown.
  • Operation data H * 5 (e RL R3 ) assigned to the coordinate component corresponding to the highest layer of scalability L using the one-way hash function H.
  • Operation data H * 6 (e RL R3 ) is assigned.
  • the three-dimensional key element matrix QM 1-3 is generated by the above calculation.
  • the area (b) in FIG. 24 corresponds to the hierarchy 0 (the highest hierarchy) of the scalability C other than the reference scalability L and R, and the hierarchy 2 (the hierarchy one level higher than the lowest hierarchy) of the reference scalability R.
  • a three-dimensional key element matrix QM 2-3 generated using the split key e RL R2 is shown.
  • the split key e RL R2 is assigned to the coordinate component P 5,2,0 (the hatched portion in the region (b) in FIG. 24) of the three-dimensional matrix.
  • the split key e RL R2 is temporarily copied (CP) to the coordinate components P 5,2 to 3, 0 to 2 .
  • the operations are performed in order from the lowest layer of scalability L to the highest layer.
  • calculation data obtained is assigned to corresponding coordinate components (all components located in the area surrounded by a solid line in area (b) of FIG. 24).
  • the calculation data H * 5 (e RL R2 ) is assigned to the coordinate component corresponding to the highest layer of scalability L.
  • the operation data H * 5 (e RL R2 ) assigned to the coordinate component corresponding to the highest layer of scalability L is further hashed using the one-way hash function H.
  • the obtained calculation data H * 6 (e RL R2 ) is assigned.
  • a three-dimensional key element matrix QM 2-3 is generated.
  • the three-dimensional key element matrix QM 3-3 shown in the area (c) of FIG. 24 also has a scalability C hierarchy, similar to the generation of the above-described three-dimensional key element matrices QM 1-3 and QM 2-3.
  • the split key e RL R1 (assigned as coordinate components P 5 , 1, 0 indicated by diagonal lines) that is lower than 0 (the highest hierarchy) and lower than the hierarchy 1 of the reference scalability R It is generated by repeating a copy operation and a hash operation from the lowest layer of scalability L to the highest layer (a hash operation of the split key e RL R1 using the one-way hash function H).
  • the matrix generation means 462 generates the three-dimensional key element matrices QM 1-1 to QM 4-1 and QM 1-2 to QM 4 shown in FIGS. -2 , QM 1-3 to QM 4-3 , the key generation means 463 joins the coordinate components that match each other to obtain a three-dimensional partial key matrix QM.
  • the output unit 480 outputs the three-dimensional partial key thus generated by the key generation unit 463 to the encoding unit 410.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

L'invention porte sur un dispositif de génération de clé de cryptage qui résiste à des attaques criminelles et qui génère une clé de cryptage de longueur réduite et adaptée à chaque couche de variabilité dimensionnelle. Dans le dispositif de génération de clé de cryptage (400), une clé maîtresse (K2,2) capturée par un moyen d'entrée (450) est enregistrée temporairement dans un moyen d'enregistrement (470). Un moyen de génération de matrice (462) génère des matrices d'élément de clé (M1 à M3) pour des clés (eR2, eR1, eR3) dans lesquelles un moyen de division de clé (461) divise la clé maîtresse (K2,2). Une opération de hachage utilisant une fonction de hachage unidirectionnelle est répétée, et les données résultantes sont attribuées aux composantes de coordonnées des matrices d'élément de clé (M1 à M3) afin de conserver la hiérarchie de la variabilité dimensionnelle (L). Sur la base des matrices d'élément de clé (M1 à M3), un moyen de génération de clé (463) génère des clés partielles (K1,1 à K2,2) correspondant aux couches de la variabilité dimensionnelle (R, L). Les clés partielles (K1,1 à K2,2) sont émises par un moyen d'émission (480) à un moyen de codage (410) ou à un moyen de décodage (420).
PCT/JP2009/058400 2007-11-05 2009-04-28 Dispositif de génération de clé de cryptage WO2010125654A1 (fr)

Priority Applications (4)

Application Number Priority Date Filing Date Title
PCT/JP2009/058400 WO2010125654A1 (fr) 2009-04-28 2009-04-28 Dispositif de génération de clé de cryptage
CN200980159024.9A CN102415049B (zh) 2009-04-28 2009-04-28 加密密钥生成装置
JP2011511221A JP5269984B2 (ja) 2009-04-28 2009-04-28 暗号鍵生成装置
US13/283,877 US8634553B2 (en) 2007-11-05 2011-10-28 Encryption key generation device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2009/058400 WO2010125654A1 (fr) 2009-04-28 2009-04-28 Dispositif de génération de clé de cryptage

Related Parent Applications (3)

Application Number Title Priority Date Filing Date
US12/522,642 Continuation-In-Part US20100020966A1 (en) 2007-11-05 2008-11-04 Method for generating encryption key
PCT/JP2008/070037 Continuation-In-Part WO2009060826A2 (fr) 2007-11-05 2008-11-04 Procédé pour générer une clé de chiffrement
US52264209A Continuation-In-Part 2007-11-05 2009-07-09

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/283,877 Continuation-In-Part US8634553B2 (en) 2007-11-05 2011-10-28 Encryption key generation device

Publications (1)

Publication Number Publication Date
WO2010125654A1 true WO2010125654A1 (fr) 2010-11-04

Family

ID=43031821

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2009/058400 WO2010125654A1 (fr) 2007-11-05 2009-04-28 Dispositif de génération de clé de cryptage

Country Status (3)

Country Link
JP (1) JP5269984B2 (fr)
CN (1) CN102415049B (fr)
WO (1) WO2010125654A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013081020A (ja) * 2011-10-03 2013-05-02 Sumitomo Electric Ind Ltd データ配信方法及びデータ配信システム
CN104993929A (zh) * 2015-05-15 2015-10-21 西安邮电大学 一种支持系统属性扩展的属性基加密系统及方法

