WO2012060001A1 - Content distribution system and method for same - Google Patents

Content distribution system and method for same Download PDF

Info

Publication number
WO2012060001A1
WO2012060001A1 PCT/JP2010/069602 JP2010069602W WO2012060001A1 WO 2012060001 A1 WO2012060001 A1 WO 2012060001A1 JP 2010069602 W JP2010069602 W JP 2010069602W WO 2012060001 A1 WO2012060001 A1 WO 2012060001A1
Authority
WO
WIPO (PCT)
Prior art keywords
content
concealment
unique information
query
random number
Prior art date
Application number
PCT/JP2010/069602
Other languages
French (fr)
Japanese (ja)
Inventor
健 長沼
Original Assignee
株式会社日立製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社日立製作所 filed Critical 株式会社日立製作所
Priority to PCT/JP2010/069602 priority Critical patent/WO2012060001A1/en
Publication of WO2012060001A1 publication Critical patent/WO2012060001A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]

Definitions

  • the present invention relates to a system for distributing content based on secret information unique to a service user.
  • LBS location-based services
  • the number of mobile phones and mobile services are already saturated, and high value-added services such as navigation services and concierge services are expected.
  • LBS is expected in this way, there is a problem of privacy infringement that the location information of the service user is known to the content server and the service provider.
  • the service provider obtains the location information of the service user, but the service is provided under a contract not to use it illegally.
  • the necessary minimum service user-specific information is, for example, the minimum information related to charging for receiving a paid service.
  • the service user desires to be able to receive the service without knowing the information unique to the service user to the service provider even if the information is necessary for receiving the service.
  • the service provider provides services such as providing content corresponding to the location of the service user, so it tries to acquire location information indicating the location of the service user.
  • the service user does not want the service provider to know information unique to the service user, such as location information indicating where the service user is.
  • the content server that distributes the content corresponding to the location information cannot specify the content to be distributed, so regardless of the location information (the concealed location information Content (including content corresponding to location information different from) needs to be distributed. If the content is distributed redundantly in this way, the server that distributes the content cannot know which service user is where and which content is received.
  • the number of times content is distributed according to the location of the service user is important marketing data, so it is not necessary to specify the service user who received the content, but which content is which It is necessary to know how many times it was delivered.
  • the service user wants to conceal unique information such as location information, but there is a request that the content server wants to know statistical information such as the number of times of content delivery corresponding to the service user's unique information.
  • statistical information such as the number of times of content delivery corresponding to the service user's unique information.
  • the disclosed content distribution system and method are configured as follows by a mobile communication terminal that transmits a query and a content server that distributes the content.
  • the mobile communication terminal stores a plurality of public keys corresponding to a plurality of pieces of unique information depending on service users.
  • the content server stores a plurality of secret keys corresponding to each of a plurality of public keys and a plurality of contents corresponding to each of a plurality of unique information.
  • the mobile communication terminal generates a pseudo-random number and generates a concealment query including a ciphertext obtained by encrypting the pseudo-random number using one of a plurality of public keys corresponding to one of a plurality of unique information.
  • the generated concealment query is transmitted to the content server.
  • the content server receives the concealment query, decrypts the received concealment query using each of the plurality of secret keys, acquires each of the plurality of decryption results as a plurality of estimated pseudo-random numbers, Using each of a plurality of estimated pseudorandom numbers corresponding to each secret key as a common key, encrypting a plurality of contents corresponding to each of a plurality of unique information, and moving the plurality of encrypted contents as a plurality of concealed contents Send to communication terminal.
  • the mobile communication terminal receives a plurality of concealed contents, decodes the plurality of concealed contents using a pseudo-random number as a common key, and acquires the decrypted contents as contents corresponding to one of the unique information .
  • the concealment query includes a bit string obtained by padding the ciphertext with a bit string at a first predetermined bit position of a pseudorandom number.
  • the mobile communication terminal and the content server store in advance a pseudorandom number generation rule and a bit string of a first predetermined bit position of the pseudorandom number generated based on the generation rule. Keep it.
  • the content server may include a plurality of decoding results when the bit string of the second predetermined bit position of each of the plurality of decoding results is the same as the bit string of the first predetermined bit position. Obtained as each estimated pseudo-random number.
  • the content server counts the number X of concealment queries received during a predetermined period, and sets the bit string length of the bit string at the first and second predetermined bit positions to p. And the bit string at the second predetermined bit position of each of the plurality of decoding results is different from the bit string at the first predetermined bit position and is estimated corresponding to the unique information j which is one of the plurality of unique information.
  • the number of times Yj for which the random number j has not been obtained is counted.
  • a specific aspect of the content distribution system and method is a plurality of pieces of unique information depending on the service user, for example, position information where the service user is located.
  • the service user can conceal the unique information, access the content server, and receive the desired content (corresponding to the concealed unique information). Further, according to the aspect in which the content server includes the distribution number estimation unit, the corresponding content distribution number can be estimated even if the unique information of the service user is kept secret.
  • a content distribution system and method disclosed as an embodiment of the present invention are configured as follows by a mobile communication terminal that transmits a query and a content server that distributes the content.
  • the mobile communication terminal stores a plurality of public keys corresponding to each of a plurality of pieces of unique information depending on the service user such as position information where the service user is located and broadcast channel information that the service user wants to watch. is doing.
  • the content server stores a plurality of secret keys corresponding to each of a plurality of public keys and a plurality of contents corresponding to each of a plurality of unique information.
  • the content is, for example, guide information related to the position corresponding to the position information and release key information of the scramble key of the broadcast program corresponding to the broadcast channel information.
  • the mobile communication terminal generates a pseudo random number, generates a concealment query including a ciphertext obtained by encrypting the pseudo random number using a public key corresponding to unique information, and transmits the generated concealment query to the content server.
  • the content server receives the concealment query, decrypts the received concealment query using each of the plurality of secret keys, and acquires each of the plurality of decryption results as a plurality of estimated pseudorandom numbers. Furthermore, using a plurality of estimated pseudorandom numbers corresponding to each of a plurality of secret keys as a common key, a plurality of contents corresponding to each of a plurality of unique information are encrypted, and a plurality of encrypted contents are concealed.
  • the mobile communication terminal receives a plurality of concealed contents, decrypts the received concealed contents using a pseudo-random number as a common key, and acquires the decrypted contents as contents corresponding to unique information.
  • the concealment query may include a bit string obtained by padding the ciphertext with a bit string at a first predetermined bit position of a pseudo-random number.
  • the mobile communication terminal and the content server may use a pseudo-random number generation rule and the generation rule.
  • the bit string of the first predetermined bit position of the pseudo-random number generated based on it may be stored in advance.
  • the content server obtains each of the plurality of estimated pseudo-random numbers when the bit string at the second predetermined bit position of each of the plurality of decoding results is the same as the bit string at the first predetermined bit position. .
  • the content server further includes an estimation unit for the number of times that the concealed content j corresponding to the unique information j is distributed, counts the number X of concealment queries received during a predetermined period, and the first and second predetermined P is the bit string length of the bit string at the bit position, and the bit string at the second predetermined bit position of each of the plurality of decoding results is different from the bit string at the first predetermined bit position and is an estimated random number corresponding to the unique information j
  • the unique information in the plurality of concealed contents corresponding to the concealment query including the ciphertext using one of the public keys corresponding to the unique information j is counted.
  • This embodiment is a location information service system in which location information of a user (service user) is used as unique information, and a content server distributes content corresponding to the location information to the user. Terms used in this embodiment are defined.
  • Position information includes latitude data and longitude data.
  • the location ID is an identifier indicating each region obtained by dividing the region where the location information service is provided by the content server into region 1, region 2,..., Region n.
  • the position ID is an integer value from 1 to n, and for example, the position ID of area 3 is 3.
  • Public key cryptography with block length k refers to a public key encryption algorithm in which the bit length of plaintext to be encrypted is k.
  • Public key i, private key i (i 1 to n)
  • the public key i and private key i indicate that the content server supports the location IDi of each region in advance when the region where the location information service is provided is divided into region 1, region 2,..., Region n. Then, using a public key cryptosystem key generation algorithm, a pair of a public key i having a block length k and a private key i is generated, and the public key i is made public to the mobile communication terminal of the service user. Is held by the content server.
  • Position ID determination has a table in which a region ID is divided into region 1, region 2,..., Region n, and a position information corresponding to each region.
  • the position ID corresponding to the position information of the longitude data is determined. Since the shape of each area is generally a polygon, the position information of the table is represented by the vertex coordinates (latitude data, longitude data) of the polygon, and the position ID is determined by comparing with the acquired position information.
  • Common key encryption method This is one of common key encryption method algorithms having a key length of k bits determined in advance between the content server and the service user (mobile communication terminal). That is the definition of the term.
  • FIG. 1 is a configuration diagram of a location information service system, which is a content distribution system of the present embodiment, during service operation.
  • the location information service system provides a service user 110 who uses a service, a mobile communication terminal 100 owned by the service user, and contents in a service providing area 130 where the location information service is provided.
  • Content server 120 The service providing area 130 is divided into area 1, area 2,..., Area n and n areas.
  • FIG. 1 a case where the service user 110 is divided into region 1, region 2, region 3, and region n is illustrated, and the service user 110 is located in region 3 and holds the mobile communication terminal 100.
  • the service user 110 transmits the concealment query D100 to the content server 120, and the content server 120 distributes the concealed content D200 to the service user 110 in response to the received concealment query D100.
  • the content held by the content server 120 is one content i corresponding to the region i (position IDi).
  • the content i may be updated with the passage of time, but the correspondence with the area i (position IDi) is maintained.
  • FIG. 2 is a hardware configuration diagram of the mobile communication terminal 100.
  • the mobile communication terminal 100 includes a CPU 101, an auxiliary storage device 102, a memory 103, a tamper resistant storage device 105, a display device 106, an input / output interface 107, a communication antenna 108, and a position information acquisition device 109.
  • a CPU 101 central processing unit 101
  • an auxiliary storage device 102 includes a central processing unit 101, a main memory 103, a tamper resistant storage device 105, a display device 106, an input / output interface 107, a communication antenna 108, and a position information acquisition device 109.
  • a display device 106 includes a display device 106, a display device 106, an input / output interface 107, a communication antenna 108, and a position information acquisition device 109.
  • an internal signal line 104 such as a bus.
  • the program is loaded into the memory 103 and executed by the CPU 101.
  • the position information acquisition device 109 includes a global positioning system (GPS), and the GPS measures latitude data and longitude data where the mobile communication terminal 100 is located.
  • GPS global positioning system
  • FIG. 3 is a hardware configuration diagram of the content server 120.
  • the content server 120 includes a CPU 121, an auxiliary storage device 122, a memory 123, a tamper resistant storage device 125, a display device 126, an input / output interface 127, and a communication device 128 via an internal signal line 124 such as a bus. Connected and configured.
  • the program is loaded into the memory 123 together with the secret key and executed by the CPU 121.
  • the auxiliary storage device 122 stores content provided as a location information service.
  • FIG. 4 is a processing flow during service operation between the mobile communication terminal 100 and the content server 120.
  • the mobile communication terminal 100 activates a communication application and starts wireless communication with the content server 120 (S100).
  • the mobile communication terminal 100 acquires the current latitude data and longitude data position information from the position information acquisition device 109 (S200).
  • the mobile communication terminal 100 generates a concealment query (D100) to be transmitted to the content server 120 based on the acquired position information (S300).
  • the mobile communication terminal 100 transmits the generated concealment query (D100) to the content server 120.
  • the content server 120 receives the concealment query (D100), and selects content to be distributed to the mobile communication terminal 100 in response to the received concealment query (D100) (S400).
  • the content corresponding to (position ID) is decrypted, and the process ends (S600).
  • FIG. 5 is a flowchart (S300) for generating a concealment query in the processing flow at the time of service operation of FIG.
  • the mobile communication terminal 100 determines the position IDi from the position information obtained by the position information acquisition process (S200) as described above (position ID determination) (S310).
  • a k-bit pseudorandom number is generated (S330), the generated pseudorandom number is encrypted using the public key i, a k-bit ciphertext is generated (S340), and the first bit of the bit string of the pseudorandom number is generated.
  • Bit string padding is performed on the generated ciphertext to generate a concealment query (D100) of a bit string of k + 1 bits (S350).
  • FIG. 6 shows a concealment query (D100) data format generated by the concealment query generation process (S300).
  • the concealment query (D100) is data consisting of a bit string of length k + 1 bits.
  • the k-bit ciphertext generated in (S340) is stored from the first bit to the k-th bit of the concealment query (D100).
  • the first bit to the kth bit are referred to as a ciphertext part of the concealment query (D100).
  • the first bit of the pseudorandom number generated in (S330) is stored in the (k + 1) th bit of the concealment query (D100). This k + 1 bit is called a plaintext part of the concealment query (D100).
  • FIG. 7 is a flowchart (S400) for receiving a concealment query in the processing flow at the time of service operation of FIG.
  • FIG. 8 is a flowchart (S500) for generating the concealment content in the processing flow at the time of service operation of FIG.
  • the meaning of the selection will be clarified in the following explanation.
  • the estimated random number i is stored (S530), and if it is stored, the content i is encrypted using a common key encryption method using the estimated random number i as a common key, and the area provided in the memory 123 Is stored in the concealed content i (S540). If the estimated random number i is not stored (in the case of the initial value stored in S420), a bit string of value 0 is stored in the concealed content i (S550). The variable i is incremented to i + 1 (S560). If i is n or less, the process returns to S530, and if i is greater than n, the process is terminated (S570).
  • the number of concealed contents to be distributed matches the estimated random number i with the k-bit pseudo random number generated by the mobile communication terminal 100 Therefore, the number of concealed contents to be distributed can be specified as one content i corresponding to the position IDi. In this case, the concealment query (D100) is not concealed.
  • the bit length of the plaintext part may be increased in order to reduce the number of concealed contents to be distributed, but in order to ensure the concealment of the concealment query (D100) It is necessary to sufficiently shorten the bit length k of the random number.
  • the bit length of the plaintext part is determined together with the bit length k of the pseudo random number based on the confidentiality required as a system specification.
  • the concealed content i is decrypted, and the decrypted content i is acquired as the content i corresponding to the area ID i requested by the mobile communication terminal 100.
  • the content i that can be acquired is a decryption result of the concealed content i that has been encrypted using a k-bit pseudorandom number as the estimated random number i. Even if the other concealed content i is decrypted using the k-bit pseudo-random number generated in S330, the content before being encrypted is not reproduced.
  • the content server distributes the content redundantly, so the number of times of content distribution corresponding to the service user's area IDi (service The number of contents that the user could decrypt and reproduce is not known. Accordingly, a process for statistically processing the redundant distribution number of contents and obtaining the distribution number of contents corresponding to the service user's area IDi will be described.
  • the content server 120 counts the total number of received concealment queries (D100) and sets the total number to X.
  • D100 the number of times the estimated random number j is not obtained (the number of mismatches in S450 in FIG. 7 and the number of times content j has not been distributed)
  • Yj the number of distributions Z of content j corresponding to the user's area ID j (total number of service users in area j)
  • Z X ⁇ (2 ⁇ p) ⁇ Yj.
  • the ratio between the number of service users who actually received the content j in the region j and the number of distribution times Z of the content j is Converges to 1.
  • the plaintext part of the concealment query (D100) may be modified as follows. For example, instead of setting the plaintext part to be 1-bit length, a rule for generating a pseudo-random number such as “the first bit of the pseudo-random number is set to 1” is defined in advance between the mobile communication terminal 100 and the content server 120. If so, by checking whether the first bit is 1 in the bit string obtained when the ciphertext part is decrypted with the secret key, the generation of the pseudo random number can be eliminated with a probability of 1/2. Further, although the first bit has been described from the beginning, even in the case of p bits, the bit position is determined in advance between the content server 120 and the mobile communication terminal 100, and the value of the bit at the determined bit position You may check.
  • the ciphertext part is used as a secret key in the process (S450) within the concealment query reception process (S400). It is determined whether the bit string obtained upon decoding satisfies the pseudo-random number generation rule described above. If not, generation of pseudo-random numbers may be excluded.
  • the service user 110 determines a service user function using a k-bit pseudo-random number as a command argument, publishes the service user function to the content server 120, and as a plaintext part of the concealment query (D100),
  • the content server compares the plaintext part with the service user function value of the bit string obtained by decrypting the ciphertext part with the secret key, and eliminates the generation of pseudo-random numbers. May be.
  • a pseudorandom number is generated each time the concealment query generation process (S300) is performed.
  • the pair of the location ID and pseudorandom number of the concealment query generated when using the previous service may be cached, and the cached pseudorandom number may be used for the same location ID.
  • This embodiment is an example of a system in which a service user searches a content database while concealing unique information.
  • the content server is a server that distributes a pay TV broadcast descrambling key, and the service user selects one channel from a plurality of pay broadcasting channels and wants to receive the descrambling key from the server.
  • the descrambling key distribution server wants to keep the descrambling key distribution server secret.
  • FIG. 9 shows that the service user 110 having the communication terminal 130 selects channel 3 (140) from the pay broadcast channel list and receives the descrambling key from the descrambling key distribution server 120. It is a block diagram of a key distribution system. At this time, the service user 110 can receive the descrambling key of channel 3 from the descrambling key distribution server 120 in a state of concealing channel 3 by the same processing as in the first embodiment.
  • the service user 110 sets the unique information as channel 3 150 instead of the position ID of the first embodiment, generates a concealment query (E100) corresponding to channel 3 and generates the concealment query.
  • (E100) is transmitted to the descrambling key distribution server 140.
  • the descrambling key distribution server 140 scrambles the descrambling key distribution server 140 in a state in which the service user 110 has concealed which channel the descrambling key has been received. Distribution becomes possible.
  • the service user can conceal the unique information, access the content server, and receive the desired content (corresponding to the concealed unique information).
  • the content server can estimate the corresponding content distribution count even if the service user's unique information is kept secret.
  • 100 mobile communication terminal
  • 110 service user
  • 120 content server
  • 130 service area 140
  • descrambling key distribution server 150: pay broadcast channel list
  • 160 descrambling key
  • D100, E100 concealment query
  • D200, E200 Confidential content.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A mobile communication terminal uses public keys corresponding to unique information items to generate hidden queries including encrypted text in which pseudorandom numbers have been encrypted, and the mobile communication terminal transmits the hidden queries to a content server. The content server uses each of a plurality of private keys to decrypt the received hidden queries and thereby acquire a plurality of estimated pseudorandom numbers. The content server uses each of the plurality of estimated pseudorandom numbers, which correspond to each of the plurality of private keys, as common keys to encrypt a plurality of content items which correspond to each of the plurality of unique information items. The content server transmits the plurality of encrypted hidden content items to the mobile communication terminal. The mobile communication terminal uses the pseudorandom numbers as common keys to decrypt the received plurality of hidden content items. The mobile communication terminal acquires the content items that the mobile communication terminal has been able to decrypt, as content items corresponding to the unique information items.

