[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

WO2006073250A2 - Authentication method, encryption method, decryption method, cryptographic system and recording medium - Google Patents

Authentication method, encryption method, decryption method, cryptographic system and recording medium Download PDF

Info

Publication number
WO2006073250A2
WO2006073250A2 PCT/KR2006/000001 KR2006000001W WO2006073250A2 WO 2006073250 A2 WO2006073250 A2 WO 2006073250A2 KR 2006000001 W KR2006000001 W KR 2006000001W WO 2006073250 A2 WO2006073250 A2 WO 2006073250A2
Authority
WO
WIPO (PCT)
Prior art keywords
certificate
key
recording medium
encrypted
public key
Prior art date
Application number
PCT/KR2006/000001
Other languages
French (fr)
Other versions
WO2006073250A3 (en
Inventor
Kun Suk Kim
Jea Yong Yoo
Kang Soo Seo
Original Assignee
Lg Electronics Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020050113647A external-priority patent/KR20060081336A/en
Application filed by Lg Electronics Inc. filed Critical Lg Electronics Inc.
Priority to EP06700326A priority Critical patent/EP1836794A2/en
Priority to JP2007550283A priority patent/JP2008527833A/en
Publication of WO2006073250A2 publication Critical patent/WO2006073250A2/en
Publication of WO2006073250A3 publication Critical patent/WO2006073250A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • G06F21/335User authentication using certificates for accessing specific resources, e.g. using Kerberos tickets
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • H04L9/007Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models involving hierarchical structures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • G11B20/00217Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source
    • G11B20/00246Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the cryptographic key used for encryption and/or decryption of contents recorded on or reproduced from the record carrier being read from a specific source wherein the key is obtained from a local device, e.g. device key initially stored by the player or by the recorder
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • G11B20/0042Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the copy protection scheme being related to a specific access protection standard
    • G11B20/00427Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier the copy protection scheme being related to a specific access protection standard advanced access content system [AACS]
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/0021Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
    • G11B20/00485Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier
    • G11B20/00492Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted
    • G11B20/00521Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier characterised by a specific kind of data which is encrypted and recorded on and/or reproduced from the record carrier wherein content or user data is encrypted wherein each session of a multisession recording medium is encrypted with a separate encryption key
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/00086Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
    • G11B20/00855Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving a step of exchanging information with a remote server
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B20/00Signal processing not specific to the method of recording or reproducing; Circuits therefor
    • G11B20/10Digital recording or reproducing
    • G11B20/12Formatting, e.g. arrangement of data block or words on the record carriers
    • G11B2020/1264Formatting, e.g. arrangement of data block or words on the record carriers wherein the formatting concerns a specific kind of data
    • G11B2020/1288Formatting by padding empty spaces with dummy data, e.g. writing zeroes or random data when de-icing optical discs
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11BINFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
    • G11B2220/00Record carriers by type
    • G11B2220/20Disc-shaped record carriers
    • G11B2220/25Disc-shaped record carriers characterised in that the disc is based on a specific recording technology
    • G11B2220/2537Optical discs
    • G11B2220/2541Blu-ray discs; Blue laser DVR discs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Definitions