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103078736A (zh) * 2013-01-25 2013-05-01 匡创公司 一种多维度密钥生成方法
CN107710671B (zh) * 2015-04-30 2020-06-12 德山真旭 终端装置及计算机可读存储介质
CN108809516B (zh) * 2018-05-17 2020-12-11 杭州安恒信息技术股份有限公司 一种格式化数据脱敏的高安全性编码解码方法
CN109787754B (zh) * 2018-12-14 2023-04-18 平安科技(深圳)有限公司 一种数据加解密方法、计算机可读存储介质及服务器
CN115134475B (zh) * 2022-08-31 2022-11-08 智联信通科技股份有限公司 一种衡器鉴重智能管理系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004297778A (ja) * 2003-03-07 2004-10-21 Canon Inc 画像データ暗号化方法及び装置、並びにコンピュータプログラム及びコンピュータ可読記憶媒体
JP2005051727A (ja) * 2003-07-11 2005-02-24 Canon Inc 鍵情報処理方法及びその装置、プログラム
JP2005109753A (ja) * 2003-09-29 2005-04-21 Canon Inc 鍵情報処理方法及びその装置、並びにプログラム
JP2006020292A (ja) * 2004-06-03 2006-01-19 Canon Inc 情報処理方法、情報処理装置

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3861790B2 (ja) * 2002-10-09 2006-12-20 ソニー株式会社 データ管理システム、データ管理方法、クライアント端末、及びサーバ装置
DE602005007526D1 (de) * 2004-02-27 2008-07-31 Ibm System zum Erreichen einer anonymen Kommunikation einer Nachricht unter Verwendung einer Geheimschlüsselkryptographie
US9077721B2 (en) * 2006-03-21 2015-07-07 Telefonaktiebolaget L M Ericsson (Publ) Methods and apparatus for registering or deregistering a user to or from an IP multimedia subsystem

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004297778A (ja) * 2003-03-07 2004-10-21 Canon Inc 画像データ暗号化方法及び装置、並びにコンピュータプログラム及びコンピュータ可読記憶媒体
JP2005051727A (ja) * 2003-07-11 2005-02-24 Canon Inc 鍵情報処理方法及びその装置、プログラム
JP2005109753A (ja) * 2003-09-29 2005-04-21 Canon Inc 鍵情報処理方法及びその装置、並びにプログラム
JP2006020292A (ja) * 2004-06-03 2006-01-19 Canon Inc 情報処理方法、情報処理装置

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013081020A (ja) * 2011-10-03 2013-05-02 Sumitomo Electric Ind Ltd データ配信方法及びデータ配信システム
CN104993929A (zh) * 2015-05-15 2015-10-21 西安邮电大学 一种支持系统属性扩展的属性基加密系统及方法
CN104993929B (zh) * 2015-05-15 2018-05-18 西安邮电大学 一种支持系统属性扩展的属性基加密系统及方法

Also Published As

Publication number Publication date
JPWO2010125654A1 (ja) 2012-10-25
JP5269984B2 (ja) 2013-08-21
CN102415049A (zh) 2012-04-11
CN102415049B (zh) 2014-08-06

Similar Documents

Publication Publication Date Title
US8634553B2 (en) Encryption key generation device
JP5269984B2 (ja) 暗号鍵生成装置
CN101807991B (zh) 密文政策属性基加密系统和方法
US7756271B2 (en) Scalable layered access control for multimedia
JP2009135871A (ja) 暗号鍵生成方法
US7457419B2 (en) Information processing method and apparatus for encrypting encoded data
JP6363032B2 (ja) 鍵付替え方向制御システムおよび鍵付替え方向制御方法
CN104717297A (zh) 一种安全云存储方法及系统
CN101536514B (zh) 用于管理密钥传输的方法和设备
KR20130036044A (ko) 비밀 분산 시스템, 분산 장치, 분산 관리 장치, 취득 장치, 비밀 분산 방법, 프로그램, 및 기록 매체
Chennam et al. Performance analysis of various encryption algorithms for usage in multistage encryption for securing data in cloud
Singh et al. Image encryption scheme based on Knight's tour problem
US20100054479A1 (en) Drm key management system using multi-dimensional grouping techniques
Chattopadhyay et al. Secure data outsourcing on cloud using secret sharing scheme.
JP6703706B2 (ja) 暗号文管理方法、暗号文管理装置及びプログラム
JP2013243441A (ja) 秘密分散システム、データ分散装置、データ復元装置、秘密分散方法、およびプログラム
JP7117964B2 (ja) 復号装置、暗号システム、復号方法及び復号プログラム
Mahalakshmi et al. An efficient image encryption method based on improved cipher block chaining in cloud computing as a security service
Kavuri et al. An improved integrated hash and attributed based encryption model on high dimensional data in cloud environment
CN110278210B (zh) 一种云环境下基于属性的可扩展视频数据访问控制方法
WO2005059776A2 (fr) Serveur de distribution de contenu, procede d'affectation de code, dispositif de sortie de contenu et central d'emission de code
KR20180113323A (ko) 와일드 카드를 포함하는 키 발급, 암호화 및 복호화 방법
CN113312604A (zh) 一种基于区块链认证具备公共重建的分布式秘密图像分享方法
Reddy et al. An efficient hybrid fuzzy image encryption models for the secured cloud accessing in portable robotics devices
TWI452889B (zh) 加密密鑰產生裝置

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200980159024.9

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09843998

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2011511221

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09843998

Country of ref document: EP

Kind code of ref document: A1