214 results about "Broadcast encryption" patented technology

The invention provides a method and system for privacy protection of block chain transaction. The method comprises: a transaction group is established between nodes of a block chain system, a user establishes an account at a node, and the node generates public and private key information of the account and then joining of a group is carried out; a transaction request node encrypts transaction information by using a broadcast encryption algorithm, carries out group signature processing on the encrypted transaction information, and then broadcasts the transaction information after broadcast encryption and group signature processing; a common non-account-recording node verifies the transaction information and then broadcasts the transaction information, an account-recording node decrypts thetransaction information and performs an intelligent contract to carry out account recording, broadcast encryption is carried out and then the information is recorded into a public account book, wherein the stored data are only allowed to be opened by the account-recording node, the transaction request node and an administration node. With the broadcast encryption algorithm and group signature technology, a privacy protection problem in the block chain system is solved and the traceability of the transaction is ensured.

Embodiments of the present invention provide a method, apparatus and system for the secure distribution of content such as audiovisual content in a way that prevents users from misusing the content and provides a mechanism for tracking pirated material back to the original location of misappropriation. A security device, in accordance with one embodiment of the present invention, incorporates encryption methods to insure the broadcast encryption key remains secure. A marking device, in accordance with one embodiment of the present invention, incorporates, for example, digital watermarking methods that attach to the content information to identify a location of origin of the misappropriation, such as a Set-top Box (STB) and/or smart card.

Enhanced multimedia content on physical media interacts with the user through a media player and the Internet. Enhanced multimedia utilizes IDs for pieces of content on the media and a media key block. On the enhanced media is a file with a list of URLs. As the enhanced media plays a section requiring a set of keys for decryption, the media player accesses the URL for that section and obtains the decryption key. The decryption key may be purchased or provided for free. Secure encryption and transmission of these keys is accomplished by broadcast encryption using a media key block. Each media has a unique set of keys that allow the media player to process the media key block; however, each media follows a unique path through the media key block. All legitimate media players obtain the media key; circumvention devices cannot decipher the media key block.

Each terminal in a wireless ad-hoc communication system includes an encryption-key management list table 660. The encryption-key management list table 660 stores, in association with a terminal identifier 661 such as a MAC address, a unicast encryption key 662 for use in unicast communication with a terminal identified by the terminal identifier 661, and a broadcast encryption key 663 used when the terminal identified by the terminal identifier 661 performs broadcast communication. Therefore, a broadcast encryption key is provided for each terminal that performs broadcast communication, and the broadcast encryption keys are managed by the individual terminals in an independent and distributed manner. This allows independent and distributed management of broadcast encryption keys in a wireless ad-hoc communication system.

A long-lived broadcast encryption method that adapts to the presence of compromised keys and continues to broadcast securely to privileged sets of users over time. In one aspect, a method for providing long-lived broadcast encryption comprises the steps of: allocating, to each of a plurality of subscribers, a corresponding set of subscriber keys; broadcasting encrypted content to the plurality of subscribers using a set of broadcast keys, wherein the encrypted content is decoded by a given subscriber using the subscriber's corresponding set of subscriber keys; modifying the set of broadcast keys, which are used for broadcasting encrypted content, by excluding compromised subscriber keys; and updating a set of subscriber keys corresponding to at least one subscriber when the at least one subscriber's set of subscriber keys comprises an amount of active keys that falls below a first predetermined threshold. In a long-lived broadcast encryption scheme, for any positive fraction β, a plurality of parameter values may be selected, a priori, in such a way to ensure that a steady state is achieved wherein, at most β of the total number of issued cards need to be replaced in a given recarding session.

A hybrid broadcast encryption method is provided. The hybrid broadcast encryption method includes setting initialization values, generating a node secret using the initialization values; generating a private secret using the node secret; sending the node secret and the private secret; generating a broadcast message based on a revoked group; encrypting a session key using a key encryption key (KEK) which is allocated to every user group and the broadcast message; and broadcasting to every user the encrypted session key and the broadcast message.

An apparatus and a method are provided for selectively accessing digital content carried on a distribution medium such as a physical medium or a broadcast medium. In one embodiment, a plurality of digital content items are encrypted under a plurality of different key management blocks, wherein each key management block is associated with a different set of device keys. The plurality of content items may be provided together on a single distribution medium to devices having assigned device keys, so that devices may selectively access content as determined by the different key management block used to encrypt the various content items and by the device keys assigned to the devices. Depending on the association between the device key and the key management blocks, the decoding device may decode all of the content items, some of the content items, or none of the content items. To provide greater security, each content item may be multiple encrypted using multiple key management blocks per content item.

A combination-based broadcast encryption method includes: assigning by a server a base group of different combinations to each user; producing and sending secret information for each user by using as a base the base group allocated to each user; producing and sending an inverse-base parameter value through calculations with integers used to produce the base group and key value information of one or more privileged users; and deriving a group key by using the key value information of the privileged users, encrypting a session key by using the derived group key, and sending the encrypted session key to each user. Accordingly, each user is assigned a different base through a combination, thereby having security against collusion attacks.