Description

コンテンツ配信システム及びその方法Content distribution system and method
 本発明は、サービス利用者の秘匿された固有の情報に基づいてコンテンツを配信するシステムに関する。 The present invention relates to a system for distributing content based on secret information unique to a service user.
 2007年4月、携帯電話へのGPS機能搭載が義務化され、それに伴い、携帯電話を使用するナビゲーションサービスなどの位置情報サービス:LBS(Location Based Services)市場が拡大し、位置情報サービスが社会インフラの一部になりつつある。 In April 2007, mobile phones were required to be equipped with a GPS function. As a result, location services such as navigation services using mobile phones expanded: the location-based services (LBS) market, and location-based services became social infrastructure. Is becoming part of
 携帯電話の普及台数やモバイルサービスが、もはや飽和状態となっており、ナビゲーションサービスやコンシェルジュサービスなどの高付加価値サービスが期待されている。 The number of mobile phones and mobile services are already saturated, and high value-added services such as navigation services and concierge services are expected.
 このように期待されているLBSだが、サービス利用者の位置情報が、コンテンツサーバおよびサービス提供者に知られるというプライバシ侵害の問題がある。 Although LBS is expected in this way, there is a problem of privacy infringement that the location information of the service user is known to the content server and the service provider.
 従来のLBSでは、サービス提供者はサービス利用者の位置情報を取得するが、不正な利用はしないという契約の下で、サービスが提供されていた。 In the conventional LBS, the service provider obtains the location information of the service user, but the service is provided under a contract not to use it illegally.
 LBSに限らず、サービスの提供を受けるに際して、ユーザ(サービス利用者)は必要最小限のサービス利用者固有の情報以外の情報をサービス提供者に知られたくない。必要最小限のサービス利用者固有の情報とは、たとえば有償のサービスを受けるための課金に関わる最小限情報である。有償サービスであり、そのアカウントを作るために、年齢や性別などのサービス利用者固有の情報を要求するサービス提供者があるが、サービス利用者は課金に無関係な年齢や性別などのサービス利用者固有の情報まで知られたくない。サービス利用者は、さらに、サービスの提供を受けるために必要な情報であっても、サービス利用者固有の情報をサービス提供者に知られずに、サービスの提供が受けられることを望む。  Not only LBS, but users (service users) do not want service providers to know information other than the minimum necessary information specific to service users when receiving services. The necessary minimum service user-specific information is, for example, the minimum information related to charging for receiving a paid service. There is a service provider that requests service-specific information such as age and gender to create an account for a paid service, but the service user is specific to the service user such as age and gender unrelated to billing I do not want to know the information. Further, the service user desires to be able to receive the service without knowing the information unique to the service user to the service provider even if the information is necessary for receiving the service.
 LBSを例にすると、サービス提供者は、サービス利用者の位置に対応したコンテンツの提供などのサービスを提供するので、サービス利用者の位置を示す位置情報を取得しようとする。一方、サービス利用者は、サービス利用者がどこにいるかを示す位置情報のようなサービス利用者固有の情報をサービス提供者に知られたくない。 Taking LBS as an example, the service provider provides services such as providing content corresponding to the location of the service user, so it tries to acquire location information indicating the location of the service user. On the other hand, the service user does not want the service provider to know information unique to the service user, such as location information indicating where the service user is.
 一方で、サービス利用者の位置情報を秘匿した場合、その位置情報に対応するコンテンツを配信するコンテンツサーバは、配信するコンテンツを特定することができないので、位置情報に無関係に(秘匿された位置情報とは異なる位置情報に対応したコンテンツを含めて)コンテンツを配信する必要がある。このようにコンテンツを冗長に配信すると、コンテンツを配信するサーバは、どのサービス利用者が何処に居て、どのコンテンツを受け取ったかを知ることが出来ない。 On the other hand, if the location information of the service user is concealed, the content server that distributes the content corresponding to the location information cannot specify the content to be distributed, so regardless of the location information (the concealed location information Content (including content corresponding to location information different from) needs to be distributed. If the content is distributed redundantly in this way, the server that distributes the content cannot know which service user is where and which content is received.
 サービス提供者(コンテンツサーバ)にとって、サービス利用者の位置に伴うコンテンツの配信回数は、重要なマーケティングデータであるため、コンテンツを受信したサービス利用者を特定する必要は無いが、どのコンテンツが、どの位の回数、配信されたかを知る必要がある。 For the service provider (content server), the number of times content is distributed according to the location of the service user is important marketing data, so it is not necessary to specify the service user who received the content, but which content is which It is necessary to know how many times it was delivered.
 このように、サービス利用者は位置情報のような固有の情報を秘匿したいが、コンテンツサーバはサービス利用者の固有の情報に対応するコンテンツ配信回数などの統計情報を知りたいという要求がある。このような、互いに矛盾する課題であるが、互いに対応する特別な技術的課題に注目した先行技術文献は見当たらない。 As described above, the service user wants to conceal unique information such as location information, but there is a request that the content server wants to know statistical information such as the number of times of content delivery corresponding to the service user's unique information. There are no prior art documents that focus on special technical issues corresponding to each other, although these are contradictory issues.
 開示するコンテンツ配信システム及びその方法は、クエリを送信する移動通信端末とコンテンツを配信するコンテンツサーバにより、次のような構成される。移動通信端末は、サービス利用者に依存する複数の固有の情報の各々に対応する複数の公開鍵を記憶している。コンテンツサーバは、複数の公開鍵の各々に対応する複数の秘密鍵および複数の固有の情報の各々に対応する複数のコンテンツを記憶している。移動通信端末は、擬似乱数を生成し、複数の固有の情報の一つに対応する、複数の公開鍵の一つを用いて、擬似乱数を暗号化した暗号文を含む秘匿化クエリを生成し、生成した秘匿化クエリをコンテンツサーバへ送信する。コンテンツサーバは、秘匿化クエリを受信し、複数の秘密鍵の各々を用いて、受信した秘匿化クエリを復号化して、複数の復号化結果の各々を複数の推定擬似乱数として取得し、複数の秘密鍵の各々に対応する複数の推定擬似乱数の各々を共通鍵として、複数の固有の情報の各々に対応する複数のコンテンツを暗号化し、暗号化した複数のコンテンツを複数の秘匿化コンテンツとして移動通信端末へ送信する。移動通信端末は、複数の秘匿化コンテンツを受信し、疑似乱数を共通鍵として、受信した複数の秘匿化コンテンツを復号し、復号できたコンテンツを固有の情報の一つに対応したコンテンツとして取得する。 The disclosed content distribution system and method are configured as follows by a mobile communication terminal that transmits a query and a content server that distributes the content. The mobile communication terminal stores a plurality of public keys corresponding to a plurality of pieces of unique information depending on service users. The content server stores a plurality of secret keys corresponding to each of a plurality of public keys and a plurality of contents corresponding to each of a plurality of unique information. The mobile communication terminal generates a pseudo-random number and generates a concealment query including a ciphertext obtained by encrypting the pseudo-random number using one of a plurality of public keys corresponding to one of a plurality of unique information. The generated concealment query is transmitted to the content server. The content server receives the concealment query, decrypts the received concealment query using each of the plurality of secret keys, acquires each of the plurality of decryption results as a plurality of estimated pseudo-random numbers, Using each of a plurality of estimated pseudorandom numbers corresponding to each secret key as a common key, encrypting a plurality of contents corresponding to each of a plurality of unique information, and moving the plurality of encrypted contents as a plurality of concealed contents Send to communication terminal. The mobile communication terminal receives a plurality of concealed contents, decodes the plurality of concealed contents using a pseudo-random number as a common key, and acquires the decrypted contents as contents corresponding to one of the unique information .
 コンテンツ配信システム及びその方法の他の態様は、秘匿化クエリは、疑似乱数の第1の所定のビット位置のビット列を前記暗号文にビット列パディングしたビット列を含む。 In another aspect of the content distribution system and method, the concealment query includes a bit string obtained by padding the ciphertext with a bit string at a first predetermined bit position of a pseudorandom number.
 コンテンツ配信システム及びその方法のさらに他の態様は、移動通信端末とコンテンツサーバは、疑似乱数の生成規則と該生成規則に基づき生成する疑似乱数の第1の所定のビット位置のビット列とを予め記憶しておく。 According to still another aspect of the content distribution system and method, the mobile communication terminal and the content server store in advance a pseudorandom number generation rule and a bit string of a first predetermined bit position of the pseudorandom number generated based on the generation rule. Keep it.
 コンテンツ配信システム及びその方法のさらに他の態様は、コンテンツサーバは、複数の復号化結果の各々の第2の所定のビット位置のビット列が第1の所定のビット位置のビット列と同じとき、複数の推定擬似乱数の各々として取得する。 According to still another aspect of the content distribution system and the method thereof, the content server may include a plurality of decoding results when the bit string of the second predetermined bit position of each of the plurality of decoding results is the same as the bit string of the first predetermined bit position. Obtained as each estimated pseudo-random number.
 コンテンツ配信システム及びその方法のさらに他の態様は、コンテンツサーバは、所定の期間に受信した秘匿化クエリの数Xをカウントし、第1及び第2の所定のビット位置のビット列のビット列長をpとし、複数の復号化結果の各々の第2の所定のビット位置のビット列が第1の所定のビット位置のビット列と異なり、複数の固有の情報の一つである固有の情報jに対応する推定乱数jを求めなかった回数Yjをカウントし、固有の情報jに対応した公開鍵の一つjを用いた暗号文を含む秘匿化クエリに対応して、複数の秘匿化コンテンツの中の固有の情報jに対応する秘匿化コンテンツjを配信した回数ZをZ=X-(2^p)×Yjとして推定する。 In still another aspect of the content distribution system and method, the content server counts the number X of concealment queries received during a predetermined period, and sets the bit string length of the bit string at the first and second predetermined bit positions to p. And the bit string at the second predetermined bit position of each of the plurality of decoding results is different from the bit string at the first predetermined bit position and is estimated corresponding to the unique information j which is one of the plurality of unique information In response to a concealment query including ciphertext using one of the public keys corresponding to the unique information j, the number of times Yj for which the random number j has not been obtained is counted. The number of times Z at which the concealed content j corresponding to the information j is distributed is estimated as Z = X− (2 ^ p) × Yj.