  • the present invention relates to an authentication method, encryption method, decryption method, cryptographic system and recording medium.
  • BD Blu-ray disc
  • the BD as a next generation recording medium technology is a next generation optical record solution provided with data remarkably surpassing that of a conventional DVD .
  • many efforts are made to research and develop the BD together with other digital devices .
  • many efforts are made to research and develop an optical record player with the application of the BD specifications . Since a security scheme in the BD has not been set up, the development and utilization of a complete optical record player still have difficulty in fact .
  • An obj ect of the present invention is to provide security to a high-density optical recording medium using a public key infrastructure (PKI) that is currently and widely used.
  • Another object of the present invention is to provide a certificate to a user on a network using the public key infrastructure (PKI) .
  • FIG. 1 is a flowchart of an authentication method using the public key infrastructure .
  • PKI public key infrastructure
  • a public key and a private key are used.
  • the public key is made available to everyone via a publicly accessible repository or director .
  • the information is encrypted using the public key and the encrypted information is then transmitted .
  • the private key is a key left as a secret to each owner . Because the key pair is mathematically related, whatever is encrypted with a public key may only be decrypted by its corresponding private key, and vice versa .
  • FIG. 1 is a flowchart of an authentication method using the public key infrastructure .
  • PKI public key infrastructure
  • the public key is made available to everyone via a publicly accessible repository or director .
  • the private key is a key left as a secret to each owner . Because the key pair is mathematically related, whatever is encrypted with a public key may only be decrypted by its corresponding private key, and vice versa .
  • authentication information 101 is encrypted via an encryption algorithm 102 using a private key 106 of a trusted certificate authority (CA) .
  • a cipher text 103 generated from the encryption is decrypted via a decryption algorithm 104 using a public key 107 of the trusted CA.
  • a person to be authenticated is authenticated using an authentication information 105 obtained from a result of the decryption .
  • Positions of the private and public keys 106 and 107 shown in FIG. 1 can be switched to each other .
  • the authentication information is encrypted with the public key and the encrypted authentication information is decrypted with the private key to obtain the authentication information .
  • problems including hacking and the like are raised.
  • the present invention which is proposed to solve the problem, provides an authentication method using a certificate and a recording medium storing the certificate . And, the present invention provides an encryption method using a secret key, a decryption method and a cryptographic system.
  • the present invention is directed to an authentication method, encryption method, decryption method, cryptographic system and recording medium that substantially obviate one or more problems due to limitations and disadvantages of the related art .
  • An authentication method according to the present invention proposed to solve the above-explained problem is characterized in using a certificate .
  • the certificate is a certificate signed by a certificate authority.
  • authentication information and a content provider' s public key are stored in the certificate .
  • an authentication method includes the steps of decrypting authentication information and a content provider' s public key in a certificate signed by a certificate authority with a public key of the certificate authority to authenticate the content provider using the decrypted authentication information and authenticating the content provider' s public by checking the decrypted public key of the content provider .
  • the authentication method further includes the step of checking whether the certificate is valid before performing authentication .
  • the encrypted authentication information and the content provider' s public key are encrypted using a private key of the certificate authority.
  • the certificate is one of a plurality of certificates in a certificate chain .
  • the certificate is stored as a file in a recording medium.
  • the file exists in a directory storing the certificate only within the recording medium.
  • the certificate is a certificate downloaded from an outside of a recording medium.
  • the certificate follows X .509 of a public key infrastructure ( PKI ) .
  • the certificate is a certificate used in authenticating data stored within a recording medium.
  • the certificate is a root certificate used in authenticating an application within a recording medium and/or a local storage .
  • the certificate is a root certificate used in verifying a signature located at a signature file of a binding unit associated with a recording medium within a local storage .
  • a recording medium in another aspect of the present invention, includes a data area storing content data and an authentication management area storing authentication information, wherein a certificate generated from encrypting the authentication information with a public key of a content provider is stored in the authentication management area .
  • a private key of a certificate authority is used in encrypting the authentication information.
  • the certificate is one of a plurality of certificates in a certificate chain .
  • the certificate exists in a directory storing the certificate only within a file structure within the recording medium.
  • the certificate is a certificate used for authentication of data within the recording medium.
  • the certificate is a root certificate used for authentication of an application within the recording medium.
  • the certificate is a root certificate used in verifying a signature located at a signature file of a binding unit associated with the recording medium within a local storage .
  • the certificate follows X.509 of a public key infrastructure ( PKI ) .
  • an encryption method includes the steps of encrypting content data with a secret key, encrypting the secret key with a public key, and transferring the encrypted content data and the encrypted secret key .
  • the public key belongs to an optical terminal .
  • the public key belongs to a content provider .
  • the content data is encrypted by AES algorithm.
  • the content data is encrypted by DES algorithm.
  • the secret key is encrypted by RSA cryptographic algorithm.
  • the public key is distributed by a handshake process between a content provider and a optical player .
  • the secret key includes a session key .
  • the session key is generated by using random data .
  • a decryption method includes the steps of receiving an encrypted secret key and encrypted content data, decrypting an encrypted secret key and decrypting encrypted content data using the decrypted secret key.
  • the encrypted secret key is decrypted using a private key of an optical player .
  • the encrypted secret key is decrypted using a private key of a content provider .
  • the encrypted secret key is decrypted by RSA cryptographic algorithm.
  • the encrypted content data is decrypted by AES algorithm.
  • the encrypted content data is decrypted by DES algorithm.
  • the secret key includes a session key.
  • the session key is generated by using random data .
  • a cryptographic system includes an encryption system encrypting content data with a secret key, the encryption system encrypting the secret key with a public key, the encryption system transferring the encrypted content data and the encrypted secret key and a decryption system receiving the encrypted secret key and the encrypted content data, the decryption system decrypting the encrypted secret key, the decryption system decrypting the encrypted content data using the decrypted secret key.
  • FIG. 1 is a flowchart of an authentication method using a public key infrastructure according to a related art
  • FIG. 2 is a diagram of a security infrastructure in a recording medium according to the present invention
  • FIG. 3 is a schematic diagram of a generation of a certificate according to the present invention
  • • FIG . 4 is a diagram of a certificate chain used in an authentication method according to the present invention
  • FIG . 5 is a diagram of a file structure of a recording medium according to the present invention, in which a certificate according to the present invention is stored in the recording medium;
  • FIG . 6 is a flowchart of an authentication method using a certificate within a recording medium according to the present invention.
  • FIG . 7 is a diagram of an authentication method in a network according to the present invention.
  • FIG . 8 is a diagram of an authentication method in a network according to the present invention.
  • FIG . 9 is a flowchart of an SSL handshake according to one embodiment of the present invention.
  • FIG. 10 is a diagram for an encryption method using a secret key according to the present invention.
  • FIG. 11 is a flowchart of an encryption and decryption method using a secret key and a public key according to the present invention . Best Mode for Carrying Out the Invention
  • FIG . 2 is a diagram of a security infrastructure in a recording medium according to the present invention .
  • storage resources such as PlayList, AV clips and the like and network resources are stored in a recording medium according to the present invention.
  • the present invention relates to an authentication method in a recording medium using certificates signed by a trusted certificate authority (hereinafter abbreviated CA) and a recording medium storing the certificates .
  • CA trusted certificate authority
  • a trusted root CA 202 verifies and certifies authenticity of an AACS (advanced access content system) or CPS (content protection system) 201.
  • the AACS or CPS 201 verifies to certify authenticities of CAs 204 , 205 and 206.
  • the AACS or CPS 201 becomes the trusted CA 202 by itself to certify content providers 204 , 205 and 206 as well .
  • the certification is carried out by certificates .
  • a certificate is an electronic document attached to a public key by a trusted third party or CA (AACS or CPS ) , which provides proof that the public key belongs to a legitimate owner and has not been compromised.
