Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1998-08-14
2002-07-23
Barron, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C705S058000
Reexamination Certificate
active
06425081
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to an electronic watermark system, an electronic information distribution system and an image filing apparatus, and in particular to an electronic watermark technique for protecting a copyright for digital information, such as moving picture data, static picture data, audio data, computer data and computer programs, to a multimedia network for employing such an electronic watermark technique for the distribution of digital information, and to an image filing apparatus that employs such a multimedia network.
2. Related Background Art
As a consequence of recent developments concerning computer networks and the availability of inexpensive high-performance computers, electronic transactions for trading products across a network have become popular. Products for such transaction can be digital data, including pictures, for example.
However, since a large number of complete copies of digital data can be easily prepared, a user who purchases digital data would be able to illegally prepare copies having the same quality as the original, and could then distribute the copied data. As a result, a warrantable price would not be paid to the owner of the copyright for the digital data or to a person (hereinafter referred to as a “seller”) by whom sale of the digital data is authorized by the copyright owner, and the infringement of the copyright would occur.
Once a copyright holder or a seller (hereinafter a person who legally distributes digital data is generally called a “server”) has transmitted digital data to a user, full protection against the illegal copying of data is not possible.
Therefore, an electronic watermark technique has been proposed for use instead of a method for the direct prevention of illegal copying. According to the electronic watermark technique, a specific process is performed for the original digital data and copyright information concerning the digital data, or user information, is embedded in the digital data, so that when an illegal copy of the digital data is discovered, the person who distributed the copied data can be identified.
In a conventional electronic watermark system, a server is assumed to be fully trustworthy. Therefore, if a server in a conventional system proves not to be trustworthy, and may engage in some sort of illegal activities, a user who has committed no crime may be accused of illegally copying data.
This occurs because in a conventional electronic watermark system, as is shown in
FIG. 1
, when a server embeds user information d
1
for identifying a user (user U in
FIG. 1
) in digital data g (in the following explanation image data are employed as the digital data) distributed to the user, and thereafter, without the permission of the user makes a further distribution of the data containing the user's identification data and then accuses the user of making illegal copies, there is no way the user can refute the accusation of the server, even though in this instance it is the server that is at fault.
As a countermeasure, a system (
FIG. 2
) using a public key encryption method has been proposed, for example, in “Asymmetric Finger Printing”, B. Pfitmmann and M. Waidner, EUROCRYPT '96 (hereinafter referred to as reference 1). According to the public key encryption method, an encryption key and a decryption key differ, and the encryption key is used as a public key while the decryption key is used as a secret key. The RSA encryption and the E
1
Gamal encryption are well known as typical examples for the public key encryption.
An explanation will be given for (a) features of the public key encryption system and (b) protocols for secret communication and authenticated communication.
(a) Features of public key encryption
(1) Since an encryption key and a decryption key differ, and the encryption key can be published, a secret delivery process is not required for the encryption key and it can be delivered easily.
(2) Since the encryption keys of users are published, users need only provide for the secret storage of their decryption keys.
(3) An authentication function can be provided with which a recipient can verify that the sender of a message is not perpetrating a fraud and that the received message has not been altered.
(b) Protocols for public key encryption
For example, when E (kp, M) denotes an encryption operation for a message M that uses a public encryption key kp, and D (ks, M) denotes a decryption operation for a message Ms that uses a secret decryption key ks, the public key encryption algorithm satisfies the two following conditions.
(1) The calculations for the encryption E (kp, M) can be performed easily using the encryption key kp that is provided, and the calculations for the decryption D (ks, M) can also be performed easily using the decryption key ks that is provided.
(2) So long as a user does not know the decryption key ks, even if the user knows the encryption key kp and the calculation procedures for the encryption E (kp, M), and that the encrypted message C=E (kp, M), the user can not ascertain the contents of the message M because a large number of calculations are required.
When, in addition to the conditions (1) and (2), the following condition (3) is established, the secret communication function can be implemented.
(3) The encryption E (kp, M) can be defined for all the messages (plain text) M, and
D
(
ks, E
(
kp, M
))=M
is established. That is, anyone can perform the calculations for the encryption E (kp, M) using the public encryption key kp, but only a user who has the secret decryption key ks can perform the calculations for the decryption D (ks, E (kp, M)) to obtain the message M.
When, in addition to the above conditions (1) and (2), the following condition (4) is established the authenticated communication function can be implemented.
(4) The decryption D (ks, M) can be defined for all the messages (plain text) M, and
E
(
kp, D
(
ks, M
))=M
is established. That is, only a user who has the secret decryption key ks can calculate the decryption D (ks, M). Even if another user calculates D (ks′, M) using a bogus secret decryption key ks′ and performs the calculations as would a user who has the secret decryption key ks, the result obtained is
E
(
kp, D
(
ks′, M
)≠
M,
and a recipient can understand that the received information was illegally prepared.
When the value D (ks, M) is altered, the result is
E
(
kp, D
(
ks,M
)′)≠M,
and a recipient can understand that the received information was illegally prepared.
In the above described encryption method, the operation E ( ), using the public encryption key (hereinafter also referred to as a public key) kp, is called “encryption”, and the operation D ( ), using the secret decryption key (hereinafter also referred to as a secret key) ks, is called “decryption”.
Therefore, for a secret communication a sender performs the encryption and a recipient performs the decryption, while for an authenticated communication, a sender performs the decryption and a recipient performs the encryption.
The protocols are shown for a secret communication, an authenticated communication, and a secret communication with a signature performed by a sender A for a recipient B using the public key encryption system.
The secret key of the sender A is ksA and the public key is kpA, and the secret key of the recipient B is ksB and the public key is kpB.
Secret Communication
The following procedures are performed for the secret transmission of a message (plain text) M from the sender A to the recipient B.
Step 1: The sender A transmits to the recipient B a message C that is obtained by employing the public key kpB of the recipient B to encrypt the message M as follows:
C=E
(
kpB,M
).
Step 2: To obtain the original plain language message M, the recipient B employs his or her secret key ksB to decrypt the received message C as follows:
M=D
(
ksB,C
).
Since the public key kpB of the recipient B is openly available to an unspecified number of p
Barron Gilberto
Canon Kabushiki Kaisha
Fitzpatrick ,Cella, Harper & Scinto
Meislahn Douglas J.
LandOfFree
Electronic watermark system electronic information... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic watermark system electronic information..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic watermark system electronic information... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2858765