 コンテンツ配信システム及びその方法の具体的態様は、サービス利用者に依存する複数の固有の情報が、たとえば、サービス利用者が位置する位置情報である。 A specific aspect of the content distribution system and method is a plurality of pieces of unique information depending on the service user, for example, position information where the service user is located.
 開示するコンテンツ配信システム及びその方法によれば、サービス利用者は固有の情報を秘匿してコンテンツサーバにアクセスし、所望の(秘匿した固有の情報に対応した)コンテンツの配信を受けることができる。また、コンテンツサーバが配信回数推定部を含む態様によれば、サービス利用者の固有の情報が秘匿されていても、対応するコンテンツ配信回数を推定することができる。 According to the disclosed content distribution system and method, the service user can conceal the unique information, access the content server, and receive the desired content (corresponding to the concealed unique information). Further, according to the aspect in which the content server includes the distribution number estimation unit, the corresponding content distribution number can be estimated even if the unique information of the service user is kept secret.
位置情報サービスシステムの構成図である。It is a block diagram of a location information service system. 移動通信端末のハードウェア構成図である。It is a hardware block diagram of a mobile communication terminal. コンテンツサーバのハードウェア構成図である。It is a hardware block diagram of a content server. サービス運用時の処理フローである。It is a processing flow at the time of service operation. 秘匿化クエリ生成の処理フローである。It is a processing flow of concealment query generation. 秘匿化クエリのデータフォーマットである。It is a data format of a concealment query. 秘匿化クエリ受信の処理フローである。It is a processing flow of concealment query reception. 秘匿化コンテンツ生成の処理フローである。It is a processing flow of generation of confidential content. 有料放送のスクランブル解除鍵配信システムの構成図である。It is a block diagram of the descrambling key distribution system of pay broadcasting.
 本発明の実施形態として開示するコンテンツ配信システム及びその方法は、クエリを送信する移動通信端末とコンテンツを配信するコンテンツサーバにより、次のような構成される。 A content distribution system and method disclosed as an embodiment of the present invention are configured as follows by a mobile communication terminal that transmits a query and a content server that distributes the content.
 移動通信端末は、サービス利用者が位置する位置情報やサービス利用者が視聴を望む放送チャンネル情報のような、サービス利用者に依存する複数の固有の情報の各々に対応する複数の公開鍵を記憶している。コンテンツサーバは、複数の公開鍵の各々に対応する複数の秘密鍵および複数の固有の情報の各々に対応する複数のコンテンツを記憶している。コンテンツは、たとえば、位置情報に対応したその位置に関する案内情報や放送チャンネル情報に対応した放送番組のスクランブル鍵の解除鍵情報である。 The mobile communication terminal stores a plurality of public keys corresponding to each of a plurality of pieces of unique information depending on the service user such as position information where the service user is located and broadcast channel information that the service user wants to watch. is doing. The content server stores a plurality of secret keys corresponding to each of a plurality of public keys and a plurality of contents corresponding to each of a plurality of unique information. The content is, for example, guide information related to the position corresponding to the position information and release key information of the scramble key of the broadcast program corresponding to the broadcast channel information.
 移動通信端末は、擬似乱数を生成し、固有の情報に対応する公開鍵を用いて、擬似乱数を暗号化した暗号文を含む秘匿化クエリを生成し、生成した秘匿化クエリをコンテンツサーバへ送信する。コンテンツサーバは、秘匿化クエリを受信し、複数の秘密鍵の各々を用いて、受信した秘匿化クエリを復号化して、複数の復号化結果の各々を複数の推定擬似乱数として取得する。さらに、複数の秘密鍵の各々に対応する複数の推定擬似乱数の各々を共通鍵として、複数の固有の情報の各々に対応する複数のコンテンツを暗号化し、暗号化した複数のコンテンツを複数の秘匿化コンテンツとして移動通信端末へ送信する。移動通信端末は、複数の秘匿化コンテンツを受信し、疑似乱数を共通鍵として、受信した複数の秘匿化コンテンツを復号し、復号できたコンテンツを固有の情報に対応したコンテンツとして取得する。 The mobile communication terminal generates a pseudo random number, generates a concealment query including a ciphertext obtained by encrypting the pseudo random number using a public key corresponding to unique information, and transmits the generated concealment query to the content server. To do. The content server receives the concealment query, decrypts the received concealment query using each of the plurality of secret keys, and acquires each of the plurality of decryption results as a plurality of estimated pseudorandom numbers. Furthermore, using a plurality of estimated pseudorandom numbers corresponding to each of a plurality of secret keys as a common key, a plurality of contents corresponding to each of a plurality of unique information are encrypted, and a plurality of encrypted contents are concealed. Is transmitted to the mobile communication terminal as an encrypted content. The mobile communication terminal receives a plurality of concealed contents, decrypts the received concealed contents using a pseudo-random number as a common key, and acquires the decrypted contents as contents corresponding to unique information.
 秘匿化クエリは、疑似乱数の第1の所定のビット位置のビット列を前記暗号文にビット列パディングしたビット列を含んでも良いし、移動通信端末とコンテンツサーバは、疑似乱数の生成規則と該生成規則に基づき生成する疑似乱数の第1の所定のビット位置のビット列とを予め記憶しておいてもよい。このような場合、コンテンツサーバは、複数の復号化結果の各々の第2の所定のビット位置のビット列が第1の所定のビット位置のビット列と同じとき、複数の推定擬似乱数の各々として取得する。 The concealment query may include a bit string obtained by padding the ciphertext with a bit string at a first predetermined bit position of a pseudo-random number. The mobile communication terminal and the content server may use a pseudo-random number generation rule and the generation rule. The bit string of the first predetermined bit position of the pseudo-random number generated based on it may be stored in advance. In such a case, the content server obtains each of the plurality of estimated pseudo-random numbers when the bit string at the second predetermined bit position of each of the plurality of decoding results is the same as the bit string at the first predetermined bit position. .
 コンテンツサーバは、さらに固有の情報jに対応する秘匿化コンテンツjを配信した回数の推定部を含み、所定の期間に受信した秘匿化クエリの数Xをカウントし、第1及び第2の所定のビット位置のビット列のビット列長をpとし、複数の復号化結果の各々の第2の所定のビット位置のビット列が第1の所定のビット位置のビット列と異なり、固有の情報jに対応する推定乱数jを求めなかった回数Yjをカウントし、固有の情報jに対応した公開鍵の一つjを用いた暗号文を含む秘匿化クエリに対応して、複数の秘匿化コンテンツの中の固有の情報jに対応する秘匿化コンテンツjを配信した回数ZをZ=X-(2^p)×Yjとして推定する。 The content server further includes an estimation unit for the number of times that the concealed content j corresponding to the unique information j is distributed, counts the number X of concealment queries received during a predetermined period, and the first and second predetermined P is the bit string length of the bit string at the bit position, and the bit string at the second predetermined bit position of each of the plurality of decoding results is different from the bit string at the first predetermined bit position and is an estimated random number corresponding to the unique information j The unique information in the plurality of concealed contents corresponding to the concealment query including the ciphertext using one of the public keys corresponding to the unique information j is counted. The number of times Z at which the concealed content j corresponding to j is distributed is estimated as Z = X− (2 ^ p) × Yj.
 本実施例は、ユーザ(サービス利用者)の位置情報を固有の情報として、コンテンツサーバがその位置情報に対応したコンテンツをユーザに配信する位置情報サービスシステムである。本実施例で使用する用語を定義する。
(1)位置情報
位置情報は、緯度データおよび経度データを含む。 This embodiment is a location information service system in which location information of a user (service user) is used as unique information, and a content server distributes content corresponding to the location information to the user. Terms used in this embodiment are defined.
(1) Position information The position information includes latitude data and longitude data.
 (2)位置ID
位置IDとは、コンテンツサーバによって位置情報サービスが提供されている地域を、地域1、地域2、・・・、地域nと分割した各地域を示す識別子である。本実施例では、位置IDを1~nの整数値とし、たとえば、地域3の位置IDを3とする。 (2) Location ID
The location ID is an identifier indicating each region obtained by dividing the region where the location information service is provided by the content server into region 1, region 2,..., Region n. In this embodiment, the position ID is an integer value from 1 to n, and for example, the position ID of area 3 is 3.
 (3)ブロック長kの公開鍵暗号
ブロック長kの公開鍵暗号とは、暗号化する平文のビット長がkの公開鍵暗号アルゴリズムを指す。 (3) Public Key Cryptography with Block Length k Public key cryptography with block length k refers to a public key encryption algorithm in which the bit length of plaintext to be encrypted is k.
 (4)公開鍵i、秘密鍵i(i=1~n)
公開鍵i、秘密鍵iとは、位置情報サービスが提供されている地域を地域1、地域2、・・・、地域nと分割した際に、事前にコンテンツサーバが各地域の位置IDiに対応して、公開鍵暗号方式の鍵生成アルゴリズムを用いて、ブロック長kの公開鍵iと秘密鍵iのペアを生成し、公開鍵iをサービス利用者の移動通信端末に公開し、秘密鍵iをコンテンツサーバが保持する。 (4) Public key i, private key i (i = 1 to n)
The public key i and private key i indicate that the content server supports the location IDi of each region in advance when the region where the location information service is provided is divided into region 1, region 2,..., Region n. Then, using a public key cryptosystem key generation algorithm, a pair of a public key i having a block length k and a private key i is generated, and the public key i is made public to the mobile communication terminal of the service user. Is held by the content server.
 (5)位置ID決定