  • Certificates are issued by CAs (certificate authorities ) and are signed with the CA' s private key. Furthermore, the certificates are used in proving AACS, CPS or CPs' identities or rights . Certificates bind an identity to a pair of keys that can be used in encrypting and signing information . A certificate makes it possible to verify someone' s claim that he has the right to use a given key, thereby preventing people from using phony keys to impersonate other users .
  • a certificate may contain version, serial number, signature algorithm, issuer, valid from, valid to, subj ect, public key, CA' s signature and the like . Certificates can be stored in a recording medium to be provided to a user . Certificates can be supplied to the user 203 from a CP via a network outside the recording medium.
  • FIG . 3 is a schematic diagram of a generation of a certificate according to the present invention .
  • a certificate 305 is generated by encrypting authentication information 301 for an authentication target and a CP' s public key 302 via a signature algorithm 303.
  • a digest of the authentication information 301 and the CP' s public key 302 is calculated using a hash function .
  • the digest is encrypted with a CA' s private key to generate a digital signature .
  • the digital signature is then stored to generate the certificate 305.
  • the encryption using the private key via the signature algorithm is called ⁇ sign' .
  • the signature is an unforgeable piece of data that asserts that a named entity wrote or otherwise agreed to the document to which the signature is attached.
  • digital signatures enable "authentication" of digital messages , assuring user of both the identity of CP and the integrity of the messages .
  • One who having a secret key can make a signature only and has to prove the person who signed is the person in question. And, the signed data cannot be changed.
  • the signature algorithm 303 can employ various cryptographic algorithms such as RSA (Rive-Shamir-Adelman) , DSA (digital signature algorithm) and the like .
  • the RSA is the most popular algorithm used as a public key cryptographic algorithm performing encryption using public and private keys .
  • the RSA performs encryption with the private key.
  • the RSA is safe in performing encryption with a public key as well .
  • the RSA enables encryption with the private or public key.
  • the DSA is similar to the RSA.
  • the DSA is a cryptographic algorithm that does not need an original message .
  • the authentication information may correspond to the digital signature of the CP .
  • the CP' s private key can be used for the generation of the CP' s digital signature .
  • the authentication information may correspond to a specific message that the trusted CA certifies authenticity of the CP or the CP' s public key.
  • a private key 304 of the trusted CA can be used for encryption of the authentication information and the CP' s public key 302.
  • the trusted CA corresponds to a trusted third party, an AACC, a CPS or another CA. If necessary, the CP can become the trusted CA by itself .
  • the generated certificate 305 is stored in a specific area of a recording medium to be used or can be used for a place that needs the certificate on a network.
  • a user, e . g . , a BD terminal decrypts the digital signature included in the certificate 305 using the CA' s public key to obtain the authentication information and the CP' s public key.
  • the BD terminal can authenticate the CP from the decrypted authentication information .
  • the authentication of the CP using the authentication information can be executed in various ways . For instance, a digest is computed by applying the hash function to the authentication information and the CP' s public key, the digest is encrypted, and the encrypted digest is then transferred as well as the non-encrypted authentication information and CP' s public key .
  • the encrypted digest is decrypted .
  • the hash function is applied to the non- encrypted authentication information and CP' s public key to compute the digest .
  • the decrypted digest is compared to the hash-function-applied digest . If the former is equal to the latter, the authentication is completed. Otherwise, the authentication is not completed.
  • the authentication information can be sent to a user together with the CP' s public key corresponding to the private key .
  • the signature algorithm is applicable to the encryption that uses the CP' s private key .
  • the digital signature generated from the signature algorithm becomes the CP' s digital signature .
  • the digital signature is encrypted using a private key of the trusted CA certifying the authenticities of the CP' s identity and the CP' s public key to be provided to a user together with the CP' s public key.
  • the authentication in the present invention means a confirmation of a CP' s authenticity or a confirmation of an authenticity of the public key generated from the CP or BD terminal .
  • the CP is an entity providing data or a specific function to the BD terminal via a recording medium or network.
  • the authentication can be used in checking integrity of the data provided by the CP and in checking authenticity of the CP or public key .
  • the certificate 305 is used in authenticating a user' s public key by using other (CA' s) public key.
  • the certificate provides proof that the CP' s public key 302 belongs to a legitimate owner and has not been compromised.
  • the CP and BD terminal generate their private/public key pairs and get certificates through the trusted CA.
  • the CP' s public key 302 can be used for the purpose of encryption and the like executed after the authentication as well as for the purpose of the above-explained authentication .
  • FIG . 4 is a diagram of a certificate chain used in an authentication method according to the present invention .
  • multiple certificates can be enclosed with content, forming a hierarchical chain, wherein one certificate testifies to the authenticity of a previous certificate .
  • a root CA At the end of a certificate hierarchy is a root CA that is trusted without a certificate form any other CA. Certificates are stored in a key database that is placed in a recording medium or BD terminal . Referring to FIG .
  • a trusted root CA can perform a certification 402 of the authenticity of an AACS, a certification 403 of the authenticity of a CPS or a certification 404 of the authenticity of another CA. As a proof for this , the trusted root CA issues each certificate .
  • the AACS, CPS or another CA can independently certify the authenticities of infrastructures such as a BD terminal , a CP and the like ( 402-1, 402-2 , 402-3 ) . Such a structure is called a certificate chain .
  • the certification may include a certification for private/public key pairs generated from the BD terminal and/or CPs .
  • the trusted root CA certifies itself ( 401 ) to issue a certificate that corresponds to a root certificate 401.
  • Each of the CAs composes a certificate revocation list (CRL) .
  • CTL certificate revocation list
  • a CP or user checks whether a certificate to be used for authentication is revoked. If the certificate to be used for the authentication is revoked, the authentication is not completed.
  • the certificate generated through the certificate chain is stored as a file format in a specific area of a recording medium.
  • the certificate can be used for authentication or can be downloaded to a player from an outside of the recording medium.
  • the certificate can be used for authentication of the BD terminal or CP on a network.
  • FIG . 5 is a diagram of a file structure of a recording medium according to the present invention, in which certificates generated from the process in FIG . 3 are stored in the recording medium.
  • a recording medium according to the present invention at least one BDMV directory 502 and a directory storing a certificate, e . g. , a CERTIFICATE directory 507 exist below one root directory 501.
  • the BDMV directory 502 includes an index file ("index . bdmv”) 503 as general (upper) file information to secure interactivity with a user, a movie obj ect file ("MovieObj ect . bdmv" ) 504 , a PLAYLIST directory 505 having information of data substantially recorded within a disc and information reproducing the recorded data, a CLIPINF directory 506 and the like .
  • At least one or more certificates can exist within a recording medium.
  • a position and directory name of the CERTIFICATE directory 507 are exemplarily shown in the drawing .
  • a file or directory, in which data used for authentication of data associated with a recording medium according to the present invention is stored, are included in the present invention .
  • the certificate can exist within the CERTIFICATE directory 507 a various way .
  • each data is authenticated using the corresponding certificate . For instance, files including "contentOOO . crt" as a certificate used for authentication of data recorded within a recording medium, "app . discroot . crt” as a trusted root certificate used for authentication of application, "bu . discroot . crt” as a certificate used in verifying a signature located at "Binding Unit Signature file", and the like can exist within the CERTIFICATE directory.
  • FIG. 6 is a flowchart of an authentication method using a certificate within a recording medium according to the present invention .
  • the CP to use in verifying authenticity of a CP or CP' s public key, the CP generates a certificate by encrypting authentication information of an authentication target and the CP' s public key with CA' s private key ( 601) .
  • the generated certificate is then recorded in a recording medium ( 602 ) .
  • a user, e . g . , a BD terminal decrypts the encrypted authentication information and CP' s public key within the certificate with CA' s public key ( 603 ) .
  • the CP is then authenticated by the authentication information obtained as a result of the decryption .
  • the CP' s public key belongs to a legitimate owner by the decrypted CP' s public key. Namely, by the decrypted authentication information and CP' s public key, the CP and the CP' s public key are authenticated.
  • the CA corresponds to a trusted certificate authority of a third party, an AACS or a CPS .
  • a signature algorithm as RSA, DSA and the like can be used.
  • a user e . g .
  • a BD terminal can authenticate the CP to confirm that a provided content is not illegally copied but is provided from an authentic CP .
  • the CP' s public key belongs to a legitimate owner .
