Cryptography – Key management
Reexamination Certificate
1998-08-05
2002-03-19
Hayes, Gail (Department: 2132)
Cryptography
Key management
Reexamination Certificate
active
06359986
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to an encryption system where digital productions such as digitized documents, audio, images, or programs are encrypted and distributed via transmission mediums or storage mediums, and especially relates to a technique for managing a plurality of types of encryption devices and decryption devices using a single key management device.
2. Description of the Prior Art
When distributing digital productions such as digitized documents, audio, images, or programs on the market, it is necessary to protect the digital productions against unauthorized use. For this aim, a digital production is conventionally encrypted in an encryption device using a secret encryption key and distributed via a transmission or storage medium (hereinafter, distribution medium), the encrypted digital production then being decrypted in a decryption device using a decryption key.
However, there is a danger that a third party may illegally decode the decryption key and use it to decrypt the encrypted digital production, or the third party may produce copies of the distribution medium.
Accordingly, the first problem concerning the encryption systems is to prevent unauthorized decoding of the decryption key.
In view of the first problem, it is desirable to use a plurality of encryption devices that each have different encryption keys. Also, the number of encryption keys possessed by one encryption device is preferably smaller than the total number of keys possessed by a key management device.
The second problem concerning the encryption systems is that it a decryption key stored in one decryption device is decoded by the unauthorized third party, it can be used to decrypt the encrypted digital production in other decryption devices.
In view of the second problem, it is desirable to provide different keys for different decryption devices. Here, an encryption system has been proposed for successful decryption of encrypted data in various types of decryption devices. In this system, each encryption device stores different encryption keys corresponding to all decryption devices and produces a ciphertext for each of the encryption keys. On receiving a plurality of ciphertexts generated by the encryption device, each decryption device identifies and retrieves a ciphertext which was encrypted using an encryption key corresponding to its device type and decrypts the retrieved ciphertext. Systems for assigning a plurality of decryption keys to each decryption device have also been proposed.
The third problem concerning the encryption systems is that, when there is the suspicion that a distribution medium has been copied without proper authorization, it is necessary to specify a type of an encryption device which produced the distribution medium used to make the copy, in order to specify the producer and the distribution channel of the medium.
SUMMARY OF THE INVENTION
In view of the first and second problems, the present invention aims to provide an encryption system where a plurality of different encryption devices each store different encryption keys and a plurality of different decryption devices each store different decryption keys, wherein the number of encryption keys stored in one encryption device is smaller than the total number of keys stored in the key management device. Also, in view of the third problem, the present invention aims to provide an encryption system where, when a distribution medium appears to have been copied by an unauthorized third party, it is possible to identify a type of an encryption device which produced the copied distribution medium.
The above objects can be fulfilled by an encryption system comprising a key management device, encryption devices of M types, and decryption devices of N types, wherein M and N are both integers that are no less than 2, the encryption system being characterized in that: the key management device stores M encryption key sets, N decryption key sets, and N identification numbers, distributes a different one of the M encryption key sets to all encryption devices of a same type out of the M types, distributes a different one of the N decryption key sets to all decryption devices of a same type out of the N types, and distributes a different one of the N identification numbers to all decryption devices of the same type out of the N types, wherein each encryption key set includes N encryption keys, and each decryption key set includes a predetermined number of decryption keys; each encryption device encrypts digital data using a scramble key to generate encrypted digital data, encrypts the scramble key using each of N encryption keys included in a distributed encryption key set to generate N encrypted scramble keys, and writes the encrypted digital data and the N encrypted scramble keys into a distribution medium; and each decryption device decrypts an encrypted scramble key, which is identified by a distributed identification number, among the N encrypted scramble keys written in the distribution medium, using each of the predetermined number of decryption keys included in a distributed decryption key set, selects a decryption key that correctly decrypts the encrypted scramble key according to a predetermined criterion, and decrypts the encrypted digital data written in the distribution medium using the scramble key obtained by correctly decrypting the encrypted scramble key to obtain the digital data, and wherein the key management device includes: a first ciphertext read unit for reading an encrypted scramble key from the distribution medium; a decryption key set read unit for reading a decryption key set from the N decryption key sets; a decryption selection unit for decrypting the read encrypted scramble key using each of the predetermined number of decryption keys included in the read decryption key set in order to select a decryption key, among the predetermined number of decryption keys, that correctly decrypts the encrypted scramble key according to the predetermined criterion; a first repeat control unit for controlling the first ciphertext read unit, the decryption key set read unit, and the decryption selection unit to respectively repeat an encrypted scramble key reading, a decryption key set reading, and an encrypted scramble key decryption, until the N encrypted scramble keys are read from the distribution medium, wherein N decryption keys are selected as a result of a control by the first repeat control unit; and a key pattern detection unit for detecting an encryption key set, among the M encryption key sets, that matches the selected N decryption keys and identifying an encryption device type, among the M types, specified by the detected encryption key set.
With the stated construction, each different decryption device is provided with a different decryption key set, so that it is difficult for a third party to decode ciphertexts. Also, even if the third party analyzes a decryption device of one type and obtains decryption keys, these decryption keys cannot be used in decryption devices of the other types, so that these decryption devices remain secure. Also, the key management device can identify a type of an encryption device that produced a copied distribution medium.
Here, the key management device may include: a first decryption key storage unit for storing the N decryption key sets which each include the predetermined number of decryption keys; an encryption key generation unit for generating an encryption key set which includes N encryption keys by selecting a decryption key, from each decryption key set stored in the first decryption key storage unit, as an encryption key according to a first predetermined method; a first encryption key storage unit for storing the generated encryption key set; a second repeat control unit for controlling the encryption key generation unit to repeat an encryption key set generation until the M encryption key sets are generated, wherein the first encryption key storage unit stores the generated M encryption key sets; an
Hayes Gail
Price and Gess
Smithers Matthew
LandOfFree
Encryption system capable of specifying a type of an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Encryption system capable of specifying a type of an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Encryption system capable of specifying a type of an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2862649