位置ID決定とは、地域を、地域1、地域2、・・・、地域nと分割した各地域の位置IDと位置情報とを対応させたテーブルを持ち、緯度データおよび経度データの位置情報に対応した位置IDを決定する。各地域の形状は一般に多角形であるので、テーブルの位置情報をその多角形の頂点座標(緯度データ、経度データ)で表し、取得した位置情報と比較することにより位置IDを決定する。 (5) Position ID determination Position ID determination has a table in which a region ID is divided into region 1, region 2,..., Region n, and a position information corresponding to each region. The position ID corresponding to the position information of the longitude data is determined. Since the shape of each area is generally a polygon, the position information of the table is represented by the vertex coordinates (latitude data, longitude data) of the polygon, and the position ID is determined by comparing with the acquired position information.
 (6)秘匿化クエリ生成用公開鍵の決定
秘匿化クエリ生成用公開鍵決定とは、位置IDiに対応して予め生成された公開鍵iを決定する。 (6) Determination of the public key for generating the concealment query In the determination of the public key for generating the concealment query, the public key i generated in advance corresponding to the position IDi is determined.
 (7)共通鍵暗号方式
コンテンツサーバとサービス利用者(移動通信端末)の間で予め定めた鍵長kビットの共通鍵暗号方式のアルゴリズムの1つである。
用語の定義は以上である。 (7) Common key encryption method This is one of common key encryption method algorithms having a key length of k bits determined in advance between the content server and the service user (mobile communication terminal).
That is the definition of the term.
 図1は、本実施例のコンテンツ配信システムである位置情報サービスシステムのサービス運用時の構成図である。位置情報サービスシステムは、図1に示すように、位置情報サービスが提供されるサービス提供地域130において、サービスを利用するサービス利用者110と、サービス利用者の持つ移動通信端末100と、コンテンツを提供するコンテンツサーバ120とを含む。サービス提供地域130は、地域1、地域2、・・・、地域nとn個の領域に分割されている。図1では、地域1、地域2、地域3、地域nと分割されている場合を例示しており、サービス利用者110は、地域3に位置し、移動通信端末100を保持している。サービス利用者110は、コンテンツサーバ120に向けて、秘匿化クエリD100を送信し、コンテンツサーバ120が、受信した秘匿化クエリD100に対応して、秘匿化コンテンツD200をサービス利用者110に配信する。なお、コンテンツサーバ120が保持するコンテンツは、地域i(位置IDi)に対応して一つのコンテンツiである。コンテンツiは、時間経過と共に更新されることもあるが、地域i(位置IDi)との対応関係は保たれている。 FIG. 1 is a configuration diagram of a location information service system, which is a content distribution system of the present embodiment, during service operation. As shown in FIG. 1, the location information service system provides a service user 110 who uses a service, a mobile communication terminal 100 owned by the service user, and contents in a service providing area 130 where the location information service is provided. Content server 120. The service providing area 130 is divided into area 1, area 2,..., Area n and n areas. In FIG. 1, a case where the service user 110 is divided into region 1, region 2, region 3, and region n is illustrated, and the service user 110 is located in region 3 and holds the mobile communication terminal 100. The service user 110 transmits the concealment query D100 to the content server 120, and the content server 120 distributes the concealed content D200 to the service user 110 in response to the received concealment query D100. Note that the content held by the content server 120 is one content i corresponding to the region i (position IDi). The content i may be updated with the passage of time, but the correspondence with the area i (position IDi) is maintained.
 図2は、移動通信端末100のハードウェア構成図である。移動通信端末100は、CPU101と、補助記憶装置102と、メモリ103と、耐タンパ記憶装置105と、表示装置106と、入出力インターフェース107と、通信用アンテナ108と、位置情報取得装置109とが、バスなどの内部信号線104で連結し、構成される。 FIG. 2 is a hardware configuration diagram of the mobile communication terminal 100. The mobile communication terminal 100 includes a CPU 101, an auxiliary storage device 102, a memory 103, a tamper resistant storage device 105, a display device 106, an input / output interface 107, a communication antenna 108, and a position information acquisition device 109. Are connected by an internal signal line 104 such as a bus.
 補助記憶装置102には、後述する処理を実行するプログラムと、位置IDi(i=1~n)に対応させた秘匿化クエリ生成用の公開鍵i(i=1~n)が格納されている。プログラムは、メモリ103にロードされ、CPU101によって実行される。 The auxiliary storage device 102 stores a program for executing processing to be described later and a public key i (i = 1 to n) for generating a concealment query corresponding to the position IDi (i = 1 to n). . The program is loaded into the memory 103 and executed by the CPU 101.
 位置情報取得装置109は、全地球測位システム(GPS)を備え、GPSは移動通信端末100が位置する緯度データおよび経度データを測定する。 The position information acquisition device 109 includes a global positioning system (GPS), and the GPS measures latitude data and longitude data where the mobile communication terminal 100 is located.
 図3は、コンテンツサーバ120のハードウェア構成図である。コンテンツサーバ120は、CPU121と、補助記憶装置122と、メモリ123と、耐タンパ記憶装置125と、表示装置126と、入出力インターフェース127と、通信装置128とが、バスなどの内部信号線124で連結し、構成される。 FIG. 3 is a hardware configuration diagram of the content server 120. The content server 120 includes a CPU 121, an auxiliary storage device 122, a memory 123, a tamper resistant storage device 125, a display device 126, an input / output interface 127, and a communication device 128 via an internal signal line 124 such as a bus. Connected and configured.
 補助記憶装置122には、後述する秘密鍵を用いた処理を実行するプログラムが格納され、耐タンパ記憶装置125には、位置IDi(i=1~n)に対応させた秘密鍵i(i=1~n)が格納されている。プログラムは、メモリ123に秘密鍵と共にロードされ、CPU121によって実行される。補助記憶装置122には、位置情報サービスとして提供するコンテンツが記憶されている。 The auxiliary storage device 122 stores a program for executing processing using a secret key to be described later, and the tamper resistant storage device 125 stores a secret key i (i = i = i) corresponding to the position IDi (i = 1 to n). 1 to n) are stored. The program is loaded into the memory 123 together with the secret key and executed by the CPU 121. The auxiliary storage device 122 stores content provided as a location information service.
 図4は、移動通信端末100とコンテンツサーバ120との間の、サービス運用時の処理フローである。
移動通信端末100は、通信アプリケーションを起動し、コンテンツサーバ120との無線通信を開始する(S100)。移動通信端末100は、位置情報取得装置109から現在の緯度データおよび経度データの位置情報を取得する(S200)。移動通信端末100は、取得した位置情報を元に、コンテンツサーバ120に送信する秘匿化クエリ(D100)を生成する(S300)。移動通信端末100は、生成した秘匿化クエリ(D100)をコンテンツサーバ120に送信する。 FIG. 4 is a processing flow during service operation between the mobile communication terminal 100 and the content server 120.
The mobile communication terminal 100 activates a communication application and starts wireless communication with the content server 120 (S100). The mobile communication terminal 100 acquires the current latitude data and longitude data position information from the position information acquisition device 109 (S200). The mobile communication terminal 100 generates a concealment query (D100) to be transmitted to the content server 120 based on the acquired position information (S300). The mobile communication terminal 100 transmits the generated concealment query (D100) to the content server 120.
 コンテンツサーバ120は、秘匿化クエリ(D100)を受信し、受信した秘匿化クエリ(D100)に対応して、移動通信端末100へ配信するコンテンツを選別する(S400)。コンテンツサーバ120は、移動通信端末100に配信する秘匿化コンテンツi(i=1~n)(D200)を生成し(予め生成し、補助記憶装置122に記憶しておいてもよい。)生成した秘匿化コンテンツi(i=1~n)(D200)を移動通信端末100へ送信する(S500)。 The content server 120 receives the concealment query (D100), and selects content to be distributed to the mobile communication terminal 100 in response to the received concealment query (D100) (S400). The content server 120 generates the confidential content i (i = 1 to n) (D200) to be distributed to the mobile communication terminal 100 (may be generated in advance and stored in the auxiliary storage device 122). The concealed content i (i = 1 to n) (D200) is transmitted to the mobile communication terminal 100 (S500).
 秘匿化コンテンツi(i=1~n)(D200)を受信した移動通信端末100は、受信した秘匿化コンテンツi(i=1~n)(D200)の中から、移動通信端末100の位置情報(位置ID)に対応したコンテンツを復号し、処理を終える(S600)。 The mobile communication terminal 100 that has received the concealed content i (i = 1 to n) (D200) receives the location information of the mobile communication terminal 100 from the received concealed content i (i = 1 to n) (D200). The content corresponding to (position ID) is decrypted, and the process ends (S600).
 ここでは、一つの秘匿化クエリ(D100)に対応して、位置情報サービスの全地域IDi(i=1~n)に対応する秘匿化コンテンツi(i=1~n)をコンテンツサーバ120が配信するように説明したが、必ずしも秘匿化コンテンツi(i=1~n)を配信する必要がないことを後述する。 Here, the content server 120 distributes the concealed content i (i = 1 to n) corresponding to all the region IDi (i = 1 to n) of the location information service in response to one concealment query (D100). As described above, it will be described later that the concealed content i (i = 1 to n) is not necessarily distributed.
 図5は、図4のサービス運用時の処理フローにおける秘匿化クエリ生成の処理(S300)フローである。移動通信端末100は、位置情報取得処理(S200)による位置情報から前述(位置ID決定)のように位置IDiを決定する(S310)。補助記憶装置102から、決定した位置IDi(i=1~nのいずれか一つ)に対応させて格納してある公開鍵i(i=1~nのいずれか一つ)を取得する(S320)。kビットの疑似乱数を生成し(S330)、公開鍵iを用いて、生成した擬似乱数を暗号化し、kビットの暗号文を生成し(S340)、擬似乱数のビット列の先頭の1ビット目を生成した暗号文にビット列パディングしてk+1ビットのビット列の秘匿化クエリ(D100)を生成する(S350)。 FIG. 5 is a flowchart (S300) for generating a concealment query in the processing flow at the time of service operation of FIG. The mobile communication terminal 100 determines the position IDi from the position information obtained by the position information acquisition process (S200) as described above (position ID determination) (S310). The public key i (any one of i = 1 to n) stored corresponding to the determined position IDi (i = 1 to n) is acquired from the auxiliary storage device 102 (S320). ). A k-bit pseudorandom number is generated (S330), the generated pseudorandom number is encrypted using the public key i, a k-bit ciphertext is generated (S340), and the first bit of the bit string of the pseudorandom number is generated. Bit string padding is performed on the generated ciphertext to generate a concealment query (D100) of a bit string of k + 1 bits (S350).