  • FIG . 7 is a diagram of an authentication method in a network according to the present invention, in which a CP is authenticated on a network for example .
  • a trusted root CA 702 authenticates an AACS or CPS 701.
  • the AACS or CPS 701 can issue certificates certifying CPs 704 and 705, respectively.
  • a disguised site 706 can disguise its public key as that of the CP 704 or 705 from a BD terminal 703 on a network.
  • the BD terminal 703 trusts and uses a public key of the disguised site 706 as an authentic public key of the CP 704 or 705 and may provide important information to the disguised site 706.
  • the trusted CA 701 or 702 certifies the authenticity of the CP 704 or 705. Since the certificate may include a public key of the CP 704 or 705 certified by the trusted CA 701 or 702 , the BD terminal 703 can sagely use the public key of the CP 704 or 705.
  • FIG . 7 shows a process of downloading the certificate of the CPl 704 to the BD terminal 703 via the network using an SSL ( secure socket layer) or TLS (transport layer security) .
  • the disguised site 706 can act as the CPl 704.
  • the CPl 704 has to provide the BD terminal 703 with the certificate from the trusted root CA 702 or the AACS or CPS 701, a user can be protected against the disguised site 706.
  • the authentic CPs can be protected in a manner that the disguised site is made not to disguise itself as the authentic CP .
  • the CP can be a specific server .
  • the BD terminal is explained as an example of a device for recording or playing a high-density optical recording medium.
  • the present invention is applicable to the device for recording or playing the high-density optical recording medium as a client communicating with the server .
  • FIG . 8 is a diagram of an authentication method in a network according to the present invention .
  • a certificate is generated by encrypting authentication information of a CP as an authentication target and the CP' s public key with a trusted CA' s private key to authenticate the CP on a network (801 ) .
  • the certificate encrypted by the CA' s private key is called a certificate signed by the CA. If a user, e . g . , BD terminal requests a certificate of the CP via the network ( 802 ) , the CP transfers the certificate via the network ( 803 ) .
  • the transferred certificate is decrypted with the CA' s public key by the BD terminal ( 804 ) .
  • the CP and the CP' s public key are authenticated ( 805 ) .
  • the authentication information may correspond to the content of certifying authenticity of the CP by itself .
  • the authentication information may correspond to information necessary for the authentication of the CP .
  • the authentication information may become a digital signature generated via signature algorithm performed on specific data about the CP using the CP' s private key.
  • the CP' s public key that is encrypted to be transferred together may be a public key corresponding to the CP' s private key.
  • the certificate of the present invention certifies the authenticity of the CP that provides specific data or function and provides a proof that the CP' s public key belongs to the CP .
  • a recording medium which is provided with a networking function, can provide additional data to a user from a VP via a network.
  • the authentication method according to the present invention enables the additional data to be trusted as provided from an authentic CP .
  • FIG. 9 is a flowchart of an SSL handshake according to one embodiment of the present invention .
  • the SSL which is a data transport protocol, enables authentication and confirmation of integrity of a message . And, the SSL enables a secret key exchange function between an Internet browser and an Internet server . Though this , security of a network for a playback system is secured.
  • a parameter of an encryption message should be compromised.
  • a player e . g .
  • a BD terminal delivers a client_hello message to a CP (903) .
  • the client_hello message includes SSL version, random data, session ID, supported cipher suites and the like .
  • the CP 902 transfers a server_hello message, a certificate of CP and key exchange information of CP to the BD terminal 902 ( 904 ) .
  • the server_hello message includes SSL version, random data, session ID, supported cipher suites and the like . Through this, the BD terminal 901 and the CP 902 compromise the cipher suite to use with each other .
  • the client_hello and server_hello messages are not limited to the formats explained in the embodiment of the present invention shown in FIG. 9.
  • the BD terminal 901 can use the public key of the CP certified by the trusted CA.
  • the BD terminal 901 transfer the key exchange information including the random data encrypted using the CP' s public key and the compromised suites to the CP 902 ( 905 ) .
  • the encryption using the public key employs the RSA scheme for example .
  • the BD terminal 901 and the CA 902 share a secret key such a session key using the random data .
  • the CP 902 sends the compromised cipher suites back to the BD terminal 901 ( 906) . Through this , as the BD terminal 901 and the CP 902 share the same secret key, a secure channel is established ( 907 ) .
  • the cipher suite is a set of cryptographic algorithms . Algorithms from a cipher suite are used in creating keys and in encrypting information .
  • a cipher suite specifies one algorithm for each of the key exchange, the bulk encryption and the message authentication .
  • Key exchange algorithms protect information required for creating shared keys .
  • Bulk algorithms encrypt messages exchanged between clients and servers .
  • message authentication algorithms generate message hashes and signatures that ensure the integrity of a message .
  • the data is encrypted and decrypted using the public and private keys , which is called ⁇ asymmetric encryption' .
  • the same key is shared to perform encryption and decryption with the same key, which is called ⁇ symmetric encryption' .
  • the BD terminal 901 and the CP 902 can safely exchange information mutually using the shared encryption key without interruptive intrusions of hackers .
  • FIG . 10 is a diagram for an encryption method using a secret key according to the present invention.
  • a public key of a CP certified by a trusted CA is delivered to a user, e . g . , a BD terminal .
  • the BD terminal forwards random data to the CP using the delivered CP' s public key to share such a secret key as a session key with the CP .
  • the session key is an encryption key used during one communication session only between parties communicating with each other . In case that there are too many ciphertexts , it is highly probable that a key can be computed by analyzing the ciphertexts .
  • the session key is a temporary key used for this prevention .
  • a session is a logical connection for conversations between a BD terminal and a CP on a network.
  • the public key can be delivered in two ways . Firstly, the public key of the CP is delivered to the BD terminal . Secondly, the public key of the BD terminal is delivered to the CP in the same manner .
  • FIG . 10 shows an example of the latter case , in which encryption and decryption methods using a delivered public key 1007 of a BD terminal and a secret key such as a session key 1004 are shown .
  • a CP generates an encrypted file 1005 by encrypting content data (plaintext) through cryptographic algorithm using a session key 1004.
  • the cryptographic algorithm includes AES (advanced encryption standard) , DES (data encryption standard) , Triple DES or the like .
  • AES advanced encryption standard
  • DES data encryption standard
  • Triple DES Triple DES or the like .
  • the secret key is used in the present invention, it corresponds to a symmetric encryption .
  • An encrypted session key 1008 is generated by encrypting the session key 1004 with a public key 1007 of the BD terminal .
  • RSA may be used as cryptographic algorithm.
  • the public key it corresponds to an asymmetric encryption .
  • the encrypted file 1005 and the encrypted session key 1008 are transferred to the BD terminal .
  • the BD terminal decrypts the received encrypted session key 1008 with a private key 1009 of the BD terminal to restore to the original session key 1004.
  • Cryptographic algorithm 1010 used for the decryption adopts the RSA algorithm to correspond to the cryptographic algorithm 1006 used for the encryption .
  • the encrypted file 1005 is decrypted using the restored session key 1004 ( 1011 ) .
  • the cryptographic algorithm 1011 used for the decryption adopts the AES or DES to correspond to the cryptographic algorithm 1003 used for the encryption .
  • content data 1002 transferred from the CP is recovered.
  • the CP can share the same secret key 1004 with the BD terminal using the above-explained methods . And, the CP can deliver the content to the BD terminal using the secret key 1004.
  • FIG. 11 is a flowchart of an encryption and decryption method using a secret key and a public key according to the present invention .
  • a BD terminal transfers a certificate to a CP ( 1101) .
  • the certificate includes a public key of the BD terminal at least .
  • the content is encrypted with such a secret key as a session key.
  • the session key is encrypted with the delivered public key of the BD terminal (1102 ) .
  • An encrypted file generated from encryption of the content and the encrypted session key are transferred to the BD terminal (1103) .
  • the BD terminal restores the session key by decrypting the received encrypted session key with a private key of the BD terminal ( 1104 ) .
  • the BD terminal decrypts the received encrypted file using the restored session key ( 1105 ) .
  • the BD terminal can obtain the content which the CP attempts to deliver to a user ( 1106) . Accordingly, by the authentication method, recording medium, encryption method, decryption method and cryptographic system of the present invention, security can be provided to the high-density optical recording medium, the reproduction system associated with the high-density optical recording medium, and the network.
  • the present invention protects the content provider and the playback system that reproduces the recording medium. And, by establishing the secure channel between the playback system of the recording medium and the content provider through the network to secure the safe data exchange, the present invention provides more convenient functions to the users and the content providers .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)
  • Signal Processing For Digital Recording And Reproducing (AREA)