A system, method, and computer program product to renewably prevent traitors in a broadcast encryption system from re-using compromised keys. A license agency assigns individual receivers a set of Sequence Keys preferably at manufacture, and assigns Sequence Key Blocks (SKBs) to protected content files to be distributed. The files may be distributed on prerecorded media and typically include several file modifications. The particular modifications in a pirated version of a file can help identify which traitors contributed to its theft. SKBs assigned to new files distributed after traitors have been identified cannot be usefully processed using the compromised keys employed in previous content piracy. Innocent receivers that happen to have compromised key(s) in common with traitors can use a replacement uncompromised Sequence Key from the set to usefully decrypt content. Traitors will however step through all their Sequence Keys without reaching one that will work.

A method of managing keys for broadcast encryption comprises identifying a plurality of devices as corresponding to a plurality of leaf nodes in a tree structure comprising a plurality of nodes having a root node, a plurality of middle nodes, and the leaf nodes, the plurality of middle nodes comprising first middle nodes and second middle nodes, determining node key sets for the second middle nodes and for the leaf nodes and omitting a determination of node key sets for first middle nodes of the middle nodes, and determining device keys for the plurality of devices based on the node key sets for the second middle nodes and the node key sets for the leaf nodes.

A privacy protection system based on the broadcast and attribute encryption technology comprises a location sharing server group, road-side units (RSU) and an on board unit (OBU) which are all interconnected through wireless networks. The privacy protection system based on the broadcast and attribute encryption technology has the advantages that by utilizing two mechanisms of broadcast encryption location information and anonymization OBU identification, the location sharing server group cannot obtain accurate user information; by utilizing the mechanism based on the attribute encryption, the identification of a user is ensured to be only deciphered by the real RSU; the mechanism based on the attribute encryption is utilized during the location sharing of the user, and persons reading the location information can be effectively and flexibly limited through the mechanism.

Enhanced multimedia content on physical media interacts with the user through a media player and the Internet. Enhanced multimedia utilizes IDs for pieces of content on the media and a media key block. On the enhanced media is a file with a list of URLs. As the enhanced media plays a title requiring an external permission for decryption, the media player accesses the URL for that title and obtains the permission. The permission may be purchased or provided for free. Secure encryption and transmission of permission is accomplished by broadcast encryption using a media key block. Each media has a unique set of keys that allow the media player to process the media key block; however, each media follows a unique path through the media key block. All legitimate media players obtain the media key; circumvention devices cannot decipher the media key block.

Methods, systems, and products are disclosed for delivering broadcast encryption content. Embodiments of the present invention typically include receiving in a cluster broadcast encryption content; receiving in a cluster a rights object defining device-oriented digital rights for broadcast encryption content; and administering the broadcast encryption content on one or more network devices in the cluster in dependence upon the digital rights. In some embodiments, administering the broadcast encryption content on one or more network devices in the cluster in dependence upon the digital rights include mapping the device-oriented digital rights to digital rights supported in the cluster, excluding device-oriented rights not supported in the cluster. In some embodiments, mapping the device-oriented digital rights to digital rights supported in the cluster includes supporting in the cluster only those device-oriented digital rights having direct analogs in the cluster.

A method and apparatus for providing a broadcast service in a communication system is provided. The method includes creating a seed key pair including a first key and a second key, transmitting the seed key pair to a terminal to which the broadcast service is to be provided, creating a certain number of encryption keys using the seed key pair, the certain number corresponding to a lifetime of the seed key pair, encrypting broadcast service data for the lifetime using the encryption keys, and broadcasting the encrypted broadcast service data.

Provided are a method and apparatus for mutually authenticating devices in a group and reproducing content using public broadcast encryption. The method of authenticating a first device and a second device includes acquiring specific information of the second device from the second device, transmitting data, containing the acquired specific information of the second device and specific information of the first device, by encrypting the data using a broadcast public key of a group to which the second device belongs, and determining whether authentication of the first device succeeds by decrypting the encrypted data by using a private key of the second device. If authentication succeeds, receiving the specific information of the first device, which is encrypted by using a temporary common key by using the decrypted data, and authenticating the second device by decrypting the encrypted specific information of the first device by using the temporary common key.

An apparatus and method for generating a key for a broadcast encryption. The apparatus includes a node secret generator for managing a user that receives broadcast data in a tree structure and for generating a unique node secret for each node in the tree structure. The apparatus also includes an instant key generator for temporarily generating an instant key used at all nodes in common in the tree structure, and a node key generator for generating a node key for each node by operating the node secret generated at the node secret generator and the instant key generated at the instant key generator. Thus, key update can be efficiently achieved.

A unified broadcast encryption system divides a media key tree into S subtrees, divides digital content into segments, and converts some of the segments into variations; the number of segments and variations is q. The system subdivides each of the subtrees into q/|S| subdivided subtrees, assigns a key media variant to each of the subdivided subtrees, and generates a unified media key block (MKB_u). The system decrypts digital content by obtaining required key media variants from the MKB_u, using the key media variant to find an entry in a variant key table, decrypt a title key, and locate a variant number from the variant key table. The system uses the variant number to identify which of the variations may be decrypted by the title key and uses the title key to decrypt segments and variations.