 図6は、秘匿化クエリ生成処理(S300)で生成した秘匿化クエリ(D100)データフォーマットである。秘匿化クエリ(D100)は、長さk+1ビットのビット列からなるデータである。(S340)で生成したkビットの暗号文が、秘匿化クエリ(D100)の1ビット目からkビット目まで格納されている。この1ビット目からkビット目までを秘匿化クエリ(D100)の暗号文パートと呼ぶ。秘匿化クエリ(D100)のk+1ビット目には、(S330)で生成した擬似乱数の1ビット目が格納されている。このk+1ビット目を秘匿化クエリ(D100)の平文パートと呼ぶ。 FIG. 6 shows a concealment query (D100) data format generated by the concealment query generation process (S300). The concealment query (D100) is data consisting of a bit string of length k + 1 bits. The k-bit ciphertext generated in (S340) is stored from the first bit to the k-th bit of the concealment query (D100). The first bit to the kth bit are referred to as a ciphertext part of the concealment query (D100). The first bit of the pseudorandom number generated in (S330) is stored in the (k + 1) th bit of the concealment query (D100). This k + 1 bit is called a plaintext part of the concealment query (D100).
 図7は、図4のサービス運用時の処理フローにおける秘匿化クエリ受信の処理(S400)フローである。コンテンツサーバ120は、移動通信端末100から送信された秘匿化クエリ(D100)を受信し(S410)、メモリ123上の領域である推定乱数i(i=1~n)を、たとえば値0のビット列で初期化する(S420)。秘密鍵i(i=1~n)を用いて復号するために、変数iに初期値をセット(i=1)する(S430)。受信した秘匿化クエリ(D100)の暗号文パートを、耐タンパ記憶装置125に格納されている秘密鍵i(i=1~n)を用いて復号する(S440)。復号結果の1ビット目と受信した秘匿化クエリ(D100)の平文パートが一致するか比較する(S450)。一致した場合は、復号結果を推定乱数iに格納し(S460)、一致しなかった場合は、S470へ進む(推定乱数iは初期値のままとする。)。変数iをi+1にインクリメントし(S470)、iがn以下の場合は、S440へ戻り、iがnより大の場合は処理を終了する(S480)。以上の処理により、秘匿化クエリ(D100)の暗号文パートの復号結果の1ビット目が平文パートと一致した場合に復号結果を推定乱数i(i=1~n)とし、不一致の場合に初期値のままとする推定乱数i(i=1~n)が得られる。 FIG. 7 is a flowchart (S400) for receiving a concealment query in the processing flow at the time of service operation of FIG. The content server 120 receives the concealment query (D100) transmitted from the mobile communication terminal 100 (S410), and uses the estimated random number i (i = 1 to n), which is an area on the memory 123, as a bit string having a value of 0, for example. (S420). In order to decrypt using the secret key i (i = 1 to n), an initial value is set to the variable i (i = 1) (S430). The ciphertext part of the received concealment query (D100) is decrypted using the secret key i (i = 1 to n) stored in the tamper resistant storage device 125 (S440). Whether the first bit of the decryption result matches the plaintext part of the received concealment query (D100) is compared (S450). If they match, the decoding result is stored in the estimated random number i (S460). If they do not match, the process proceeds to S470 (the estimated random number i remains the initial value). The variable i is incremented to i + 1 (S470). If i is less than or equal to n, the process returns to S440, and if i is greater than n, the process ends (S480). With the above processing, when the first bit of the decryption result of the ciphertext part of the concealment query (D100) matches the plaintext part, the decryption result is assumed to be an estimated random number i (i = 1 to n). An estimated random number i (i = 1 to n) is obtained that remains as a value.
 図8は、図4のサービス運用時の処理フローにおける秘匿化コンテンツ生成の処理(S500)フローである。コンテンツサーバ120は、補助記憶装置122にアクセスし、秘匿化クエリ受信処理(S400)で選別された、移動通信端末100へ配信するコンテンツi(i=1~n)をを取得する(S510)。引き続く説明により、選別の意味を明らかにする。推定乱数i(i=1~n)を用いてコンテンツi(i=1~n)を暗号化するために、変数iに初期値をセット(i=1)する(S520)。推定乱数iが格納されているかチェックし(S530)、格納されている場合、推定乱数iを共通鍵とする共通鍵暗号方式を用いて、コンテンツiをを暗号化して、メモリ123に設けた領域である秘匿化コンテンツiに格納する(S540)。推定乱数iが格納されていない場合(S420で格納された初期値の場合)、秘匿化コンテンツiに値0のビット列を格納する(S550)。変数iをi+1にインクリメントし(S560)、iがn以下の場合は、S530へ戻り、iがnより大の場合は処理を終了する(S570)。 FIG. 8 is a flowchart (S500) for generating the concealment content in the processing flow at the time of service operation of FIG. The content server 120 accesses the auxiliary storage device 122 and acquires the content i (i = 1 to n) to be distributed to the mobile communication terminal 100 selected in the concealment query reception process (S400) (S510). The meaning of the selection will be clarified in the following explanation. In order to encrypt the content i (i = 1 to n) using the estimated random number i (i = 1 to n), an initial value is set to the variable i (i = 1) (S520). Whether or not the estimated random number i is stored is checked (S530), and if it is stored, the content i is encrypted using a common key encryption method using the estimated random number i as a common key, and the area provided in the memory 123 Is stored in the concealed content i (S540). If the estimated random number i is not stored (in the case of the initial value stored in S420), a bit string of value 0 is stored in the concealed content i (S550). The variable i is incremented to i + 1 (S560). If i is n or less, the process returns to S530, and if i is greater than n, the process is terminated (S570).
 コンテンツサーバ120は、図4を用いて説明したように秘匿化コンテンツi(i=1~n)を移動通信端末100へ配信してもよいが、推定乱数iの1ビット目が秘匿化クエリ(D100)の平分パートと一致し、値0のビット列を格納した秘匿化コンテンツiを送信しないように制御することにより、コンテンツサーバ120から移動通信端末100への送信データ量(配信する秘匿化コンテンツ数)が半減する。このように配信するコンテンツ数を半減するように選択することが選別である。以上の説明から明らかなように、図6に示したように、平分パートのビット長を2ビットとし、上記説明と同様の処理を実行すると、配信する秘匿化コンテンツ数を1/4にでき、ビット長を3ビットとすると1/8にできる。図4を用いた説明は、平文パートのビット長を0ビットとした場合である。 The content server 120 may distribute the concealed content i (i = 1 to n) to the mobile communication terminal 100 as described with reference to FIG. 4, but the first bit of the estimated random number i is the concealment query ( The amount of transmission data from the content server 120 to the mobile communication terminal 100 (the number of concealed contents to be distributed) is controlled so as not to transmit the concealed content i that matches the flat part of D100) and stores a bit string of value 0. ) Is halved. Selection is made so that the number of contents to be distributed is halved in this way. As is apparent from the above description, as shown in FIG. 6, when the bit length of the equally divided part is set to 2 bits and processing similar to that described above is executed, the number of concealed contents to be distributed can be reduced to 1/4, If the bit length is 3 bits, it can be reduced to 1/8. The explanation using FIG. 4 is a case where the bit length of the plaintext part is 0 bit.
 極端な例として平文パートのビット長をkビットとし、上記説明と同様の処理を実行すると、配信する秘匿化コンテンツ数を、推定乱数iは移動通信端末100が生成したkビットの疑似乱数に一致するので、配信する秘匿化コンテンツ数を、位置IDiに対応する一つのコンテンツiに特定できる。この場合、秘匿化クエリ(D100)は秘匿されていないことになる。 As an extreme example, if the bit length of the plaintext part is k bits and the same processing as described above is executed, the number of concealed contents to be distributed matches the estimated random number i with the k-bit pseudo random number generated by the mobile communication terminal 100 Therefore, the number of concealed contents to be distributed can be specified as one content i corresponding to the position IDi. In this case, the concealment query (D100) is not concealed.
 以上の説明から明らかなように、配信する秘匿化コンテンツ数を少なくするために平文パートのビット長を長くしてもよいが、秘匿化クエリ(D100)の秘匿性を確保するためには、疑似乱数のビット長kに対して十分短くする必要がある。システム構築に際して、平文パートのビット長は、システムの仕様として要求される秘匿性に基づいて疑似乱数のビット長kと共に決定される。 次に、コンテンツサーバ120から秘匿化コンテンツiを受信した移動通信端末100の処理(図4のサービス運用時の処理フローにおける秘匿化コンテンツ復号の処理(S600))を説明する。移動通信端末100は、コンテンツサーバ120から送信された秘匿化コンテンツi(i=1~nから選別されたもの)を受信し、S330で生成したkビットの疑似乱数を共通鍵とする共通鍵暗号方式で、秘匿化コンテンツiを復号し、復号できたコンテンツiを、移動通信端末100が要求した、地域IDiに対応したコンテンツiとして取得する。取得できるコンテンツiは、kビットの疑似乱数を推定乱数iとして暗号化された秘匿化コンテンツiの復号結果である。他の秘匿化コンテンツiを、S330で生成したkビットの疑似乱数を用いて復号しても、暗号化される前のコンテンツは再現されない。 As is clear from the above description, the bit length of the plaintext part may be increased in order to reduce the number of concealed contents to be distributed, but in order to ensure the concealment of the concealment query (D100) It is necessary to sufficiently shorten the bit length k of the random number. At the time of system construction, the bit length of the plaintext part is determined together with the bit length k of the pseudo random number based on the confidentiality required as a system specification. Next, the processing of the mobile communication terminal 100 that has received the concealed content i from the content server 120 (the concealed content decoding processing (S600) in the processing flow at the time of service operation in FIG. 4) will be described. The mobile communication terminal 100 receives the concealed content i (selected from i = 1 to n) transmitted from the content server 120 and uses the k-bit pseudorandom number generated in S330 as a common key encryption. By using the method, the concealed content i is decrypted, and the decrypted content i is acquired as the content i corresponding to the area ID i requested by the mobile communication terminal 100. The content i that can be acquired is a decryption result of the concealed content i that has been encrypted using a k-bit pseudorandom number as the estimated random number i. Even if the other concealed content i is decrypted using the k-bit pseudo-random number generated in S330, the content before being encrypted is not reproduced.