Abstract

An authentic method, encryption method, decryption method, cryptographic system and recording medium are disclosed. The present invention includes the steps of decrypting authentication information (301 ) and a content provider's public key (302) stored in a certificate (305) signed by a certificate authority to authenticate the content provider using the decrypted authentication information (301) and authenticating the public key (302) of the content provider by checking the decrypted public key of the content provider. And, the present invention provides the encryption method includes the steps of encrypting content data (1002) with a secret key (1004), encrypting the secret key (1004) with a public key (100/), and transferring the encrypted content data (1005) and the encrypted secret key (1008).

Description

_
[DESCRIPTION]
AUTHENTICATION METHOD, ENCRYPTION METHOD, DECRYPTION METHOD, CRYPTOGRAPHIC SYSTEM AND RECORDING MEDIUM
Technical Field
The present invention relates to an authentication method, encryption method, decryption method, cryptographic system and recording medium.
Background Art
Recently, a new high-density recording medium, e . g . , Blu-ray disc (hereinafter abbreviated BD) has been developed to store video data of high image quality and audio data of high sound quality for long duration . The BD as a next generation recording medium technology is a next generation optical record solution provided with data remarkably surpassing that of a conventional DVD . And, many efforts are made to research and develop the BD together with other digital devices . Moreover, many efforts are made to research and develop an optical record player with the application of the BD specifications . Since a security scheme in the BD has not been set up, the development and utilization of a complete optical record player still have difficulty in fact . Besides , the above-explained recording medium is provided with a networking function to enable a CA and a user to exchange information with each other on a network. In this case, it is a problem that a clear method of verifying whether the CA and user are trusted has not been settled yet . An obj ect of the present invention is to provide security to a high-density optical recording medium using a public key infrastructure (PKI) that is currently and widely used. Another object of the present invention is to provide a certificate to a user on a network using the public key infrastructure (PKI) .
To achieve theses obj ects, the public key infrastructure is used. FIG. 1 is a flowchart of an authentication method using the public key infrastructure . In the public key infrastructure ( PKI ) , a public key and a private key are used. The public key is made available to everyone via a publicly accessible repository or director . In case of attempting to encrypt and transmit information, the information is encrypted using the public key and the encrypted information is then transmitted . On the other hand, the private key is a key left as a secret to each owner . Because the key pair is mathematically related, whatever is encrypted with a public key may only be decrypted by its corresponding private key, and vice versa . In FIG . 1, authentication information 101 is encrypted via an encryption algorithm 102 using a private key 106 of a trusted certificate authority (CA) . A cipher text 103 generated from the encryption is decrypted via a decryption algorithm 104 using a public key 107 of the trusted CA. And, a person to be authenticated is authenticated using an authentication information 105 obtained from a result of the decryption . Positions of the private and public keys 106 and 107 shown in FIG. 1 can be switched to each other . In this case, the authentication information is encrypted with the public key and the encrypted authentication information is decrypted with the private key to obtain the authentication information . Meanwhile, according to the developments of a recording medium and a network such as Internet, problems including hacking and the like are raised. Even if security technologies including various authentication methods using certificates are developed, a safe security technology of a new high-density optical recording medium is not determined yet . In particular, since a clear and efficient method of authenticating such a server as a CP does not exist in the BD, a security problem still remains unsolved .
The present invention, which is proposed to solve the problem, provides an authentication method using a certificate and a recording medium storing the certificate . And, the present invention provides an encryption method using a secret key, a decryption method and a cryptographic system.
According to the present invention, a true content provider
(CP) and data provided from the content provider are protected as well as a user' s playback system. Hence, security can be provided to a new high-density optical recording medium.
Disclosure of Invention Accordingly, the present invention is directed to an authentication method, encryption method, decryption method, cryptographic system and recording medium that substantially obviate one or more problems due to limitations and disadvantages of the related art . An authentication method according to the present invention proposed to solve the above-explained problem is characterized in using a certificate . The certificate is a certificate signed by a certificate authority. And, authentication information and a content provider' s public key are stored in the certificate .
Additional advantages , obj ects , and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention . The obj ectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings . To achieve these obj ects and other advantages and in accordance with the purpose of the invention, as embodied and broadly described herein, an authentication method according to the present invention includes the steps of decrypting authentication information and a content provider' s public key in a certificate signed by a certificate authority with a public key of the certificate authority to authenticate the content provider using the decrypted authentication information and authenticating the content provider' s public by checking the decrypted public key of the content provider . For example, the authentication method further includes the step of checking whether the certificate is valid before performing authentication .
For example, the encrypted authentication information and the content provider' s public key are encrypted using a private key of the certificate authority.
For example, the certificate is one of a plurality of certificates in a certificate chain .
For example, the certificate is stored as a file in a recording medium. For example, the file exists in a directory storing the certificate only within the recording medium.
For example, the certificate is a certificate downloaded from an outside of a recording medium. For example, the certificate follows X .509 of a public key infrastructure ( PKI ) .
For example, the certificate is a certificate used in authenticating data stored within a recording medium.
For example, the certificate is a root certificate used in authenticating an application within a recording medium and/or a local storage .
For example, the certificate is a root certificate used in verifying a signature located at a signature file of a binding unit associated with a recording medium within a local storage .
In another aspect of the present invention, a recording medium includes a data area storing content data and an authentication management area storing authentication information, wherein a certificate generated from encrypting the authentication information with a public key of a content provider is stored in the authentication management area .
For example, a private key of a certificate authority is used in encrypting the authentication information.
For example, the certificate is one of a plurality of certificates in a certificate chain . For example, the certificate exists in a directory storing the certificate only within a file structure within the recording medium.
For example, the certificate is a certificate used for authentication of data within the recording medium.
For example, the certificate is a root certificate used for authentication of an application within the recording medium.
For example, the certificate is a root certificate used in verifying a signature located at a signature file of a binding unit associated with the recording medium within a local storage .
For- example, the certificate follows X.509 of a public key infrastructure ( PKI ) .
In another aspect of the present invention, an encryption method includes the steps of encrypting content data with a secret key, encrypting the secret key with a public key, and transferring the encrypted content data and the encrypted secret key .
For example, the public key belongs to an optical terminal . For example, the public key belongs to a content provider .
For example, the content data is encrypted by AES algorithm.
For example, the content data is encrypted by DES algorithm.
For example, the secret key is encrypted by RSA cryptographic algorithm. For example, the public key is distributed by a handshake process between a content provider and a optical player .
For example , the secret key includes a session key .
For example, the session key is generated by using random data .
In another aspect of the present invention, a decryption method includes the steps of receiving an encrypted secret key and encrypted content data, decrypting an encrypted secret key and decrypting encrypted content data using the decrypted secret key.
For example, the encrypted secret key is decrypted using a private key of an optical player .
For example, the encrypted secret key is decrypted using a private key of a content provider . For example, the encrypted secret key is decrypted by RSA cryptographic algorithm.
For example, the encrypted content data is decrypted by AES algorithm.
For example, the encrypted content data is decrypted by DES algorithm.
For example, the secret key includes a session key.
For example, the session key is generated by using random data .
In a further aspect of the present invention, a cryptographic system includes an encryption system encrypting content data with a secret key, the encryption system encrypting the secret key with a public key, the encryption system transferring the encrypted content data and the encrypted secret key and a decryption system receiving the encrypted secret key and the encrypted content data, the decryption system decrypting the encrypted secret key, the decryption system decrypting the encrypted content data using the decrypted secret key.
It is to be understood that both the foregoing general description and the following detailed description of the present invention are exemplary and explanatory and are intended to provide further explanation of the invention as claimed.
Brief Description of Drawings
The accompanying drawings , which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment ( s ) of the invention and together with the description serve to explain the principle of the invention . In the drawings :
FIG. 1 is a flowchart of an authentication method using a public key infrastructure according to a related art; FIG . 2 is a diagram of a security infrastructure in a recording medium according to the present invention; FIG. 3 is a schematic diagram of a generation of a certificate according to the present invention; FIG . 4 is a diagram of a certificate chain used in an authentication method according to the present invention; FIG . 5 is a diagram of a file structure of a recording medium according to the present invention, in which a certificate according to the present invention is stored in the recording medium;
FIG . 6 is a flowchart of an authentication method using a certificate within a recording medium according to the present invention;
FIG . 7 is a diagram of an authentication method in a network according to the present invention;
FIG . 8 is a diagram of an authentication method in a network according to the present invention;
FIG . 9 is a flowchart of an SSL handshake according to one embodiment of the present invention;
FIG. 10 is a diagram for an encryption method using a secret key according to the present invention; and FIG . 11 is a flowchart of an encryption and decryption method using a secret key and a public key according to the present invention . Best Mode for Carrying Out the Invention
Reference will now be made in detail to the preferred embodiments of the present invention, examples of which are illustrated in the accompanying drawings . Wherever possible, the same reference numbers will be used throughout the drawings to refer to the same or like parts .