 以上のように、サービス利用者の固有の情報である位置情報を秘匿化すると、コンテンツサーバは、コンテンツを冗長に配信しているので、サービス利用者の地域IDiに対応したコンテンツの配信回数(サービス利用者が復号し、再現できたコンテンツ数)を知ることができない。そこで、コンテンツの冗長な配信回数を統計的に処理してサービス利用者の地域IDiに対応したコンテンツの配信回数を求める処理を説明する。 As described above, if the location information, which is unique information of the service user, is concealed, the content server distributes the content redundantly, so the number of times of content distribution corresponding to the service user's area IDi (service The number of contents that the user could decrypt and reproduce is not known. Accordingly, a process for statistically processing the redundant distribution number of contents and obtaining the distribution number of contents corresponding to the service user's area IDi will be described.
 1日、1週間などの所定のサービス期間において、コンテンツサーバ120は、受信した秘匿化クエリ(D100)の総数をカウントし、その総数をXとする。総数に対応して、推定乱数jを求めなかった回数(図7のS450で不一致の回数、コンテンツjを配信しなかった回数)をYjとし、前述の平分パートのビット数をpとすると、サービス利用者の地域IDj(地域jにいるサービス利用者の総数)に対応したコンテンツjの配信回数Zは、Z=X-(2^p)×Yjとして求まる。たとえば、X=10000、p=1とし、Yj=4900とすると、Z=10000-2×4900=200である。なぜならば、サービス利用者の地域IDjに対応してコンテンツjは必ず配信される(推定乱数jが求められる)からである。 In a predetermined service period such as one day or one week, the content server 120 counts the total number of received concealment queries (D100) and sets the total number to X. Corresponding to the total number, if the number of times the estimated random number j is not obtained (the number of mismatches in S450 in FIG. 7 and the number of times content j has not been distributed) is Yj, The number of distributions Z of content j corresponding to the user's area ID j (total number of service users in area j) is obtained as Z = X− (2 ^ p) × Yj. For example, if X = 10000, p = 1, and Yj = 4900, Z = 10000−2 × 4900 = 200. This is because the content j is always distributed corresponding to the service user's area ID j (the estimated random number j is obtained).
 所定のサービス期間を長くし、秘匿化クエリ(D100)の総数Xを増加させると、実際に地域jに居てコンテンツjを受信したサービス利用者数とコンテンツjの配信回数Zとの比は、1に収束する。 When the predetermined service period is lengthened and the total number X of the concealment queries (D100) is increased, the ratio between the number of service users who actually received the content j in the region j and the number of distribution times Z of the content j is Converges to 1.
 秘匿化クエリ(D100)の平文パートに関して、次のように変形してもよい。例えば、平文パートを1ビット長とすることに代えて、移動通信端末100とコンテンツサーバ120の間で事前に、「疑似乱数の1ビット目は1とする」などの疑似乱数生成の規則を定めていれば、暗号文パートを秘密鍵で復号した際に得られるビット列で1ビット目が1であるかをチェックすることによって、確率1/2で疑似乱数の生成を排除できる。また、1ビット目は先頭からとして説明したが、pビットの場合であっても、予めコンテンツサーバ120と移動通信端末100との間でビット位置を定めておき、定めたビット位置のビットの値をチェックしてもよい。 The plaintext part of the concealment query (D100) may be modified as follows. For example, instead of setting the plaintext part to be 1-bit length, a rule for generating a pseudo-random number such as “the first bit of the pseudo-random number is set to 1” is defined in advance between the mobile communication terminal 100 and the content server 120. If so, by checking whether the first bit is 1 in the bit string obtained when the ciphertext part is decrypted with the secret key, the generation of the pseudo random number can be eliminated with a probability of 1/2. Further, although the first bit has been described from the beginning, even in the case of p bits, the bit position is determined in advance between the content server 120 and the mobile communication terminal 100, and the value of the bit at the determined bit position You may check.
 より一般に、疑似乱数の生成規則を事前にコンテンツサーバ120と移動通信端末100との間で定めることによって、秘匿化クエリ受信処理(S400)内部の処理(S450)において、暗号文パートを秘密鍵で復号した際に得られるビット列が前述の疑似乱数生成規則を満たすかを判断し、満たさない場合には、疑似乱数の生成を排除してもよい。 More generally, by defining a pseudo-random number generation rule between the content server 120 and the mobile communication terminal 100 in advance, the ciphertext part is used as a secret key in the process (S450) within the concealment query reception process (S400). It is determined whether the bit string obtained upon decoding satisfies the pseudo-random number generation rule described above. If not, generation of pseudo-random numbers may be excluded.
 また、さらに一般にkビットの疑似乱数をコマンド引数とするサービス利用者関数をサービス利用者110が定め、そのサービス利用者関数をコンテンツサーバ120に公開し、秘匿化クエリ(D100)の平文パートとして、生成した疑似乱数のサービス利用者関数値を採用することによって、コンテンツサーバは、暗号文パートを秘密鍵で復号したビット列のサービス利用者関数値と平文パートを比較し、疑似乱数の生成を排除してもよい。この場合、長さkのビット列において、与えられたサービス利用者関数値を持つビット列の個数をS、R=S/(2^k)とし、コンテンツjの配信回数Zを、Z=1-Yj-(R×X)/(1-R)とする。 Further, in general, the service user 110 determines a service user function using a k-bit pseudo-random number as a command argument, publishes the service user function to the content server 120, and as a plaintext part of the concealment query (D100), By adopting the generated pseudo-random service user function value, the content server compares the plaintext part with the service user function value of the bit string obtained by decrypting the ciphertext part with the secret key, and eliminates the generation of pseudo-random numbers. May be. In this case, in the bit string of length k, the number of bit strings having a given service user function value is S, R = S / (2 ^ k), and the number of distribution times Z of content j is Z = 1−Yj -(R × X) / (1-R).
 また、秘匿化クエリ生成処理(S300)の擬似乱数の生成(図5:S330)(S350)において、上述の実施形態では、秘匿化クエリ生成処理(S300)を行う度に疑似乱数を生成しているが、以前のサービス利用時に生成した秘匿化クエリの、位置IDと擬似乱数の組をキャッシュし、同じ位置IDに対しては、キャッシュしてある擬似乱数を利用してもよい。 Further, in the generation of pseudorandom numbers in the concealment query generation process (S300) (FIG. 5: S330) (S350), in the above-described embodiment, a pseudorandom number is generated each time the concealment query generation process (S300) is performed. However, the pair of the location ID and pseudorandom number of the concealment query generated when using the previous service may be cached, and the cached pseudorandom number may be used for the same location ID.
 本実施例は、サービス利用者が固有の情報を秘匿してコンテンツデータベースを検索するシステムの一例である。コンテンツサーバとして、有料テレビ放送のスクランブル解除鍵を配信するサーバとし、サービス利用者は、複数の有料放送チャンネルから1つのチャンネルを選び、スクランブル解除鍵をサーバから受け取りたいが、どのチャンネル(固有の情報)のスクランブル解除鍵を受け取ったかをスクランブル解除鍵配信サーバに秘匿したい場合である。 This embodiment is an example of a system in which a service user searches a content database while concealing unique information. The content server is a server that distributes a pay TV broadcast descrambling key, and the service user selects one channel from a plurality of pay broadcasting channels and wants to receive the descrambling key from the server. The descrambling key distribution server wants to keep the descrambling key distribution server secret.
 図9は、通信端末130を持つサービス利用者110が、有料放送チャンネル一覧からチャンネル3番(140)を選択し、スクランブル解除鍵配信サーバ120から、スクランブル解除鍵を受信する、有料放送のスクランブル解除鍵配信システムの構成図である。この時、サービス利用者110は実施例1と同様の処理により、スクランブル解除鍵配信サーバ120に、チャンネル3番を秘匿した状態で、チャンネル3番のスクランブル解除鍵を受け取ることが可能となる。 FIG. 9 shows that the service user 110 having the communication terminal 130 selects channel 3 (140) from the pay broadcast channel list and receives the descrambling key from the descrambling key distribution server 120. It is a block diagram of a key distribution system. At this time, the service user 110 can receive the descrambling key of channel 3 from the descrambling key distribution server 120 in a state of concealing channel 3 by the same processing as in the first embodiment.
 具体的には、サービス利用者110は、実施例1の位置IDに代えて固有情報をチャンネル3番150とし、チャンネル3番に対応した秘匿化クエリ(E100)を生成し、生成した秘匿化クエリ(E100)をスクランブル解除鍵配信サーバ140に送信する。スクランブル解除鍵配信サーバ140は秘匿化クエリ(E100)に対応して、スクランブル解除鍵160をコンテンツとする秘匿化コンテンツi(i=1~n)(E120)をサービス利用者に返信する。秘匿化コンテンツi(i=1~n)(E120)を受信したサービス利用者110は秘匿化コンテンツ復号処理を経て、チャンネル3番150に対応したスクランブル解除鍵160を取得する。 Specifically, the service user 110 sets the unique information as channel 3 150 instead of the position ID of the first embodiment, generates a concealment query (E100) corresponding to channel 3 and generates the concealment query. (E100) is transmitted to the descrambling key distribution server 140. In response to the concealment query (E100), the descrambling key distribution server 140 returns the concealed content i (i = 1 to n) (E120) having the descrambling key 160 as the content to the service user. The service user 110 that has received the concealed content i (i = 1 to n) (E120) obtains the descrambling key 160 corresponding to channel 3 150 through the concealed content decryption process.
 以上の処理により、スクランブル解除鍵配信サーバ140に対して、サービス利用者110が、どのチャンネルに対応したスクランブル解除鍵を受信したかを秘匿した状態で、スクランブル解除鍵配信サーバ140によるスクランブル解除鍵の配信が可能となる。 With the above processing, the descrambling key distribution server 140 scrambles the descrambling key distribution server 140 in a state in which the service user 110 has concealed which channel the descrambling key has been received. Distribution becomes possible.
 以上説明した実施形態によれば、サービス利用者は固有の情報を秘匿してコンテンツサーバにアクセスし、所望の(秘匿した固有の情報に対応した)コンテンツの配信を受けることができる。また、コンテンツサーバは、サービス利用者の固有の情報が秘匿されていても、対応するコンテンツ配信回数を推定することができる。 According to the embodiment described above, the service user can conceal the unique information, access the content server, and receive the desired content (corresponding to the concealed unique information). In addition, the content server can estimate the corresponding content distribution count even if the service user's unique information is kept secret.
 100:移動通信端末、110:サービス利用者、120:コンテンツサーバ、130サービス提供地域、140:スクランブル解除鍵配信サーバ、150:有料放送チャンネル一覧、160:スクランブル解除鍵、D100、E100:秘匿化クエリ、D200、E200:秘匿化コンテンツ。 100: mobile communication terminal, 110: service user, 120: content server, 130 service area, 140: descrambling key distribution server, 150: pay broadcast channel list, 160: descrambling key, D100, E100: concealment query , D200, E200: Confidential content.

Claims (12)

  1. サービス利用者に依存する複数の固有の情報の各々に対応する複数の公開鍵を記憶する移動通信端末と、複数の前記公開鍵の各々に対応する複数の秘密鍵および複数の前記固有の情報の各々に対応する複数のコンテンツを記憶するコンテンツサーバとを有するコンテンツ配信システムであって、
    前記移動通信端末は、擬似乱数の生成部、前記複数の固有の情報の一つに対応する、複数の前記公開鍵の一つを用いて、前記擬似乱数を暗号化した暗号文を含む秘匿化クエリを生成する秘匿化クエリ生成部、生成した前記秘匿化クエリを前記コンテンツサーバへ送信し、前記コンテンツサーバから送信される複数の秘匿化コンテンツを受信する第1の通信部、前記疑似乱数を共通鍵として、受信した複数の前記秘匿化コンテンツを復号する復号部、および、復号できたコンテンツを前記固有の情報の一つに対応したコンテンツとして取得するコンテンツ取得部を含み、
    前記コンテンツサーバは、前記秘匿化クエリを受信し、暗号化した複数の前記コンテンツを複数の秘匿化コンテンツとして前記移動通信端末へ送信する第2の通信部、複数の前記秘密鍵の各々を用いて、受信した前記秘匿化クエリを復号化して、複数の復号化結果の各々を複数の推定擬似乱数として取得する推定擬似乱数取得部、および、複数の前記秘密鍵の各々に対応する複数の前記推定擬似乱数の各々を共通鍵として、複数の前記固有の情報の各々に対応する複数の前記コンテンツを暗号化する暗号化部を含むことを特徴とするコンテンツ配信システム。     A mobile communication terminal storing a plurality of public keys corresponding to each of a plurality of unique information depending on a service user, a plurality of secret keys corresponding to each of the plurality of public keys, and a plurality of the unique information A content distribution system having a content server for storing a plurality of contents corresponding to each,
    The mobile communication terminal includes a pseudo-random number generator, a concealment unit including ciphertext obtained by encrypting the pseudo-random number using one of the plurality of public keys corresponding to one of the plurality of unique information A concealment query generation unit that generates a query, a first communication unit that transmits the generated concealment query to the content server, and receives a plurality of concealment content transmitted from the content server, and the pseudorandom number in common As a key, including a decryption unit that decrypts the plurality of the concealed content received, and a content acquisition unit that obtains the decrypted content as content corresponding to one of the unique information,
    The content server receives the concealment query, and uses each of the plurality of secret keys, a second communication unit that transmits the plurality of encrypted contents to the mobile communication terminal as a plurality of concealed contents. An estimated pseudorandom number obtaining unit that decrypts the received concealment query and obtains each of a plurality of decryption results as a plurality of estimated pseudorandom numbers, and a plurality of the estimations corresponding to each of the plurality of secret keys A content distribution system comprising: an encryption unit that encrypts a plurality of the contents corresponding to each of the plurality of pieces of unique information using each pseudo-random number as a common key.
  2. 前記秘匿化クエリは、前記疑似乱数の第1の所定のビット位置のビット列を前記暗号文にビット列パディングしたビット列を含むことを特徴とする請求項1記載のコンテンツ配信システム。 The content distribution system according to claim 1, wherein the concealment query includes a bit string obtained by padding the ciphertext with a bit string at a first predetermined bit position of the pseudo-random number.
  3. 前記移動通信端末と前記コンテンツサーバは、前記疑似乱数の生成規則と該生成規則に基づき生成する前記疑似乱数の第1の所定のビット位置のビット列とを予め記憶しておくことを特徴とする請求項1記載のコンテンツ配信システム。 The mobile communication terminal and the content server store in advance a generation rule of the pseudo random number and a bit string of a first predetermined bit position of the pseudo random number generated based on the generation rule. Item 2. The content distribution system according to Item 1.
  4. 前記推定擬似乱数取得部は、複数の前記復号化結果の各々の第2の所定のビット位置のビット列が前記第1の所定のビット位置のビット列と同じとき、複数の前記推定擬似乱数の各々として取得することを特徴とする請求項2又は請求項3記載のコンテンツ配信システム。 The estimated pseudo-random number acquisition unit, when a bit string at a second predetermined bit position of each of the plurality of decoding results is the same as a bit string at the first predetermined bit position, 4. The content distribution system according to claim 2, wherein the content distribution system is acquired.
  5. 前記コンテンツサーバは、さらに、所定の期間に受信した前記秘匿化クエリの数Xをカウントし、前記第1及び第2の所定のビット位置のビット列のビット列長をpとし、複数の前記復号化結果の各々の第2の所定のビット位置のビット列が前記第1の所定のビット位置のビット列と異なり、前記複数の固有の情報の一つである固有の情報jに対応する推定乱数jを求めなかった回数Yjをカウントし、前記固有の情報jに対応した前記公開鍵の一つjを用いた前記暗号文を含む前記秘匿化クエリに対応して、複数の前記秘匿化コンテンツの中の前記固有の情報jに対応する秘匿化コンテンツjを配信した回数ZをZ=X-(2^p)×Yjとして推定する配信回数推定部を含むことを特徴とする請求項4記載のコンテンツ配信システム。 The content server further counts the number X of the concealment queries received during a predetermined period, sets the bit string length of the bit string at the first and second predetermined bit positions to p, and a plurality of the decoding results A bit string at each second predetermined bit position is different from the bit string at the first predetermined bit position, and the estimated random number j corresponding to the unique information j which is one of the plurality of unique information is not obtained. Corresponding to the concealment query including the ciphertext using one of the public keys corresponding to the unique information j, and the unique content among a plurality of the concealed contents 5. The content distribution system according to claim 4, further comprising a distribution frequency estimation unit that estimates the frequency Z of distribution of the concealed content j corresponding to the information j as Z = X− (2 ^ p) × Yj.
  6. 前記サービス利用者に依存する複数の前記固有の情報は、前記サービス利用者が位置する位置情報であることを特徴とする請求項5記載のコンテンツ配信システム。 6. The content distribution system according to claim 5, wherein the plurality of pieces of unique information depending on the service user are position information where the service user is located.
  7. サービス利用者に依存する複数の固有の情報の各々に対応する複数の公開鍵を記憶する移動通信端末と、複数の前記公開鍵の各々に対応する複数の秘密鍵および複数の前記固有の情報の各々に対応する複数のコンテンツを記憶するコンテンツサーバとによるコンテンツ配信方法であって、
    前記移動通信端末は、擬似乱数を生成し、前記複数の固有の情報の一つに対応する、複数の前記公開鍵の一つを用いて、前記擬似乱数を暗号化した暗号文を含む秘匿化クエリを生成し、生成した前記秘匿化クエリを前記コンテンツサーバへ送信し、
    前記コンテンツサーバは、前記秘匿化クエリを受信し、複数の前記秘密鍵の各々を用いて、受信した前記秘匿化クエリを復号化して、複数の復号化結果の各々を複数の推定擬似乱数として取得し、複数の前記秘密鍵の各々に対応する複数の前記推定擬似乱数の各々を共通鍵として、複数の前記固有の情報の各々に対応する複数の前記コンテンツを暗号化し、暗号化した複数の前記コンテンツを複数の秘匿化コンテンツとして前記移動通信端末へ送信し、
    前記移動通信端末は、複数の前記秘匿化コンテンツを受信し、前記疑似乱数を共通鍵として、受信した複数の前記秘匿化コンテンツを復号し、復号できたコンテンツを前記固有の情報の一つに対応したコンテンツとして取得することを特徴とするコンテンツ配信方法。     A mobile communication terminal storing a plurality of public keys corresponding to each of a plurality of unique information depending on a service user, a plurality of secret keys corresponding to each of the plurality of public keys, and a plurality of the unique information A content distribution method by a content server that stores a plurality of contents corresponding to each of the methods,
    The mobile communication terminal generates a pseudo-random number, and conceals including ciphertext obtained by encrypting the pseudo-random number using one of the plurality of public keys corresponding to one of the plurality of unique information Generate a query, send the generated concealment query to the content server,
    The content server receives the concealment query, decrypts the concealment query received using each of the plurality of secret keys, and obtains a plurality of decryption results as a plurality of estimated pseudo-random numbers. Then, using each of the plurality of estimated pseudorandom numbers corresponding to each of the plurality of secret keys as a common key, encrypting the plurality of contents corresponding to each of the plurality of unique information, Transmitting content to the mobile communication terminal as a plurality of concealed content;
    The mobile communication terminal receives the plurality of concealed contents, decrypts the plurality of concealed contents received using the pseudo random number as a common key, and corresponds the decrypted contents to one of the unique information A content distribution method characterized in that the content is acquired as a processed content.
  8. 前記秘匿化クエリは、前記疑似乱数の第1の所定のビット位置のビット列を前記暗号文にビット列パディングしたビット列を含むことを特徴とする請求項7記載のコンテンツ配信方法。 The content distribution method according to claim 7, wherein the concealment query includes a bit string obtained by padding the ciphertext with a bit string at a first predetermined bit position of the pseudo-random number.
  9. 前記移動通信端末と前記コンテンツサーバは、前記疑似乱数の生成規則と該生成規則に基づき生成する前記疑似乱数の第1の所定のビット位置のビット列とを予め記憶しておくことを特徴とする請求項7記載のコンテンツ配信方法。 The mobile communication terminal and the content server store in advance a generation rule of the pseudo random number and a bit string of a first predetermined bit position of the pseudo random number generated based on the generation rule. Item 8. The content distribution method according to Item 7.
  10. 前記コンテンツサーバは、複数の前記復号化結果の各々の第2の所定のビット位置のビット列が前記第1の所定のビット位置のビット列と同じとき、複数の前記推定擬似乱数の各々として取得することを特徴とする請求項8又は請求項9記載のコンテンツ配信方法。 The content server obtains each of the plurality of estimated pseudo-random numbers when the bit string at the second predetermined bit position of each of the plurality of decoding results is the same as the bit string at the first predetermined bit position. The content distribution method according to claim 8 or 9, wherein:
  11. 前記コンテンツサーバは、所定の期間に受信した前記秘匿化クエリの数Xをカウントし、前記第1及び第2の所定のビット位置のビット列のビット列長をpとし、複数の前記復号化結果の各々の第2の所定のビット位置のビット列が前記第1の所定のビット位置のビット列と異なり、前記複数の固有の情報の一つである固有の情報jに対応する推定乱数jを求めなかった回数Yjをカウントし、前記固有の情報jに対応した前記公開鍵の一つjを用いた前記暗号文を含む前記秘匿化クエリに対応して、複数の前記秘匿化コンテンツの中の前記固有の情報jに対応する秘匿化コンテンツjを配信した回数ZをZ=X-(2^p)×Yjとして推定することを特徴とする請求項10記載のコンテンツ配信方法。 The content server counts the number X of the concealment queries received during a predetermined period, sets the bit string length of the bit string at the first and second predetermined bit positions to p, and each of the plurality of decoding results The number of times that the estimated random number j corresponding to the unique information j, which is one of the plurality of unique information, is not obtained because the bit string of the second predetermined bit position is different from the bit string of the first predetermined bit position Yj is counted, and the unique information in a plurality of the concealed contents corresponding to the concealment query including the ciphertext using one of the public keys corresponding to the unique information j 11. The content distribution method according to claim 10, wherein the number of times Z at which the concealed content j corresponding to j is distributed is estimated as Z = X− (2 ^ p) × Yj.
  12. 前記サービス利用者に依存する複数の前記固有の情報は、前記サービス利用者が位置する位置情報であることを特徴とする請求項11記載のコンテンツ配信方法。 12. The content distribution method according to claim 11, wherein the plurality of pieces of unique information depending on the service user are position information where the service user is located.
PCT/JP2010/069602 2010-11-04 2010-11-04 Content distribution system and method for same WO2012060001A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2010/069602 WO2012060001A1 (en) 2010-11-04 2010-11-04 Content distribution system and method for same