First of all, a digital authentication method in a recording medium according to one preferred embodiment of the present invention and a digital authentication method on a network according to one preferred embodiment of the present invention will be explained with reference to the attached drawings as follows .
FIG . 2 is a diagram of a security infrastructure in a recording medium according to the present invention . First of all, storage resources such as PlayList, AV clips and the like and network resources are stored in a recording medium according to the present invention.
These resources need to be protected against an unauthorized entity such as a hacker and the like . For this , authentication, key generation & distribution, a certificate issued by a trusted certificate authority, encryption/decryption and the like are used.
The present invention relates to an authentication method in a recording medium using certificates signed by a trusted certificate authority (hereinafter abbreviated CA) and a recording medium storing the certificates .
Referring to FIG. 2, a trusted root CA 202 verifies and certifies authenticity of an AACS (advanced access content system) or CPS (content protection system) 201. The AACS or CPS 201 verifies to certify authenticities of CAs 204 , 205 and 206. In this case, the AACS or CPS 201 becomes the trusted CA 202 by itself to certify content providers 204 , 205 and 206 as well . The certification is carried out by certificates . A certificate is an electronic document attached to a public key by a trusted third party or CA (AACS or CPS ) , which provides proof that the public key belongs to a legitimate owner and has not been compromised. Certificates are issued by CAs (certificate authorities ) and are signed with the CA' s private key. Furthermore, the certificates are used in proving AACS, CPS or CPs' identities or rights . Certificates bind an identity to a pair of keys that can be used in encrypting and signing information . A certificate makes it possible to verify someone' s claim that he has the right to use a given key, thereby preventing people from using phony keys to impersonate other users .
Besides , a certificate may contain version, serial number, signature algorithm, issuer, valid from, valid to, subj ect, public key, CA' s signature and the like . Certificates can be stored in a recording medium to be provided to a user . Certificates can be supplied to the user 203 from a CP via a network outside the recording medium. FIG . 3 is a schematic diagram of a generation of a certificate according to the present invention .
Referring to FIG . 3 , a certificate 305 is generated by encrypting authentication information 301 for an authentication target and a CP' s public key 302 via a signature algorithm 303. In particular, a digest of the authentication information 301 and the CP' s public key 302 is calculated using a hash function . The digest is encrypted with a CA' s private key to generate a digital signature . The digital signature is then stored to generate the certificate 305. Besides , the encryption using the private key via the signature algorithm is called Λ sign' .
Digital signature functions for electronic documents like a handwritten signature does for printed documents . The signature is an unforgeable piece of data that asserts that a named entity wrote or otherwise agreed to the document to which the signature is attached. In other words, digital signatures enable "authentication" of digital messages , assuring user of both the identity of CP and the integrity of the messages . One who having a secret key can make a signature only and has to prove the person who signed is the person in question. And, the signed data cannot be changed. The signature algorithm 303 can employ various cryptographic algorithms such as RSA (Rive-Shamir-Adelman) , DSA (digital signature algorithm) and the like . Currently, the RSA is the most popular algorithm used as a public key cryptographic algorithm performing encryption using public and private keys . The RSA performs encryption with the private key. Yet, the RSA is safe in performing encryption with a public key as well . Hence, the RSA enables encryption with the private or public key. The DSA is similar to the RSA. Yet, unlike the RSA, the DSA is a cryptographic algorithm that does not need an original message . Besides, the authentication information may correspond to the digital signature of the CP . In this case, the CP' s private key can be used for the generation of the CP' s digital signature .
Moreover, the authentication information may correspond to a specific message that the trusted CA certifies authenticity of the CP or the CP' s public key.
A private key 304 of the trusted CA can be used for encryption of the authentication information and the CP' s public key 302. The trusted CA corresponds to a trusted third party, an AACC, a CPS or another CA. If necessary, the CP can become the trusted CA by itself . The generated certificate 305 is stored in a specific area of a recording medium to be used or can be used for a place that needs the certificate on a network. A user, e . g . , a BD terminal decrypts the digital signature included in the certificate 305 using the CA' s public key to obtain the authentication information and the CP' s public key. Besides , if there is no public key corresponding to the CA' s private key used for the encryptions of the authentication information and the CP' s public key, it is unable to decrypt the authentication information and the CP' s public key in the certificate . Namely, it is unable to authenticate the CP and the CP' s public key.
The BD terminal can authenticate the CP from the decrypted authentication information . The authentication of the CP using the authentication information can be executed in various ways . For instance, a digest is computed by applying the hash function to the authentication information and the CP' s public key, the digest is encrypted, and the encrypted digest is then transferred as well as the non-encrypted authentication information and CP' s public key . The encrypted digest is decrypted . The hash function is applied to the non- encrypted authentication information and CP' s public key to compute the digest . The decrypted digest is compared to the hash-function-applied digest . If the former is equal to the latter, the authentication is completed. Otherwise, the authentication is not completed.
Moreover, having been encrypted using the CP' s private key, the authentication information can be sent to a user together with the CP' s public key corresponding to the private key . In this case, the signature algorithm is applicable to the encryption that uses the CP' s private key . And, the digital signature generated from the signature algorithm becomes the CP' s digital signature . The digital signature is encrypted using a private key of the trusted CA certifying the authenticities of the CP' s identity and the CP' s public key to be provided to a user together with the CP' s public key. Besides , the authentication in the present invention means a confirmation of a CP' s authenticity or a confirmation of an authenticity of the public key generated from the CP or BD terminal . The CP is an entity providing data or a specific function to the BD terminal via a recording medium or network. The authentication can be used in checking integrity of the data provided by the CP and in checking authenticity of the CP or public key .
Namely, the certificate 305 according to the present invention is used in authenticating a user' s public key by using other (CA' s) public key. In other words , the certificate provides proof that the CP' s public key 302 belongs to a legitimate owner and has not been compromised. The CP and BD terminal generate their private/public key pairs and get certificates through the trusted CA. Besides , the CP' s public key 302 can be used for the purpose of encryption and the like executed after the authentication as well as for the purpose of the above-explained authentication .
In providing content to a user, the CP can sign the content and can enclose a certificate to certify a user that the content is actually sent by the CP . FIG . 4 is a diagram of a certificate chain used in an authentication method according to the present invention . First of all, multiple certificates can be enclosed with content, forming a hierarchical chain, wherein one certificate testifies to the authenticity of a previous certificate . At the end of a certificate hierarchy is a root CA that is trusted without a certificate form any other CA. Certificates are stored in a key database that is placed in a recording medium or BD terminal . Referring to FIG . 4 , a trusted root CA can perform a certification 402 of the authenticity of an AACS, a certification 403 of the authenticity of a CPS or a certification 404 of the authenticity of another CA. As a proof for this , the trusted root CA issues each certificate . The AACS, CPS or another CA can independently certify the authenticities of infrastructures such as a BD terminal , a CP and the like ( 402-1, 402-2 , 402-3 ) . Such a structure is called a certificate chain .
Besides , the certification may include a certification for private/public key pairs generated from the BD terminal and/or CPs .
There exists no higher CA that can certify the trusted CA in the certificate chain . In this case, the trusted root CA certifies itself ( 401 ) to issue a certificate that corresponds to a root certificate 401. Each of the CAs composes a certificate revocation list (CRL) . In authenticating the CP or the CP' s public key by receiving a downloaded certificate revocation list, a CP or user checks whether a certificate to be used for authentication is revoked. If the certificate to be used for the authentication is revoked, the authentication is not completed.
The certificate generated through the certificate chain is stored as a file format in a specific area of a recording medium. The certificate can be used for authentication or can be downloaded to a player from an outside of the recording medium. And, the certificate can be used for authentication of the BD terminal or CP on a network.
FIG . 5 is a diagram of a file structure of a recording medium according to the present invention, in which certificates generated from the process in FIG . 3 are stored in the recording medium. Referring to FIG . 5 , in a recording medium according to the present invention, at least one BDMV directory 502 and a directory storing a certificate, e . g. , a CERTIFICATE directory 507 exist below one root directory 501. The BDMV directory 502 includes an index file ("index . bdmv") 503 as general (upper) file information to secure interactivity with a user, a movie obj ect file ("MovieObj ect . bdmv" ) 504 , a PLAYLIST directory 505 having information of data substantially recorded within a disc and information reproducing the recorded data, a CLIPINF directory 506 and the like .
Besides, at least one or more certificates can exist within a recording medium. And, a position and directory name of the CERTIFICATE directory 507 are exemplarily shown in the drawing . Regardless of the name and position, a file or directory, in which data used for authentication of data associated with a recording medium according to the present invention is stored, are included in the present invention . The certificate can exist within the CERTIFICATE directory 507 a various way . And, each data is authenticated using the corresponding certificate . For instance, files including "contentOOO . crt" as a certificate used for authentication of data recorded within a recording medium, "app . discroot . crt" as a trusted root certificate used for authentication of application, "bu . discroot . crt" as a certificate used in verifying a signature located at "Binding Unit Signature file", and the like can exist within the CERTIFICATE directory.
FIG. 6 is a flowchart of an authentication method using a certificate within a recording medium according to the present invention .
Referring to FIG. 6, to use in verifying authenticity of a CP or CP' s public key, the CP generates a certificate by encrypting authentication information of an authentication target and the CP' s public key with CA' s private key ( 601) . The generated certificate is then recorded in a recording medium ( 602 ) . A user, e . g . , a BD terminal decrypts the encrypted authentication information and CP' s public key within the certificate with CA' s public key ( 603 ) . The CP is then authenticated by the authentication information obtained as a result of the decryption . And, it can be confirmed that the CP' s public key belongs to a legitimate owner by the decrypted CP' s public key. Namely, by the decrypted authentication information and CP' s public key, the CP and the CP' s public key are authenticated.
In this case, as mentioned in the foregoing description, the CA corresponds to a trusted certificate authority of a third party, an AACS or a CPS . In encrypting the data with the CA' s private key ( 601) , such a signature algorithm as RSA, DSA and the like can be used. According to the explained flowchart shown in FIG . 6, a user, e . g . , a BD terminal can authenticate the CP to confirm that a provided content is not illegally copied but is provided from an authentic CP . Moreover, it can be confirmed that the CP' s public key belongs to a legitimate owner .
As mentioned in the foregoing description, the above- generated certificate may be stored in a recording medium to be usable or may be provided to a user from a CP via a network . FIG . 7 is a diagram of an authentication method in a network according to the present invention, in which a CP is authenticated on a network for example .
Referring to FIG . 7 , as mentioned in the foregoing description, a trusted root CA 702 authenticates an AACS or CPS 701. The AACS or CPS 701 can issue certificates certifying CPs 704 and 705, respectively.
A disguised site 706 can disguise its public key as that of the CP 704 or 705 from a BD terminal 703 on a network. In this case, if there is no certificate of the trusted root CA 702 , the BD terminal 703 trusts and uses a public key of the disguised site 706 as an authentic public key of the CP 704 or 705 and may provide important information to the disguised site 706. To prevent the danger on a network, needed is a certificate that the trusted CA 701 or 702 certifies the authenticity of the CP 704 or 705. Since the certificate may include a public key of the CP 704 or 705 certified by the trusted CA 701 or 702 , the BD terminal 703 can sagely use the public key of the CP 704 or 705. Moreover, FIG . 7 shows a process of downloading the certificate of the CPl 704 to the BD terminal 703 via the network using an SSL ( secure socket layer) or TLS (transport layer security) . In this case, the disguised site 706 can act as the CPl 704. Yet, since the CPl 704 has to provide the BD terminal 703 with the certificate from the trusted root CA 702 or the AACS or CPS 701, a user can be protected against the disguised site 706. Furthermore, the authentic CPs can be protected in a manner that the disguised site is made not to disguise itself as the authentic CP . Besides , the CP can be a specific server . And, the BD terminal is explained as an example of a device for recording or playing a high-density optical recording medium. Hence, the present invention is applicable to the device for recording or playing the high-density optical recording medium as a client communicating with the server .
FIG . 8 is a diagram of an authentication method in a network according to the present invention .
Referring to FIG . 8 , a certificate is generated by encrypting authentication information of a CP as an authentication target and the CP' s public key with a trusted CA' s private key to authenticate the CP on a network (801 ) . The certificate encrypted by the CA' s private key is called a certificate signed by the CA. If a user, e . g . , BD terminal requests a certificate of the CP via the network ( 802 ) , the CP transfers the certificate via the network ( 803 ) . The transferred certificate is decrypted with the CA' s public key by the BD terminal ( 804 ) . By the decrypted authentication information and CP' s public key, the CP and the CP' s public key are authenticated ( 805 ) . Besides , the authentication information may correspond to the content of certifying authenticity of the CP by itself . In some cases , the authentication information may correspond to information necessary for the authentication of the CP . For instance, the authentication information may become a digital signature generated via signature algorithm performed on specific data about the CP using the CP' s private key. The CP' s public key that is encrypted to be transferred together may be a public key corresponding to the CP' s private key. Hence, the certificate of the present invention certifies the authenticity of the CP that provides specific data or function and provides a proof that the CP' s public key belongs to the CP .
A recording medium, which is provided with a networking function, can provide additional data to a user from a VP via a network. In this case, the authentication method according to the present invention enables the additional data to be trusted as provided from an authentic CP .
Besides , a process that a user requests a certificate of a CP (802 ) and a process that the CP delivers the certificate via a network (803) can be achieved through an SSL (secure sockets layer) or TLS (transport layer security) handshake process . Generally, the SSL supports a hash function such MD- 5 and SHA-I to generate a message authentication code to check integrity of authentication information . FIG . 9 is a flowchart of an SSL handshake according to one embodiment of the present invention .
The SSL, which is a data transport protocol, enables authentication and confirmation of integrity of a message . And, the SSL enables a secret key exchange function between an Internet browser and an Internet server . Though this , security of a network for a playback system is secured. In the SSL, a parameter of an encryption message should be compromised. For this , a player, e . g . , a BD terminal delivers a client_hello message to a CP (903) . The client_hello message includes SSL version, random data, session ID, supported cipher suites and the like .
The CP 902 transfers a server_hello message, a certificate of CP and key exchange information of CP to the BD terminal 902 ( 904 ) . The server_hello message includes SSL version, random data, session ID, supported cipher suites and the like . Through this, the BD terminal 901 and the CP 902 compromise the cipher suite to use with each other . Besides , the client_hello and server_hello messages are not limited to the formats explained in the embodiment of the present invention shown in FIG. 9.
Since a public key of the CP 902 certified by the trusted CA is included in the certificate, the BD terminal 901 can use the public key of the CP certified by the trusted CA. The BD terminal 901 transfer the key exchange information including the random data encrypted using the CP' s public key and the compromised suites to the CP 902 ( 905 ) . The encryption using the public key employs the RSA scheme for example . The BD terminal 901 and the CA 902 share a secret key such a session key using the random data . The CP 902 sends the compromised cipher suites back to the BD terminal 901 ( 906) . Through this , as the BD terminal 901 and the CP 902 share the same secret key, a secure channel is established ( 907 ) . Besides , the cipher suite is a set of cryptographic algorithms . Algorithms from a cipher suite are used in creating keys and in encrypting information . A cipher suite specifies one algorithm for each of the key exchange, the bulk encryption and the message authentication . Key exchange algorithms protect information required for creating shared keys . Bulk algorithms encrypt messages exchanged between clients and servers . And, message authentication algorithms generate message hashes and signatures that ensure the integrity of a message .
In the steps 903-906, the data is encrypted and decrypted using the public and private keys , which is called λasymmetric encryption' . In the step 907 , in which the BD terminal 901 and the CP 902 share the same secret key, the same key is shared to perform encryption and decryption with the same key, which is called Λsymmetric encryption' . Thus , the BD terminal 901 and the CP 902 can safely exchange information mutually using the shared encryption key without interruptive intrusions of hackers .
FIG . 10 is a diagram for an encryption method using a secret key according to the present invention. As mentioned in the foregoing description of FIG . 9, a public key of a CP certified by a trusted CA is delivered to a user, e . g . , a BD terminal . The BD terminal forwards random data to the CP using the delivered CP' s public key to share such a secret key as a session key with the CP . Besides , the session key is an encryption key used during one communication session only between parties communicating with each other . In case that there are too many ciphertexts , it is highly probable that a key can be computed by analyzing the ciphertexts . The session key is a temporary key used for this prevention . And, a session is a logical connection for conversations between a BD terminal and a CP on a network. The public key can be delivered in two ways . Firstly, the public key of the CP is delivered to the BD terminal . Secondly, the public key of the BD terminal is delivered to the CP in the same manner .
FIG . 10 shows an example of the latter case , in which encryption and decryption methods using a delivered public key 1007 of a BD terminal and a secret key such as a session key 1004 are shown .
First of all , a CP generates an encrypted file 1005 by encrypting content data (plaintext) through cryptographic algorithm using a session key 1004. The cryptographic algorithm includes AES (advanced encryption standard) , DES (data encryption standard) , Triple DES or the like . As the secret key is used in the present invention, it corresponds to a symmetric encryption .
An encrypted session key 1008 is generated by encrypting the session key 1004 with a public key 1007 of the BD terminal . In this case, RSA may be used as cryptographic algorithm. As the public key is used, it corresponds to an asymmetric encryption .
The encrypted file 1005 and the encrypted session key 1008 are transferred to the BD terminal . The BD terminal decrypts the received encrypted session key 1008 with a private key 1009 of the BD terminal to restore to the original session key 1004.
Cryptographic algorithm 1010 used for the decryption adopts the RSA algorithm to correspond to the cryptographic algorithm 1006 used for the encryption . The encrypted file 1005 is decrypted using the restored session key 1004 ( 1011 ) . The cryptographic algorithm 1011 used for the decryption adopts the AES or DES to correspond to the cryptographic algorithm 1003 used for the encryption . As a result of the decryption ( 1011 ) , content data 1002 transferred from the CP is recovered.
The CP can share the same secret key 1004 with the BD terminal using the above-explained methods . And, the CP can deliver the content to the BD terminal using the secret key 1004.
After the CP has transferred the CP' s public key to the BD terminal, if the BD terminal attempts to transfer the content, which is encrypted with the secret key such as a session key, and the session key, which is encrypted using the CP' s public key, to the CP, positions of the CP and the BD terminals are switched to each other and the public key 1007 of the BD terminal is replaced by the public key of the CP . FIG. 11 is a flowchart of an encryption and decryption method using a secret key and a public key according to the present invention . To encrypt content and a secret key to transfer, a BD terminal transfers a certificate to a CP ( 1101) . Preferably, the certificate includes a public key of the BD terminal at least .
The content is encrypted with such a secret key as a session key. And, the session key is encrypted with the delivered public key of the BD terminal (1102 ) . An encrypted file generated from encryption of the content and the encrypted session key are transferred to the BD terminal (1103) . The BD terminal restores the session key by decrypting the received encrypted session key with a private key of the BD terminal ( 1104 ) . The BD terminal decrypts the received encrypted file using the restored session key ( 1105 ) . Through this , the BD terminal can obtain the content which the CP attempts to deliver to a user ( 1106) . Accordingly, by the authentication method, recording medium, encryption method, decryption method and cryptographic system of the present invention, security can be provided to the high-density optical recording medium, the reproduction system associated with the high-density optical recording medium, and the network.
Hence, the present invention protects the content provider and the playback system that reproduces the recording medium. And, by establishing the secure channel between the playback system of the recording medium and the content provider through the network to secure the safe data exchange, the present invention provides more convenient functions to the users and the content providers .
Industrial Applicability It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or scope of the inventions . Thus , it is intended that the present invention covers the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents .

Claims

[CLAIMS]
1. An authentication method comprising the steps of : decrypting authentication information and a content provider' s public key stored in a certificate signed by a certificate authority with a public key of the certificate authority to authenticate the content provider using the decrypted authentication information; and authenticating the content provider' s public key by checking the decrypted public key of the content provider .
2. The authentication method of claim 1, further comprising the step of checking whether the certificate is valid before performing authentication .
3. The authentication method of claim 1 , wherein the authentication information and the content provider' s public key are encrypted using a private key of the certificate authority .
4. The authentication method of claim 1, wherein the certificate is one of a plurality of certificates in a certificate chain .
5. The authentication method of claim 1, wherein the certificate is stored as a file in a recording medium.
6. The authentication method of claim 5 , wherein the file exists in a directory storing certificates only within the recording medium.
7. The authentication method of claim 1 , wherein the certificate is a certificate downloaded from an outside of a recording medium.
8. The authentication method of claim 1 , wherein the certificate follows X .509 of a public key infrastructure (PKI) .
9. The authentication method of claim 1 , wherein the certificate . is a certificate used in authenticating data stored within a recording medium.
10. The authentication method of claim 1 , wherein the certificate is a root certificate used in authenticating an application within a recording medium and/or a local storage .
11. The authentication method of claim 1 , wherein the certificate is a root certificate used in verifying a signature located at a signature file of a binding unit associated with a recording medium within a local storage .
12. A recording medium comprising: a data area storing content data; and an authentication management area storing authentication information, wherein a certificate generated from encrypting authentication information and a content provider' s public key is stored in the authentication management area .
13. The recording medium of claim 12 , wherein a private key of a certificate authority is used in encrypting the authentication information and the public key.
14. The recording medium of claim 13 , wherein the certificate is one of a plurality of certificates in a certificate chain .
15. The recording medium of claim 12, wherein the certificate exists in a directory storing the certificates only within a file structure within the recording medium.
16. The . recording medium of claim 12 , wherein the certificate is a certificate used for authentication of data within the recording medium.
17. The recording medium of claim 12 , wherein the certificate is a root certificate used for authentication of an application within the recording medium.
18. The recording medium of claim 12 , wherein the certificate is a root certificate used in verifying a signature located at a signature file of a binding unit associated with the recording .
19. The recording medium of claim 12 , wherein the certificate follows X .509 of a public key infrastructure
( PKI) .
20. An encryption method comprising the steps of : encrypting content data with a secret key; encrypting the secret key with a public key; and transferring the encrypted content data and the encrypted secret key .
21. The encryption method of claim 20 , wherein the public key belongs to an optical terminal .
22. The encryption method of claim 20 , wherein the public key belongs to a content provider .
23. The encryption method of claim 20 , wherein the content data is encrypted by AES algorithm.
24. The encryption method of claim 20 , wherein the content data is encrypted by DES algorithm.
25. The encryption method of claim 20 , wherein the secret key is encrypted by RSA cryptographic algorithm.
26. The encryption method of claim 20 , wherein the public key is distributed by a handshake process between a content provider and an optical player .
27. The encryption method of claim 20 , wherein the secret key comprises a session key.
28. The encryption method of claim 27 , wherein the session key is generated by using random data .
29. A decryption method comprising the steps of : receiving an encrypted secret key and encrypted content data; decrypting the encrypted secret key; and decrypting the encrypted content data using the decrypted secret key.
30. The decryption method of claim 29, wherein the encrypted secret key is decrypted using a private key of an optical player .
31. The decryption method of claim 29, wherein the encrypted secret key is decrypted using a private key of a content provider .
32. The decryption method of claim 29, wherein the encrypted secret key is decrypted by RSA cryptographic algorithm.
33. The decryption method of claim 29, wherein the encrypted content data is decrypted by AES algorithm.
34. The decryption method of claim 29, wherein the encrypted content data is decrypted by DES algorithm.
35. The decryption method of claim 29, wherein the secret key comprises a session key.
36. The decryption method of claim 35 , wherein the session key is generated through random data .
37. A cryptographic system comprising : an encryption system encrypting content data with a secret key, the encryption system encrypting the secret key with a public key, the encryption system transferring the encrypted content data and the encrypted secret key; and a decryption system receiving the encrypted secret key and the encrypted content data, the decryption system decrypting the encrypted secret key, the decryption system decrypting the encrypted content data using the decrypted secret key.
PCT/KR2006/000001 2005-01-07 2006-01-02 Authentication method, encryption method, decryption method, cryptographic system and recording medium WO2006073250A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP06700326A EP1836794A2 (en) 2005-01-07 2006-01-02 Authentication method, encryption method, decryption method, cryptographic system and recording medium
JP2007550283A JP2008527833A (en) 2005-01-07 2006-01-02 Authentication method, encryption method, decryption method, encryption system, and recording medium

Applications Claiming Priority (6)

Application Number Priority Date Filing Date Title
US64177905P 2005-01-07 2005-01-07
US60/641,779 2005-01-07
KR10-2005-0113647 2005-11-25
KR10-2005-0113648 2005-11-25
KR1020050113647A KR20060081336A (en) 2005-01-07 2005-11-25 Digital certificates in a recoding medium
KR1020050113648A KR20060081337A (en) 2005-01-07 2005-11-25 Encryption and decryption method using a secret key

Publications (2)

Publication Number Publication Date
WO2006073250A2 true WO2006073250A2 (en) 2006-07-13
WO2006073250A3 WO2006073250A3 (en) 2006-11-02

Family

ID=36647878

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2006/000001 WO2006073250A2 (en) 2005-01-07 2006-01-02 Authentication method, encryption method, decryption method, cryptographic system and recording medium

Country Status (2)

Country Link
EP (1) EP1836794A2 (en)
WO (1) WO2006073250A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008058123A2 (en) * 2006-11-07 2008-05-15 Singlepoint, Inc. System and method to validate and authenticate digital data
US10084797B2 (en) 2016-10-03 2018-09-25 Extreme Networks, Inc. Enhanced access security gateway
WO2022133026A1 (en) * 2020-12-18 2022-06-23 Visa International Service Association Method and system for authentication credential

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030016819A1 (en) * 2001-07-20 2003-01-23 Lebin Cheng Secure socket layer (SSL) load generation with handshake replay

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030016819A1 (en) * 2001-07-20 2003-01-23 Lebin Cheng Secure socket layer (SSL) load generation with handshake replay

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
MENEZES A.J., VAN OORSCHOT P.C., VANSTONE S.A.: 'Handbook of Applied Cryptography', October 1996, CRC PRESS, ISBN 0-8493-8523-7 page 816, XP008120568 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008058123A2 (en) * 2006-11-07 2008-05-15 Singlepoint, Inc. System and method to validate and authenticate digital data
WO2008058123A3 (en) * 2006-11-07 2008-08-14 Singlepoint Inc System and method to validate and authenticate digital data
GB2460770A (en) * 2006-11-07 2009-12-16 Singlepoint Inc System and method to validate and authenticate digital data
GB2460770B (en) * 2006-11-07 2011-07-06 Singlepoint Inc System and method to validate and authenticate digital data
US10084797B2 (en) 2016-10-03 2018-09-25 Extreme Networks, Inc. Enhanced access security gateway
WO2022133026A1 (en) * 2020-12-18 2022-06-23 Visa International Service Association Method and system for authentication credential
US11870919B2 (en) 2020-12-18 2024-01-09 Visa International Service Association Method and system for authentication credential

Also Published As

Publication number Publication date
EP1836794A2 (en) 2007-09-26
WO2006073250A3 (en) 2006-11-02

Similar Documents

Publication Publication Date Title
US20060155991A1 (en) Authentication method, encryption method, decryption method, cryptographic system and recording medium
CN101431415B (en) Bidirectional authentication method
US7542568B2 (en) Encryption device a decrypting device a secret key generation device a copyright protection system and a cipher communication device
US7596692B2 (en) Cryptographic audit
KR101366243B1 (en) Method for transmitting data through authenticating and apparatus therefor
US20060161772A1 (en) Secure authenticated channel
US20040187001A1 (en) Device arranged for exchanging data, and method of authenticating
US20050086504A1 (en) Method of authenticating device using certificate, and digital content processing device for performing device authentication using the same
JPH11119650A (en) Method for long-term verification of digital signature and device therefor
KR101452708B1 (en) CE device management server, method for issuing DRM key using CE device management server, and computer readable medium
US20060075234A1 (en) Method of authenticating device using broadcast cryptography
JPH09505711A (en) Computer network encryption key distribution system
US20080235810A1 (en) Method of Authorizing Access to Content
KR20040108774A (en) Authentication communication system, authentication communication apparatus, and authentication communication method
CN110958209A (en) Bidirectional authentication method, system and terminal based on shared secret key
JP2003529253A (en) Method and apparatus for approving and revoking credentials in a multi-level content distribution system
CN101296083A (en) Enciphered data transmission method and system
CN102546660A (en) Digital rights protection method supporting dynamic licensing authorization
CN112383391A (en) Data security protection method based on data attribute authorization, storage medium and terminal
JP2005503717A (en) USB authentication interface
CN113868684A (en) Signature method, device, server, medium and signature system
US10521564B2 (en) Operating a device for forwarding protected content to a client unit
WO2006073250A2 (en) Authentication method, encryption method, decryption method, cryptographic system and recording medium
Inamura et al. IMPLEMENTATION AND EVALUATION OF NEW ILLEGAL COPY PROTECTION
MXPA06008255A (en) Method of authorizing access to content

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2374/KOLNP/2007

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2006700326

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007550283

Country of ref document: JP

Ref document number: 200680001994.2

Country of ref document: CN

NENP Non-entry into the national phase in:

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 2006700326

Country of ref document: EP