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2010/069602 WO2012060001A1 (en) 2010-11-04 2010-11-04 Content distribution system and method for same

Publications (1)

Publication Number Publication Date
WO2012060001A1 true WO2012060001A1 (en) 2012-05-10

Family

ID=46024131

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2010/069602 WO2012060001A1 (en) 2010-11-04 2010-11-04 Content distribution system and method for same

Country Status (1)

Country Link
WO (1) WO2012060001A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9614669B1 (en) * 2014-11-17 2017-04-04 Q-Net Security, Inc. Secure network communications using hardware security barriers

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007020031A (en) * 2005-07-11 2007-01-25 Matsushita Electric Ind Co Ltd Location management and method for integrating key management
JP2009135722A (en) * 2007-11-30 2009-06-18 Kddi Corp Content management system, and content management method and program

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007020031A (en) * 2005-07-11 2007-01-25 Matsushita Electric Ind Co Ltd Location management and method for integrating key management
JP2009135722A (en) * 2007-11-30 2009-06-18 Kddi Corp Content management system, and content management method and program

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JUN ANZAI: "A Construction Method of Secure Cryptographic Location-Based Services", IEICE TECHNICAL REPORT, vol. 105, no. 290, September 2005 (2005-09-01), pages 45 - 52 *
KRISHNA P.N. PUTTASWAMY ET AL.: "Preserving Privacy in Location-based Mobile Social Applications", HOTMOBILE'10, February 2010 (2010-02-01), pages 1 - 6 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9614669B1 (en) * 2014-11-17 2017-04-04 Q-Net Security, Inc. Secure network communications using hardware security barriers

Similar Documents

Publication Publication Date Title
JP4086782B2 (en) Access to broadcast content
JP3657396B2 (en) Key management system, key management apparatus, information encryption apparatus, information decryption apparatus, and storage medium storing program
KR100957121B1 (en) Key distribution method and authentication server
US7933414B2 (en) Secure data distribution
JP5365072B2 (en) KEY GENERATION DEVICE, ENCRYPTION DEVICE, RECEPTION DEVICE, KEY GENERATION METHOD, ENCRYPTION METHOD, KEY PROCESSING METHOD, AND PROGRAM
US20130173910A1 (en) Method for sharing secret values between sensor nodes in multi-hop wireless communication network
EP2912800A1 (en) Methods and apparatus for data access control
CN104365127B (en) Method for following the trail of mobile device in remote display unit
JP2015517685A (en) Method, apparatus and system for implementing media data processing
JP5492007B2 (en) Content server, content receiving apparatus, attribute key issuing server, user key issuing server, access control system, content distribution program, and content receiving program
JP2014175970A (en) Information distribution system, information processing device, and program
JP5140026B2 (en) Database processing method, database processing program, and encryption apparatus
JP6468567B2 (en) Key exchange method, key exchange system
JP2002300158A (en) Right protection method in overall data distribution service
CN101939962A (en) Controlling media distribution
JP2006180110A (en) Data transmission system, data transmission method, data transmission server, data receiving terminal and data transmitting program
KR101695361B1 (en) Terminology encryption method using paring calculation and secret key
US10050943B2 (en) Widely distributed parameterization
CN103414726A (en) Method and device for transmitting multimedia resources
WO2012060001A1 (en) Content distribution system and method for same
CN107872312B (en) Method, device, equipment and system for dynamically generating symmetric key
JP5139045B2 (en) Content distribution system, content distribution method and program
JP2012156809A (en) Content distribution system, mobile communication terminal device, and browsing control program
KR100989371B1 (en) DRM security mechanism for the personal home domain
US11451518B2 (en) Communication device, server device, concealed communication system, methods for the same, and program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10859258

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10859258

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP