CN1292185A - Method and apparatus for conveying private message to selected members - Google Patents

Method and apparatus for conveying private message to selected members Download PDF

Info

Publication number
CN1292185A
CN1292185A CN99803467A CN99803467A CN1292185A CN 1292185 A CN1292185 A CN 1292185A CN 99803467 A CN99803467 A CN 99803467A CN 99803467 A CN99803467 A CN 99803467A CN 1292185 A CN1292185 A CN 1292185A
Authority
CN
China
Prior art keywords
message
private
equipment
message part
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN99803467A
Other languages
Chinese (zh)
Inventor
特伦斯·E·萨姆纳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TERENCE E SUMNER
Original Assignee
TERENCE E SUMNER
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TERENCE E SUMNER filed Critical TERENCE E SUMNER
Publication of CN1292185A publication Critical patent/CN1292185A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26606Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing entitlement messages, e.g. Entitlement Control Message [ECM] or Entitlement Management Message [EMM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/167Systems rendering the television signal unintelligible and subsequently intelligible
    • H04N7/1675Providing digital key or authorisation information for generation or regeneration of the scrambling sequence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Structure Of Telephone Exchanges (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

An encrypted broadcast messaging system(102, 103)determines the management crypto-keys held by each selected subscriber(101)device and not held by each excluded subscriber device of a group. The private message is decomposed into message-parts, one message-part per an excluded subscriber device, each message-part intended to be encrypted using each management crypto-key held by the selected subscriber devices(101)and not held by the excluded subscriber device. Each message-part is encrypted using the management crypto-keys, and delivered to at least the selected subscriber devices, identifying the message-parts delivered and the message-parts necessary to re-compose the private message. Each received encrypted message-parts necessary to re-compose the private message. Each received encrypted message-part is decrypted using the intended management crypto-key, and the necessary message-parts are chosen from which the private message is re-composed by combining in the selected subscriber device(101).

Description

Be used for method and apparatus to the selected members conveying private message
Technical field
The broadcast system that present invention relates in general to encrypt particularly is used in the encrypted broadcast messages system to group selected members conveying private message, as the method and apparatus of session key; But the present invention also is used in encrypting and transmitting digital content on the dangerous channel, as audio frequency, video, multimedia and software object.
Background technology
The message of encrypting can be passed on by the broadcast encryption technology of knowing by modern encryption broadcast system to a plurality of subscriber equipmenies (SD).Broadcast enciphering message typically has been used in transmits the video of encrypting, the audio frequency and the ciphered data aspect of encryption.More popular way is that this system serves as the basis operation to sign (subscription).This system also can will include the message of passing on session key and pass to one group of subscriber equipment by the group message technology of knowing.Usually, the payment mode of the duration of session key for signing.Group message has proved the effectively instrument that conveys a message to a plurality of very big group users by single broadcast transmitted.A commercial examples of applications is a satellite transmission charge program, as video and audio product.
The limitation of the encrypted broadcast messages system of prior art is, utilize current session key only not transmit with privacy ground effectively and include for example private message of session key, the general key of signing payment mode as the next one of independent sessions key to selected sub-group membership in the group.That is to say that all can utilize the subscriber equipment of reception of current sessions key and deciphering institute encrypted set message can both decipher only plan and issue independent sessions key selected group membership, subsequent transmission.For excluded member in preventing to organize receives and deciphers the independent sessions key that this plan sends to other member in the group, subscriber equipment has addressability being only limited in the subscriber equipment of addressing by the capture ability of information in the message that comprises the independent sessions key.Continue commercial example, excluded member will represent the expired user of account number.Such operation is working fine concerning many systems, but can not stop the subscriber equipment that employing distorted preferably or cross addressability and the equipment of constructing carries out undelegatedly receiving privately.As a kind of selectable method, added another unique personal key in some subscriber equipmenies, allow the individual to send any message of unique encryption, comprise the independent sessions key, give each subscriber equipment of a plurality of selected user equipment in the group.This method has changed fully for some less groups and its member and receives the group of authorizing and move better, but under each the situation in the session key being sent to many people in the big group, caused very big traffic carrying capacity, and efficient is very low.
Therefore, need a kind of method and apparatus private message is only conveyed to selected Member Users's equipment in the group.Best, this method and apparatus will keep the efficient characteristics of group broadcast enciphering message technology in the prior art, get rid of member and other undelegated recipient of not choosing group simultaneously admirably.
Explanation of the present invention
One aspect of the present invention is a kind of method that is used for private message is conveyed to one group of subscriber equipment selected user equipment in the encrypted broadcast messages system, and all subscriber equipmenies have at least the first and second managing keys in this group.Certainly, each user can have the key more than two, still, needs two keys just can reach the minimum yield that the invention provides efficient.The method comprising the steps of: determine the set (union) of the managing keys held by selected subscriber equipment, and each subscriber equipment had at least a key from union, and not selected reception private message, but also do not hold remaining key in the complementary set.The unique set of managing keys is assigned with and is programmed in advance in the subscriber equipment of group, so that each subscriber equipment in any two subscriber equipmenies of group has a managing keys at least from the managing keys of distributing to group, and do not had by other subscriber equipmenies, it is unique that other key of each managing keys and all is compared.The programming in advance of managing keys wishes to stop possible eavesdropping, and reduces the traffic on the communication channel, and reduces the lead time before transmitting private message, but might not require to programme in advance.This method also comprises step: described private message is decomposed into a plurality of message parts, has at least a message part not selected for each subscriber equipment in the group, just, be left out.This message part is relevant with the subscriber equipment that is left out, and managing keys is held by this excluded subscriber equipment.Each message part will use the managing keys that selected subscriber equipment is held and relevant excluded subscriber equipment does not have to encrypt.This method also comprises the step of encrypting a plurality of message parts: encrypt a plurality of message parts by the copy of encrypting each message, each message part uses the managing keys of at least one hope to encrypt.This method also comprises step: transmit essential encrypting messages part to selected subscriber equipment in organizing at least, institute's message transmitted partly and by the user is formed the necessary message part of private message, by being identified in transmission or being determined in reception.This method also comprises step: use the managing keys of a hope to decipher message part at least one encryption, that received by selected user equipment.This method also comprises step: the message part of enough being deciphered by the selected user choice of equipment is so that constitute private message from message part of necessity of being discerned and the message part that is received, and by being combined to form private message.
Another aspect of the present invention is a kind of subscriber equipment in the broadcast system of encrypting, and is used for obtaining to pass to the private message of group selected members subscriber equipment.Subscriber equipment comprises receiving interface, is used to receive the message part of use and management secret key encryption.Subscriber equipment also comprises treatment system, is connected to the receiving interface of handling these message parts.Treatment system comprises the managing keys decrypt part of use wishing, selects at least one enough message part reformulating this private message from the message part of at least one deciphering, and forms private message by the selected message part of combination.
Another aspect of the present invention is a kind of group manager (GM), is used for only giving group selected members subscriber equipment to transmit private message.Group manager comprises a source interface that is used to receive subscriber authorisation.Mandate is used for discerning the subscriber equipment of selected reception private message, and private message is provided by the source.Group manager also comprises the treatment system that is connected to source interface, is used for authorisation process is become cipher key sets, and private message is resolved into message part, and according to cipher key sets encrypting messages part.The message that treatment system also can be utilized subscriber equipment in message part and the cipher key sets formation group, identification message transmitted part and the necessary message part of formation private message.Treatment system comprises conventional computer system and memory, and memory is the mass storage of big system.Computer system is preferably utilized the one group of database that is kept in the big capacity medium memory to carry out and is handled operation, and the association in big capacity medium memory record managing keys and the group between each subscriber equipment is from the set of this group database identification managing keys.The union of the managing keys of these cipher key sets, all selected user equipment all utilizes the encipheror that is kept in the big capacity medium memory to finish encryption with complementary set of managing keys (each excluded subscriber equipment has a complementary set) and relevant key.Complementary set is the subclass of the disjoint union of set of the managing keys held with excluded subscriber equipment.Group manager also comprises the distribution interface that is connected to treatment system, is used for the message of message part is passed to the allocate communications network.
Another aspect of the present invention is a kind of method in the encrypted broadcast messages system, is used for to the selected subscriber equipment conveying private message of group of user equipments, and wherein, this method also comprises in advance combination step and step is provided.Encrypting step comprises that also the message part that will decompose is combined into first total message part in advance, and before encrypting, each key in a plurality of managing keys that selected members is held all has first total message part.Encrypting step also is included in before the encryption, can not be separately provides second total message part from the selected members subscriber equipment of first total message part formation private message at least those.By making up the message part that is decomposed in advance with enough combinations, form second total message part, form private message to allow all selected user equipment by total message part that combined reception arrives.The set of second total message part may be empty.
In the present invention in group manager, another aspect that is used for to group selected members subscriber equipment transmission private message is the message part additional treatments, be combined as first total message part in advance with the message part that will be decomposed, before encrypting, and each managing keys of concentrating all has first total message part.Additional treatments also is included in before the encryption, can not be separately provides second total message part from selected Member Users's equipment of first total message part formation private message for those.Form second total message part by make up the message part that decomposed in advance with enough combinations, allowing all selected user equipment, by combined reception to total message part be combined into private message.
In a preferred embodiment of the invention, managing keys is to be transferred to message mandate and user hope in the secure broadcast transmission.But the present invention can be used in the safe transmission digital content, includes but are not limited to audio product, video product, media product and software object, as data and program.In order to implement such an embodiment, digital content need be segmented into a plurality of subdivisions, utilize each subdivision of different secret key encryption then.
In other optional embodiment, the safety means that the present invention can utilize the safety means except that private key or be used in combination with private key.For example, can utilize alternative safety means.Such safety means comprise safety means, hash function, sequence number, clock value, initial value, stochastic variable, the initialization vector of security protocol, security algorithm, mathematical function, processing method, software security equipment, security hardware, any software and hardware combination and any safety value of being determined by round-robin method.In such embodiments, the object of the present invention is to provide a kind of method, promptly on unsafe channel, will be broadcast to included informant, and do not give excluded informant's broadcast from the broadcast of message source.This method is made up of a plurality of method steps.The set of private safety means at first, is provided.This set may comprise the safety means of one or more above-mentioned identifications.Secondly, the subclass of safety means is provided for each informant.For example, can give an informant provide a specific public-key cryptography-private key to and a specific mathematical function, and provide a hash function and a shared key to another informant.All these needs, because compare with all other informants, each informant has the unique subclass that comes from the safety means in the available safety means set.Then, identify informant and the excluded informant who is included.In fact, excluded informant may be the out-of-date user of account, or is not the user of the chargeable service paying of particular type.Then, by selecting some private safety means in conjunction with following factor from the set of available private safety means: (1) analyzes the distribution of safety means in informant who is included and excluded informant, and may the decomposing of (2) message.Then, utilize more regioselective private safety means to come the specific part of encrypting messages.Again, the message of encrypted form is in the insecure communication Channel Transmission.So allow the informant who is included to utilize some their private safety means that occupy, specific to come decrypt.Those excluded informants can not decrypt, because their neither one or a plurality of needed being used for are decoded or deciphered the safety means of one or more subset of messages.
As described belowly realize above-mentioned and additional target.
Above-mentioned and additional target, feature and advantage will become more obvious in the following description.
Brief description of drawings
Characteristics of the present invention are its novel characteristics, and this proposes in the appended claims.But, when reading in conjunction with the accompanying drawings, and, can understand the present invention itself and the preferential pattern of using best by with reference to DETAILED DESCRIPTION OF THE PREFERRED, further aim of the present invention and advantage in addition, here:
Fig. 1 is the electrical block diagram of foundation encrypted broadcast messages of the present invention system.
Fig. 2 is the electrical block diagram according to subscriber equipment of the present invention.
Fig. 3 is the electrical block diagram according to group manager of the present invention.
Fig. 4 is the system flow chart according to the group broadcast system of encryption selection of the present invention.
Fig. 5 is the function diagram according to message part deciphering of the present invention and reformulation private message.
Fig. 6 is according to the present invention's allocation manager key of demonstrating in group membership's subscriber equipment.
Fig. 7 is the message structure figure according to the message part datagram of the present invention's demonstration.
Fig. 8 resolves into the function diagram of message part and encryption according to private message of the present invention.
Fig. 9 is in conjunction with the demonstration details drawing that makes up and provide function in advance according to the present invention.
Figure 10 allocation manager key of in bigger group membership's subscriber equipment, demonstrating.
Figure 11 is in conjunction with making up and provide function in advance, the system flow chart of the group broadcast system that encryption is selected according to the present invention.
Figure 12 is in other embodiment of the present invention, uses in private code key occasion, or in conjunction with the pattern description of a plurality of selectable safety means of private code key.
Table 1 is a sum of representing to use the user that the private key of specific quantity can serve with the form of form.
Implement best mode of the present invention
With reference to figure 1, the electrical block diagram of foundation encrypted broadcast messages of the present invention system comprises source 103, this source provides private message and selected user tabulation for group manager 102, and group manager 102 only is transferred to the selected Member Users's equipment 101 of group by the communication network 104 that is used for distributing safely with private message.Allocation of communications network 104 preferably has the broadband cable of starting and ending transfer station; Also can be to have to the up link of direct broadcasting receiver and the artificial satellite of down link; Or be transmitted to the terrestrial wireless base station of person paging machine; Or be connected to by modulator-demodulator and T-1 main frame the internet class storage and transmit data system; Or the physical distribution media under the situation of time and cost permission.Preferably, subscriber equipment 101 is similar to the conventional cable TV top decoder housing of additional payment channel.The tabulation of mandate is preferentially listed in the source 103 that is used for the selected user list of devices from the charging system of wired system company operation, as the interface of data channel to cable.Private message preferentially is used for the distributing key that next paid period group is signed program, as the additional payment channel.Group manager 102 is preferably similar to the controller of the machine top decoder housing that is used for the additional payment channel.Similarly, the WEB browser of DBS receiver, dot matrix LCD beep-pager, PC operation, or the information flow of acceptance " being pressed into " all can be used as subscriber equipment.The information integration of control channel and signing is connected to avoid separating, and it is economical doing like this, but dispensable.With the session key of individual's transmission and the signing information integration of encryption, allow session key physically to remain on and encrypt and sign the identical decoder housing inside of information decoding, also provide the big shield rod better safety method.
With reference to figure 2, the treatment system 204 in subscriber equipment 101 preferably includes microcomputer processor 205, has the 68HC11 series processors of stored program function in the internal storage as Motorola.Can use external memory storage, but be more vulnerable to distorting of secure context.The input of treatment system 204 is receiving interface 201 and clock 202.Receiving interface 201 preferably is connected to the immediate data broadcast channel, as in DSS, though be connected to data decoder, wants that the line 21 of ntsc video signal reads control data from the control channel.Store and repeater system in, this receiving interface 201 can be simple TCP-IP stack-port, application layer messages, or some other discernible data flow.Treatment system 204 is connected to the output interface 203 of subscriber equipment.Output interface 203 can transmit private message, but when the time spent, passes to user's display screen, or preferably private message is passed to the application program that operates in the treatment system 204.For reasons of safety, wish encryption equipment not to be separated physically with key, to stop the attempt of stealing key.Memory 206 comprises managing keys, deciphering and message processing program.In addition, memory 206 is preferably held the session key of the program that is used to decipher signing information, also preferably all resides in the microcomputer internal storage, so that unprotected key is not transferred to the outside of chip of micro-computer.Memory 206 is preserved managing keys, and the group under each subscriber equipment has a managing keys at least.Less group may be only required several managing keys (MK) grooves (slot), and medium-sized group may require half-dozen to arrive a dozen key groove, and bigger group may require the key groove greater than a dozen.
Unique combination of managing keys be to use classical formula n! / k! (n-k)! Calculate.For n MK, the maximum quantity of the SD of the unique management of energy is that the k in the formula is changed to the value that n/2 calculates gained.For 4 MK, have at most 6 SD (4! / 2! (2)! ) can uniquely manage.Table 1 expression, always having 924 subscriber equipmenies (SD) for 12 managing keys (MK) can uniquely manage, and that each SD has is unique concerning described other SD, 6 set among 12 MK.Subscriber equipment with 16 grooves allows always to have 601,080,390 unique members that can control in group.
The meaning of " unique " is different; Can intersect, but have at least a key not to be included in other each single set.Making their unique best method is to distribute n managing keys at least, and wherein n selects n/2 greater than comprising whole group the size of selected members with get rid of member.Then, distribute n/2 key for each member.In this simple form, when all set had the key that other group do not have at least, the set of each key was not the subclass of any other set, though they may intersect.(using at most n to select under the situation of n/2, says exactly, in each is gathered, n/2 key be different from other set for a moment).This can be used as Fibonacci number (Fibonacci number) and calculate.Also can use other method that guarantees uniqueness, be the simplest and preferred but the n of this generation Fibonacci array size selects the n/2 method.It is possible generating sub-group in group, from the size of Fibonacci number minimizing group, reduces the size with the maximum group of Fibonacci number generation, and satisfies the needs of the expectation of using the private message transmission.
Session key in use generally needs to preserve, and a new session key also needed to preserve before conversion; Therefore, for every security service, session key needs two grooves at least.Better method is, identical decryption processing is applied to the private message part of signing information and encryption, and this is advantageous in less portable equipment.But consider for safety or battery, in signing informational message and private message, can indicate different secret machine or processing.If the message part that the group manager transmission is a large amount of just needs to preserve these intermediate object programs.Select symmetry and asymmetric secret machine to depend on the consideration of demand for security, processing method and power; Key length as use.Have only decomposition method can change fail safe.Output interface preferably will be deciphered signing information and be connected on the illustrated software and hardware, for example video compression will be reduced on the conventional CRT monitor, and Audio Processing is to boombox, or data are on LCD display.Clock 202 is connected to treatment system 204 so that processor 205 moves, and clock pulse is provided, and calendar and time are synchronous.Preferably support the part of circuit as microprocessor.In combining the system of cipher key change, the synchronous crypto-operation conversion is in demand characteristic, needs calendar and time rational, better precision, though can discern the key of use well.Represented and interface treatment system provide circuit-switched data stream, but can use two paths of data stream under the suitable situation, especially in order to reduce the influence of error.
Referring to Fig. 3, group manager 102 has been described, it is as the ancillary equipment of signing equipment 101.Source device interface 301 also can receive the information of signing by identical mode, as video, audio frequency or data.This interface 301 preferably is connected to the source of selecting to be used to receive user device list private message, that authorize.In case after being transfused to, managing keys can be saved among the GM with the related of each subscriber equipment.Best this preservation will be protected with anti-tamper.Privacy message is the group session key preferably.Clock 302 is connected on the treatment system 304 so that computer system 305 operations, provides in the clock arteries and veins, calendar and time synchronized, and preferably as the part of computer system 305 itself.Computer system 305 and mass storage 306 are arranged in treatment system 304.Workstation computer is as Sun Sparc TMSeries is preferred computer system 305, and conventional harddisk memory connects on computers, as big capacity media storage device 306.Distribution interface 303 preferably will be exported at a high speed and be connected on the uplink coding device of satellite distribution.Structurally similar to subscriber equipment, memory 306 is held managing keys, be preferably with database, this database makes following factors relevant, be managing keys and the key itself that each subscriber equipment is held, the set of software and computation key, the complementary set that does not have as the union held by selected user equipment and excluded each subscriber equipment, decompose software and private message is decomposed into message part, encryption software is encrypted message part with being provided with according to key, information software is transformed to the operable form of datagrams of subscriber equipment with message part that will total encryption, distribution interface software with communicate by letter according to the agreement of distribution network use.Session key, managing keys and other sensitive information preferably are kept in the big capacity media storage device with the protection form.Shown two paths of data stream can use by the method identical with circuit-switched data stream in appropriate circumstances.With reference to figure 4, the operation that occurs in the system flow chart illustrative system.Private message receives user device list as session key and (selected) of authorizing and enters system together, begins to handle in step 401.In step 403,, and calculate the union of these MK for selected user fetches managing keys from tabulation.Selected tabulation can comprise the enumerating of all authorized user device, and perhaps only for the enumerating of remover apparatus, maybe can utilize and add and deleted entry uses to tabulate and names simply, or the both has.Therefore, the subscriber equipment of the eliminating that can enumerate or from selected recipient's tabulation, produce.In step 441,, fetch the key set merging and compare with union for each excluded subscriber equipment.If managing keys does not have public set (empty common factor, complementary set equates with union), so excluded subscriber equipment will be excluded, and not handle further, not send the private message of being encrypted with the key in its cipher key sets.In step 447, such user does not need message part, and does not expend the sequence number of message part.
If have (common factor of a non-NULL) public administration key at least, so after the common factor of the user key set of removing eliminating and union, the complementary set that adopts union is energy computation key complementary set just.This complementary set is to be used for private message is partly conveyed to the managing keys of selected user equipment, does not comprise the special user equipment of each complementary set.In step 402, first message part is initially set to private message itself.If the common factor of all excluded subscriber equipmenies and selected user equipment union is empty, do not need so to decompose.For having occur simultaneously each excluded subscriber equipment of (m) of non-NULL, produce message part by the decomposition of decomposing first message part or its accumulation, as in step 445.Except first message part, message part is the random number that length equals private message.Last message part is the decomposition of using the private message accumulation of all other message parts continuously.
Analytic function is a lot.Can be best by the commutative function of any order.Rotation is possible but is limited to less number, as the figure place less than key.This refers to that territory algorithm (Field arithmetic) is best.Simple simon says can adopt binary function, but Galois (Galois) territory is 2 k, direct action rather than on 2, is rational expansion on the k position, looks the method that has provided another decomposition, but can use any arithmetic function.Any character string function such as mask can go out from the XOR construction of function, unless those require the character string function of particular order may comprise " or " or NOT function.Any linear character string function or commutative arithmetic function all are acceptable.
Then, shown in step 450-452, the set of the message part that decomposes from private message uses the complementary set of residue key to encrypt, and the copy of institute's encrypting messages part is as each managing keys in the cipher key sets.The message part of encrypting is distributed to selected at least subscriber equipment 101 by distribution network 104 by broadcasting 405.The message part of encrypting is distributed to the particularly excluded equipment of miscellaneous equipment do not have compromise risk.If the union of the managing keys of selected user equipment has covered whole group, so, when the wider equipment of distribution ratio selected device, even without member's equipment, there is not compromise risk yet, especially do not have identical managing keys with selected subscriber equipment because suppose them.In step 408, when receiving the encrypting messages part,, then analyze them so that select enough message to reformulate private message if available message part is identified in step 406.In step 407, message part is decrypted and in step 409 message part is combined as private message.If need not decipher the identification that the message part of being encrypted just can be finished institute's encrypting messages part, or implied the message part of encrypting in transmission, after selecting, the order of deciphering can be conversely so.Do not consider to duplicate, it partly is possible deciphering all available message, but wants consuming time and consumed power.If the quantity of message part combination is less, the nonrecognition message part is selected to do finely so.For the combination of larger amt, according to the optimal selection of time electrical source consumption and availability, identification and selection are preferably.If use commutative function (as XOR etc.), can finish the work of from all message parts, reformulating private message in any order, preferably adopt XOR.In step 410, private message is handled by output function.Correct processing can be used for the session key is sent to the deciphering conservation zone and writes down its application.This private message can be used as text message and sends on the big group of private display that receives.
With reference to figure 5, when receiving and reformulate private message, the subscriber equipment in the shown example is held MK-1, and-3 ... with-13.MP1 deciphers from MK3 and MK13.Only need a correct copy.MK2 can obtain from MK4, and MP3 obtains from MK1 or MK13, and MP4 obtains from MK1 or MK3, and MP5 also obtains from MK1 or MK3.
A copy by each all message part of combination (preferably by XOR) is by turn reformulated described private message.Even a lot of copies are all available, but only use one.Gather by examination, subscriber equipment can determine whether that it has successfully received all parts of private message, but preferably datagram is discerned all required message parts and the message part of being changed.If some message parts are reformulated before encryption, subscriber equipment similarly can gather the set of determining message part by examination so, and the set of this message part is the result of private message when combination.Yet, preferably, comprise the datagram of the message part or the total message part that reconfigures of encryption, the part that indication is comprised and require the part of reorganization private message.
With reference to figure 6, in the example that managing keys distributes, in this exemplary systems, used 4 managing keys (MK), have maximum 6 can unique management subscriber equipment (SD).Each SD just in time holds 2 MK, and per 2 SD have different MK set.There are 3 SD to hold MK1; 3 SD hold MK2; 3 SD hold MK3; 3 SD hold MK4, but neither one SD holds all keys, and each SD has the combination of unique MK.Corresponding, group manager has all 4 MK.
In order to get rid of SD-C from the session key that is receiving, group manager (GM) can not send with MK1 or MK4 encrypted session key.Sending with MK2 and MK3 encrypted session key all to allow each SD except that C to receive a copy.In fact will send the key of 2 copies to SD-D.Wish to occur unnecessary message part in the present invention.In further example, in order to get rid of SD-C and SD-D, group manager (GM) can not send with MK1 or MK4 encrypted session key, can not send with MK2 or MK3 encrypted session key.Finish the transmission session key by at first the session key being decomposed into into 2 key parts (MP).Send the MP1 that encrypts with MK2 and MK3; Send the MP2 that encrypts with MK1 and MK4.Best, MP2 is a random number, and MP1 is the session key with the MP2 XOR.
All SD will receive the two copy of MP1 and MP2 except that C and D.To send the copy of 2 MP1 to SD-D, and will send the copy of 2 MP2, session key will not be provided under the both of these case to SD-C.By suitably making up MP1 and MP2, all SD that select choosing will have session key.
With reference to figure 7, message part datagram figure describes and utilizes specific managing keys to encrypt the example message of passing on message part.Datagram can comprise such indication, promptly need which type of other message part construct private message and identification they.Because there is not the indication of other required message part, the combination that subscriber equipment can be checked message part is found the combination of a satisfaction up to it, but handheld device is generally used battery operation, makes identification become hope.If before sending, done the combination in advance of message part, so with regard to identification message combination in advance partly.It is complete not having indicated additional MP demand can indicate private message, or simple mark can to indicate MP be complete private message.First example is that message part itself is complete, does not need other message part.If use the variable-length territory, so simple complete mark and private message comprise whole datagram.Second case representation, message is divided into 3 parts, and this datagram has message part 2, is marked as the 2nd, and needs the 1st and the 3rd message part.The 3rd case representation reconfigures total message part 1,3,4 and 5, and be complete in order to make private message, do not have the 2nd and 6 parts.Last case representation private message is identified as session key 27.13 parts that datagram is passed on 3,4,5 parts and reconfigured need be identified as 1 to 15 part, promptly do not have 1,2,6-12 and a 14-15 part.Has diversified indication.In big activity system the identification message certain applications to private message also may be desirable.The identification of message part can comprise private message, the session that belongs to as message part.
With reference to figure 8, private message is resolved into message part, pseudo noise generator is provided at the random data that uses when decomposing message.Passing on about the information of each excluded user's complementary set is that hypothesis and the tabulation of shifting selected user equipment take place at the same time.The decomposition of private message preferably includes from the initial sets of first message part and begins to private message itself, and thereafter, by selecting random number, its length preferably equals the length of the private message that decomposes, produces message part.Shorter length may make private message vulnerable; The efficient of length is lower.Best, by new message part (random number) and first message part by turn XOR decompose, keep this result as first message part.New message part is applied to first message part continuously by the XOR process, so that all message parts that need revert to private message.
In case private message has been broken down into the message part of sufficient amount so that each excluded subscriber equipment has MP at least, which subscriber equipment it will not be delivered to, and in this example (m), calculate complementary set.Excluded user's complementary set is the cipher key sets from union, and this union can be used for sending has no chance by the intercepted message part.Each excluded subscriber equipment has a cipher key sets, and sends to the complementary set of the relevant excluded subscriber equipment of MP.The arrow representative is transmitted the copy of MP and is encrypted to use managing keys.Some are used for the MK of 3 MP this case representation, and some are used for 2 or 1 MP only.The quantity growth of message part is very fast, and inequality to each MK.
The message part of encrypting is collected in together and encapsulates as required so that they are uploaded to distribution network.Many private messages are being arranged perhaps under the situation of how excluded subscriber equipment, identification is desirable.If the ratio of excluded subscriber equipment is very high, should accept other more conventional method.
It is favourable using random number to decompose private message, because if lost any message part, the incomplete combination of message part can show as random number so.Can use other decomposition method, as moving or analyze message, but the commutative characteristic of XOR makes what it wished to be done especially.In addition, also can use the random number of other length, but length is shorter than initial private message, fail safe is reduced.Use the best way, any random number that equals original private message and lose on length can make interrupt message and not have the same difficulty of any message part.
If private message is exactly a session key, selectively, group manager can produce session key (private message) rather than allow the source produce.Can use the randomizer of the same type that is used for message part for this reason.
With reference to figure 9, in an example of getting rid of SD-A1, SD-Q7 and SD-H6, group manager (GM) can not send complete private message, for example, and any encrypted session key in from MK1 to MK12 of new usefulness.Finish the work that sends it by at first new session key being decomposed into 3 parts.SD-A1 has cipher key sets MK1 to MK6, and SD-Q7 has cipher key sets MK7 to MK12, and SD-H6 has cipher key sets MK4-6 and MK10-12.So complementary set is respectively, the MK7 of A1 is to MK12, and the MK1 of Q7 is to MK6, and the MK1-3 of H6 adds MK7-9.Encrypt transmission MP1 with cipher key sets MK10-12, this cipher key sets is the subclass of the common factor of MK1-12 and complementary set A1.Similarly, encrypt transmission MP2 with cipher key sets MK4-6, this cipher key sets is the subclass of complementary set Q7.MP1 and MP3 resemble in SD to be done quilt make up (preferably XOR) in advance, and encrypt with secret cryptographic key MK7-9 and to send, MK7-9 is the common factor of complementary set A1 and complementary set H6; MP2 and MP3 are also made up in advance, and encrypt transmission, the i.e. common factor of complementary set Q7 and complementary set H6 with secret cryptographic key MK1-3.Best, MP2 and MP3 are random numbers, and MP1 is the session key with the MP2 XOR, and MP2 again with the MP3 XOR.The sum that transmits MP in this is 12.
Except that above SD-A1, SD-Q7 and SD-H6, whole 924 possible SD will receive the copy of MP1, MP2 and MP3.To send SD-A1 and not send MP1, and will send SD-Q7 and do not send MP2, SD-H6 will receive MP1 and MP2, but not accept MP3.A SD-M5 has MK1,2,3,7,8 and 9, and the MP2 that can only receive the MP1 that makes up in advance with MP3, make up in advance with MP3.From these constituent private keys is can not reformulate such SD the session key.To such SD, except encrypting with a suitable MK, MP1 or MP2 or MP3 can be provided, determine possible private message, and send this possible private message: can use MK7,8 or 9 to encrypt and send MP1 with any MK that has been used to encrypt this possible private message; Can use MK1,2 or 3 to encrypt and send MP2; Can use MK1,2,3,7,8 or 9 to encrypt and send MP3.Only need among these MK.So it is that one in these selections is sent that step is provided.This means the message that needs 13 message parts, be less than 18 of possibility maximum demand to a certain extent.With MP1 MP3 and MP2 combination, MP2 MP3 and MP1 are made up and add (to SD-M5) MP3 and MP1 MP3 and MP2 MP3 combination by suitably, whole selected SD can reformulate private message.
With reference to Figure 10, in the example that makes up in advance of a message part, MP1, MP3, MP4, MP5 and MP13 are expressed as 56 character strings.The MP result of XOR has by turn been described in the bottom.Represented preferred identifier, length is 15 character string, means that 15 MP of needs reformulate private message; Corresponding bit position represents that attached message part makes up MP1,3,4,5 and 13 in advance in character string.
With reference to Figure 11, have and make up in advance and provide the system flow chart of function that operation when they occur in system has been described.Private message, as session key, and the tabulation of authorizing (selected) to accept subscriber equipment enters system together, begins processing procedure in step 1101.In step 1103, from this tabulation, call the managing keys of selected user equipment and calculate the union of those MK.The tabulation of selecting can comprise the enumerating of subscriber equipment of all mandates, only excluded equipment, or can simply name to use and increase or deletion or the two tabulation that all has.So, can enumerate excluded subscriber equipment or from selected recipient's tabulation, obtain excluded subscriber equipment.In step 1141, call cipher key sets and relatively with union for each excluded subscriber equipment.If not having managing keys is public (the empty common factor, complementary set equals union), so, need not further handle, just do not got rid of excluded subscriber equipment but do not send with the private message of the secret key encryption in its cipher key sets.Such user does not need message part, and reduces the quantity of message part in step 1147.
If at least one (non-NULL common factor) public administration key is arranged, so, by use and concentrate the common factor of the cipher key sets of removing the subscriber equipment that forecloses and union after complementary set computation key complementary set.Complementary set is the managing keys that can be used for private message is partly conveyed to selected user equipment, does not comprise the special user equipment of each complementary set.In step 1102, first message part is initially set to private message itself.If the common factor that the union of all excluded subscriber equipmenies and selected user equipment control key is free does not need to decompose so.In step 1145,, produce message part by the decomposition of decomposing first message part or its accumulation to each excluded family equipment with non-NULL common factor (m).Except that first message part, message part is the random number that length equals this private message.Last message part is to use all other message parts continuously and the accumulation of the private message that obtains is decomposed.
Then, make up in advance from the set of the message part of private message decomposition according to complementary set.To and each managing keys of concentrating, among the step 1150-52, all complementary sets that have that key will make other set make up their relevant message parts in advance.
All selected user that it musts receive private message.In step 1153, check the set of the selected user equipment of accepting.In step 1154, provide owing to make up and any message part unavailable in advance selected subscriber equipment.
In step 1155, encrypt combination in advance and the message part that provided to be used for and to concentrate each managing keys.Broadcasting 1105 is assigned to the message part of encrypting on the selected at least subscriber equipment 101 by distribution network 104.The message part of being encrypted is distributed to other equipment, and particularly excluded equipment does not have compromise danger.If the union of the managing keys of selected user equipment has covered whole group, so, when the selected wideer encrypting messages of distribution ratio, even distribute for non-member not have compromise danger, special because supposition they and selected user equipment do not have the public administration key yet.
When step 1106 receives the message part of being encrypted, in step 1108,, so just analyze available message part to select enough to reconfigure the message part of private message if discerned available message part.Decrypt part in step 1107, and in step 1109, message part is combined into private message.If need not decipher the identification that just can finish institute's encrypting messages part, or the identification of in transmission, having implied the encrypting messages part, so, the order after selecting can be turned around.Do not consider to duplicate, the deciphering of all available message parts is possible, but expends time in and power.If the quantity of message part combination is less, the nonrecognition message part is selected to work finely.For the combination of larger amt, be preferably according to the identification and the selection of time, power consumption and availability optimal value.If use tradable function (as XOR etc.), can finish with any order and from used message part, reconfigure private message, preferably pass through XOR.In step 1110, output function is handled private message.Correct processing can send to the session key deciphering memory area and write down its application.Private message can be the text message that will send to the big group of private display of accepting.
Further as can be seen, though illustrated systems approach and equipment can be used for transmitting the private message except that session key, pass on characteristics and the present invention of session key institute particular requirement to be complementary; And typical encrypted broadcast messages technology can realize transmitting general message rather than pass on key desired characteristic.
The present invention is used for that broadcast is to the informant who is comprised and the informant except not comprising safely from the source in unsafe communication channel, and method and apparatus of the present invention can be implemented with the method that plurality of optional is selected.A comparatively widely used implementation method is to utilize " safety means " to replace private code communication key." safety means " can comprise many novelties or the safety method of routine or any one in the process.For example, illustrated in preferred embodiment, can utilize private code communication key.According to the present invention, can use symmetric key or unsymmetrical key.In addition, can use a private public-key cryptography right, as the public private key agreement of Diffie-Helman.In addition, the part that can utilize encryption or Processing Algorithm to come mask or decompose institute's message transfer.Can use mathematical function to come the part of mask message.For example, can utilize the analog or digital function of multiple routine.Also can use multiple processing method to encrypt the part of private message.Software and/or security hardware also can be used for the part of encrypting messages.The Hash function can be used for the part of encrypting messages.Unique sequence number in unique individual or computing equipment can be used to encrypt or the part of mask message.If, then also can use clock value by synchronous each equipment of some mode.This is usually (typically to be embedded in the TOD clock) routine techniques that uses in data handling system.Randomizer can be used for the value that produces key or use in cryptographic operation.Can use the initialization vector that is used for data processing or hardware device.In addition, any value of determining of cyclic process (when each processing when being synchronous) also can be used on the occasion of private code communication key.Some conventional selectable safety means have been described in Figure 12.
Figure 12 A describes the simple encryption operation.As shown in the figure, expressly 2000 offer encryption equipment 2002 to produce ciphertext 2004.Ciphertext 2000 sends at the insecure communication channel, and offers encryption equipment 2006.Deciphering machine 2006 operations are to produce the plaintexts 2008 that mate with plaintext 2000.
Figure 12 B describes the cryptographic operation of symmetrical shared secret private key.As shown in the figure, expressly 2010 offer encryption equipment 2014, encryption equipment 2014 with private key 2012 as key.Encryption equipment 2014 is created in the ciphertext 2016 that sends on the insecure communication channel.Ciphertext 2016 offers deciphering machine 2020, deciphering machine 2020 with private key 2018 as key.Deciphering machine 2020 produces the plaintexts 2020 with plaintext 2010 couplings.
Figure 12 C describes the ciphering process of asymmetric shared secret private key.In this processing procedure, encryption key 2026 is different from decruption key 2032.Expressly 2024 offer encryption equipment 2028.Encryption equipment 2028 uses encryption key 2026 to carry out cryptographic operation.Output as encryption equipment 2028 provides ciphertext 2030, and sends on the insecure communication channel.Ciphertext 2030 is as the input to deciphering machine 2034.Deciphering machine 2034 uses decruption key 2032 to come decrypting ciphertext 2030.Deciphering machine 2034 produces expressly 2036 conduct outputs.Expressly 2036 and expressly 2024 mate.
Figure 12 D is that the diagram of arbitration cryptographic protocol is represented.Informant 2038 utilizes arbitration communication protocol 2040 to communicate by letter with informant 2042.Third party coordinator 2044 is that communicating pair is all trusted, and arbitral agreement is implemented in operation.
Figure 12 E is that the diagram of transmission security message ruling agreement is represented.As shown in the figure, correspondent 2046 communicates by letter with correspondent 2048.Communication process produces the adjudicator 2050 that evidence 2052 and 2054,2054 is provided for trust.The adjudicator utilizes ruling agreement 2054, and after finding the fact, the validity of decision communication and correspondent's identity is communicated by letter effectively so that make.
Figure 12 F represents from the diagram of implementation agreement.As shown in the figure, correspondent 2065 utilizes and communicates by letter with correspondent 2058 from implementation agreement 2060.
Figure 12 G is that the diagram of utilizing reversible mathematical function to carry out secure communication is represented.Input 2062 offers mathematical function 2064, and mathematical function is to input operation and produce ciphertext output 2066.Output 2066 sends on the insecure communication channel.The output 2072 that anti-mathematical function 2070 is used to carry out the inverse operation of hash function 2064 and produces and import 2062 couplings.
Figure 12 H is that the block diagram of asymmetric private key-public key encryption operation is described.Utilize this operation, have only correspondent A can produce message, but any correspondent comprises that recipient B can read this message.As shown in the figure, correspondent A produces the input 2080 that offers encryption equipment 2082.Encryption equipment at least in part with private key 2084 as key so that produce ciphertext 2086 as exporting.Ciphertext 2086 sends on the insecure communication channel.Deciphering machine 2088 receives ciphertexts 2086, and with public-key cryptography 2090 as key (public-key cryptography relevant) with correspondent A.Deciphering machine 2088 produces the output 2092 with input 2080 couplings.Adopt this mode, correspondent A can produce the message that other any correspondent utilizes the public-key cryptography 2090 relevant with correspondent A all to can read.The correspondent can not imitate or disguise as correspondent A, because need private key 2084 to produce readable message.
Figure 12 I is that the simplified block diagram of asymmetric private key, public key encryption is described, and allows any correspondent A to produce the message that only can be read by a correspondent B.As shown in the figure, input 2100 provides input as encryption equipment 2102 by correspondent A.Encryption equipment with the public-key cryptography 2104 relevant with correspondent B as key.Encryption equipment 2102 is created in the ciphertext 2106 that sends on the insecure communication channel.The input of ciphertext 2106 as deciphering machine 2110 is provided.Deciphering machine 2110 utilizes private key 2108 relevant with correspondent B and that have only correspondent B to know.The output 2112 that deciphering machine 2110 produces corresponding to input 2100.Adopt this mode, any correspondent A can produce the private message that has only correspondent B to read.
Figure 12 J is that the simplicity of illustration that can be used for the signature operation of safe transmission is represented.As shown in the figure, input 2120 is used to produce security signature and private message.In order to produce signature, input 2120 offers hash function 2122, and hash function 2122 should input with a kind of irreversible mode scrambling.The output of hash function 2122 offers encryption equipment 2124, and encryption equipment 2124 produces signature 2126 encrypted and that send on unsafe communication channel.Signature 2126 is as the input of deciphering machine 2128, and deciphering machine 2128 produces output to offer comparator 214.Input 2120 also offers encryption equipment 2130, and the ciphertext 2132 that encryption equipment 2130 produces as output, ciphertext 2132 send on the insecure communication channel and received by deciphering machine 2134.The output 2136 that deciphering machine 2134 produces corresponding to input 2120.Deciphering machine 2134 offers the hash function 2138 corresponding to hash function 2122; In other words, hash function 2122 and 2138 acts in the input to produce output identical but at random.The output of Hash function 2138 offers comparator 2140.If what provided is identical as signature with the value of message, then communication is effective; In other words, communication is from trusted sources.
Figure 12 K is to use initial value and circular treatment to guarantee the simplified block diagram of secure communication on the insecure communication channel.As shown in the figure, by the initialization value of combination results or the initialization vector 2144 of random number 2140 and time or other cycle values 2142.Initialization value offers algorithm or generator 2146.Input 2148 on xor operation 2150 and algorithm/generator 2146 make up.All these processing are all carried out under the control of correspondent A.Correspondent B or any other correspondent trusty have identical initial value 2154, and also offer identical algorithms/generator 2156.The output of algorithm/generator 2156 offers xor operation 2158 as input.Other is provided on insecure communication by xor operation 2158 to the input of xor operation 2158.The output of xor operation 2158 is output 2160, and is identical with input 2148.Because xor operation is this commutative and reversible unique trait, so this is possible.Any cycling can be used for the occasion of time value, so that make the correspondent of mandate synchronous.
The example of the simplification of Figure 12 is represented the safety means of multiple routine, these conventional safety means can be applied in private code communication key occasion or be used in combination with this occasion, so that selected part or section in decomposition, encryption or the mask information, and these information will send on unsafe communication channel.
In general introduction comparatively widely, in the present invention, must do the consideration of some balances so that determine the sum of privacy communication's key, these privacy communication's keys will be used for message is only sent to the correspondent who is comprised, and do not comprise the correspondent that those do not comprise, and determine message decomposition that must occur or the quantity of cutting apart.A kind of method is to support the maximum of message to cut apart and/or decompose, and opposes the maximum analysis of encryption key distribution.In other words, a kind of wider method is emphasized to cut apart and/or is decomposed and do not emphasize the key analysis.This analysis is by sum or excluded correspondent domination.Relevant with this analysis negative be that it expends a large amount of bandwidth and sends the message that the heavier institute of burden decomposes or cuts apart.
Another kind of optionally method is the very big effort analysis of flower encryption key distribution among the correspondent who comprises and do not comprise, so that make the message that must send in order to send this message cut apart the quantity minimum of quantity or message.
In essence, must reach some conciliations between the cutting apart and/or decompose of encryption key distribution analysis and message.From the viewpoint of linear equation system, can find the analysis of this problem so that determine the optimal number that decomposes and/or cut apart and cipher key identity and handle minimum and make the needed bandwidth minimum of secure communication so that make.
Those skilled in the art will do the variation of these and other, and thinks the scope that does not break away from claim of the present invention.
Therefore, from the explanation of front, can know clearly, the invention provides a kind of method and apparatus, be used for only to the selected Member Users's equipment of a group conveying private message.Advantageous is that this method and equipment keep the characteristics of high efficiency of group broadcast enciphering message technology in the prior art, have got rid of member and other undelegated recipient in the not choosing group simultaneously to a considerable extent well.
In another embodiment of the present invention, it is very beneficial doing like this, i.e. cascade message is decomposed and message encryption is operated to strengthen fail safe and to reduce the bandwidth that secure communication needs.Now depend on xor operation to a great extent, but this not to finish the needed unique method of secure communication at the embodiment of this explanation.Xor operation has certain characteristic, and to make these operate in the present case be useful.For example, xor operation is it self a inverse function.In addition, xor operation is tradable.Although may be combined into non-linear or non-swappable function, this may be difficult.The mathematical function of high-order as being tradable in the GF2m territory, may be useful.In addition, rotation or splicing character string function can be anti-, but their application is restricted.
Say that from mathematics built-up section may cause the failure that the particular device execution is reformulated in advance, because the odd number that each message part occurs needs to comprise message part and may have only an even number for some equipment in xor operation.Therefore, in claim 3, inserted the step that provides.Equipment need be selected how to make up a plurality of parts so that in all parts all are included in.If use other function to decompose, GF for example, the big young pathbreaker in this territory has determined how many times need occur to each message part so.For example, FG25 has 32 elements.Any prime number can be selected as composite function, as 1,31, and 5 etc., depend on selected territory multinomial.0 is not a useful composite function.Prime number 1 refers to that message part occurs once and only occurs once in last reformulation.Other prime number is from arithmetically making up to obtain that result.Therefore, can obtain for 3 times, so, can calculate its form that is equal to and know this multinomial if concrete message part adds self.This is helpful to solving some combinatorial problems, but problem is across all eigenfrequency vectors.
Although describe the present invention with reference to specific embodiment, this explanation is not meant under limited meaning and makes up.The various modifications of illustrated embodiments of the invention and alternate embodiments of the present invention when with reference to explanation of the present invention, will become clearly to those of ordinary skill in the art.Therefore, the additional claims of expectation will cover any within the scope of the present invention such modification or embodiment.

Claims (51)

1, a kind of on the insecure communication channel from message source safely broadcast give the informant included and the method for not giving excluded informant, this method comprises:
(a) provide the set of private safety means;
(b) subclass of described private safety means is provided for each informant;
(c) wherein, other informant compares with all, and each informant has the subclass of unique described private safety means of taking from described private safety means set;
(d) the identification described informant who is included and described excluded informant and relevant private safety means;
(e) from described private safety means set, pass through to select specific described private safety means in conjunction with following factors:
(1) distribution of the private safety means of analysis in described informant who is included and excluded informant; And
(2) possibly described message is resolved into message part;
(f) described message is decomposed into message part;
(g) utilize described specific private safety means to guarantee the safety of the particular message part of described message;
(h) in the form of security of the described message of described unsafe traffic channel; And
(i) the wherein said informant who is included can utilize described specific private safety means to come to produce described message from the form of security of described message.
2, secure broadcast method as claimed in claim 1, wherein said safety means comprise at least one in the following project:
(1) cryptographic communication key;
(2) agreements;
(3) algorithms;
(4) mathematical functions;
(5) processing methods;
(6) software security equipment;
(7) security hardwares;
(8) Hash functions;
(9) sequence numbers;
(10) clock values;
(11) initial values;
(12) stochastic variables;
(13) initialization vectors; And
(14) values of determining by circular treatment.
3, secure broadcast method as claimed in claim 1, the cryptosecurity equipment that wherein said private safety means are included comprises at least one in the following project:
(1) cryptographic algorithm; With
(2) cryptographic key.
4, secure broadcast method as claimed in claim 3, wherein said cryptosecurity equipment comprises asymmetric cryptosecurity equipment.
5, secure broadcast method as claimed in claim 3, wherein said cryptosecurity equipment comprises the symmetric cryptography safety means.
6, secure broadcast method as claimed in claim 1, wherein:
(1) described private safety means set comprises at least four private safety means; And
(2) each subclass of described private safety means comprises at least two private safety means.
7, secure broadcast method as claimed in claim 1, wherein each described private safety means has an initial condition, and this state changes after receiving described message.
8, secure broadcast method as claimed in claim 1, wherein said safety means comprise private code communication key.
9, secure broadcast method as claimed in claim 8, wherein said private code communication key comprises symmetrical private code communication key.
10, secure broadcast method as claimed in claim 1:
(i) set of wherein said private safety means comprises the set of a private code communication key; With
(j) wherein said message is divided into message part; And
(k) wherein use specific described private code communication key to gather and encrypt each message part.
11, secure broadcast method as claimed in claim 10, wherein said private code communication key set comprises at least four private code communication keys.
12, secure broadcast method as claimed in claim 10, wherein by selecting specific described private code communication key in conjunction with following factors:
(1) distribution of analysis key in described informant who is included and excluded informant; With
(2) cut apart described message possibly.
13, secure broadcast method as claimed in claim 1 is wherein selected n/2 according to n in fact, the described subclass of described private safety means is provided for each informant.
14, secure broadcast method as claimed in claim 1:
Described private safety means comprise the data of representing safe key; With
Wherein, select n/2 according to n in fact, the described subclass of described private safe key is provided for each informant.
15, secure broadcast method as claimed in claim 1, the step that wherein described message is resolved into message part is finished by giving reversible mathematical function of described messages application, produces uncertain output so in fact.
16, secure broadcast method as claimed in claim 1, the step that wherein described message is resolved into message part is by to described message and equal length or carry out by turn XOR than the basic random order of length and finish.
17, a kind of on the insecure communication channel from message source safely broadcast give the informant included and the method for not giving excluded informant, comprising:
(a) provide the set of private code communication key;
(b) subclass of described private code communication key is provided for each informant;
(c) wherein, other informant compares with all, and each informant has the subclass of unique described private code communication key of taking from described private code communication key set;
(d) the identification described informant who is included and described excluded informant and relevant private code communication key;
(e) pass through in conjunction with following factor, from described private code communication key set, select specific described private code communication key:
(1) distribution of analysis private code communication key in described informant who is included and excluded informant; And
(2) the possible decomposition of the described message of analysis;
(f) described message is resolved into message part;
(g) utilize described specific private code communication key to encrypt the specific part of described message;
(h) at the encrypted form of the described message of described unsafe traffic channel;
(i) the wherein said informant who is included can utilize described specific private code communication key to decipher described message.
18, secure broadcast method as claimed in claim 17, wherein said private code communication key comprises asymmetric cryptographic communication key.
19, secure broadcast method as claimed in claim 17, wherein said private code communication key comprises the symmetric cryptography communication key.
20, secure broadcast method as claimed in claim 17, wherein
(1) described private code communication key set comprises at least four private code communication keys; And
(2) each subclass of described private code communication key comprises at least two private code communication keys.
21, secure broadcast method as claimed in claim 17, the step that wherein described message is resolved into message part is finished by giving reversible mathematical function of described messages application, produces a uncertain output so in fact.
22, secure broadcast method as claimed in claim 17, the step that wherein described message is resolved into message part is by to described message and equal length or carry out by turn XOR than the basic random order of length and finish.
23, a kind of private message that transmits in the encrypted broadcast messages system is given the selected user equipment in the group and not to the method for other subscriber equipment in the group, is comprised step:
(a) from first set of Administrative Security equipment, second set of Administrative Security equipment is programmed into each subscriber equipment in the group in advance, and each second set with all other second set to compare be unique;
(b) determine Administrative Security equipment of holding by selected user equipment and the Administrative Security equipment of holding by excluded subscriber equipment from group;
(c) private message is decomposed into message part, has at least a message part to be used for and be relevant to each excluded subscriber equipment of group, each message part uses that to can't help the Administrative Security equipment that excluded subscriber equipment holds will be safe;
(d) use the Administrative Security equipment be intended for use each message part to guarantee that the copy of each message part is safe, by selected user equipment hold and can't help each Administrative Security equipment that any relevant excluded equipment holds a copy arranged;
(e) message part with safety passes to selected subscriber equipment in the group at least, identification institute message transmitted part and the message part that needs to reformulate private message;
(f) receive at least one safe message part, discern the message part of at least one message part accepted and the reformulation private message that at least one needs;
(g) the use and management safety means re-construct the message part of having encrypted that at least one receives;
(h) from the message part that receives of safety, select to be enough at least reformulate the message part of private message; And
(i) reformulate private message by making up selected message part.
24, method as claimed in claim 23, wherein said Administrative Security equipment comprises at least one in the following project:
(1) cryptographic communication key;
(2) agreements;
(3) algorithms;
(4) mathematical functions;
(5) processing methods;
(6) software security equipment;
(7) security hardwares;
(8) Hash functions;
(9) sequence numbers;
(10) clock values;
(11) initial values;
(12) stochastic variables;
(13) initialization vectors; With
(14) values of determining by circular treatment.
25, method as claimed in claim 23, the cryptosecurity equipment that wherein said Administrative Security equipment is included comprises at least one in the following project:
(1) cryptographic algorithm; With
(2) cryptographic key.
26, secure broadcast method as claimed in claim 25, wherein said cryptosecurity equipment comprises asymmetric cryptosecurity equipment.
27, secure broadcast method as claimed in claim 25, wherein said cryptosecurity equipment comprises the symmetric cryptography safety means.
28, secure broadcast method as claimed in claim 23, wherein:
(1) described Administrative Security cluster tool comprises at least four Administrative Security equipment; With
(2) each subclass of described Administrative Security equipment comprises at least two Administrative Security equipment.
29, secure broadcast method as claimed in claim 23, wherein said Administrative Security equipment comprises private code communication key.
30, secure broadcast method as claimed in claim 29, wherein said private code communication key comprises symmetrical private code communication key.
31, secure broadcast method as claimed in claim 23:
(i) set of wherein said Administrative Security equipment comprises the set of an administrator password communication key; With
(j) wherein said message is divided into message part; And
(k) wherein use specific described administrator password communication key to gather and encrypt each message part.
32, secure broadcast method as claimed in claim 31, wherein said administrator password communication key set comprises at least four private code communication keys.
33, secure broadcast method as claimed in claim 31, wherein,, select specific described private code communication key in conjunction with following factor:
(1) distribution of analysis key in described user who is included and excluded user; With
(2) cut apart described message possibly.
34, secure broadcast method as claimed in claim 23 is wherein selected n/2 according to n in fact, the described subclass of described Administrative Security equipment is provided for each user.
35, secure broadcast method as claimed in claim 23:
Wherein, described Administrative Security equipment comprises the data of representing safe key; And
Wherein, select n/2 according to n in fact, the described subclass of described safe key is provided for each informant.
36, secure broadcast method as claimed in claim 23, the step that wherein described message is resolved into message part is finished by giving reversible mathematical function of described messages application, produces a uncertain output so in fact.
37, secure broadcast method as claimed in claim 23, the step that wherein described message is resolved into message part is by to described message and equal length or carry out by turn XOR than the basic random order of length and finish.
38, a kind of method that the transmission private message is not given other subscriber equipment in the group to the selected user equipment in the group in the encrypted broadcast messages system, the method comprising the steps of:
(a) determine managing keys of holding by selected user equipment and the managing keys of holding by excluded subscriber equipment from group;
(b) private message is decomposed into message part, at least one message part is used for and is relevant to each excluded subscriber equipment of group;
(c) copy message part is held and be can't help each managing keys that any relevant excluded equipment holds a copy is arranged by selected user equipment, and each message part will be used the managing keys of being held and encrypt;
(d) use the managing keys that will be used for each message part to encrypt each message part; And
(e) message part of being encrypted for the selected user equipment transmission in the group at least, identification institute message transmitted part and the message part that needs to reformulate private message.
39, as method as described in the claim 38, wherein Kao Bei step also comprises one combination step and one provides step in advance, use the cura specialis key to be combined into first total message part in advance with copy with all encrypted message parts, this combination is equivalent to the combination in subscriber equipment, result's message part is formed in identification, and provides second the total message part that is enough to partly reformulate from institute's message transmitted private message for the subscriber equipment of all selections.
40, a kind of in the encrypted broadcast messages system by the selected user equipment in the group in can't help to organize other subscriber equipment obtain the method for private message, the method comprising the steps of:
(a) from will have at least first set of two managing keys, second set of managing keys is programmed in each subscriber equipment in the group in advance, it is unique that each second set is compared with second every other set;
(b) receive the message part of at least one encryption, at least one message part that identification receives and need reassemble at least one message part of private message;
(c) at least one part of encrypting messages that receives of use and management secret key decryption;
(d) select the message part of at least one private message that is enough to recombinate from the message part that receives of deciphering; And
(e) by making up recombinate private message and this private message is sent to the destination of selected message part.
41, a kind of subscriber equipment comprises:
(a) receiving interface that is used to receive the security message part;
(b) one is connected to the security message treatment system partly that receiving interface is used to handle receive;
(c) treatment system wherein is programmed, and to use the safety means of programming in advance in the available safety means set, partly produces message part from the security message that receives;
(d) it is unique wherein comparing with every other safety means with the described safety means of programming in advance that described receiving interface interrelates;
(e) treatment system wherein is programmed, and is enough to reformulate the message part of private message to select at least one from message part;
(f) and treatment system wherein be programmed, partly to reformulate private message by making up selected decrypt; With
(g) output interface that is connected to treatment system is used for providing private message to its destination.
42, subscriber equipment as claimed in claim 41, wherein said safety means comprise at least one in the following project:
(1) cryptographic communication key;
(2) agreements;
(3) algorithms;
(4) mathematical functions;
(5) processing methods;
(6) software security equipment;
(7) security hardwares;
(8) Hash functions;
(9) sequence numbers;
(10) clock values;
(11) initial values;
(12) stochastic variables;
(13) initialization vectors; With
(14) values of determining by circular treatment.
43, subscriber equipment as claimed in claim 41, the cryptosecurity equipment that wherein said private safety means are included comprises at least one in the following project:
(1) cryptographic algorithm; With
(2) cryptographic key.
44, subscriber equipment as claimed in claim 43, wherein said cryptosecurity equipment comprises asymmetric cryptosecurity equipment.
45, subscriber equipment as claimed in claim 43, wherein said cryptosecurity equipment comprises the symmetric cryptography safety means.
46, subscriber equipment as claimed in claim 41, wherein:
(1) the described set of available safety means comprises at least four private safety means; With
(2) each subclass of the described private safety means of programming in advance comprises at least two private safety means.
47, subscriber equipment as claimed in claim 41 wherein, selects n/2 according to n in fact, the described subclass of described private safety means is provided for each user.
48, subscriber equipment as claimed in claim 41:
Wherein, described private safety means comprise the data of representing safe key; And
Wherein, select n/2 according to n in fact, the described subclass of described safe key is provided for each user.
49, subscriber equipment as claimed in claim 41, wherein, it is by finishing for reversible mathematical function of described messages application, producing a uncertain substantially output so in fact that described message is resolved into message part.
50, subscriber equipment as claimed in claim 41 wherein resolves into described message message part and is by to described message and equal length or carry out by turn XOR than the basic random order of length and finish.
51, a kind of group manager comprises:
(a) tabulation that is used to receive the source interface of private message and receives the selected user equipment of private message;
(b) treatment system that is connected to source interface, the selected user list of devices that is used for being received is processed into cipher key sets, and is used for private message is processed into message part;
(c) treatment system wherein is programmed, to determine managing keys of being held by selected user equipment and the managing keys of being held by excluded subscriber equipment;
(d) processing wherein is programmed, so that private message is resolved into message part, at least one message part is used for and is relevant to each excluded subscriber equipment, treatment system wherein is programmed with the copy message part, hold and each managing keys of not held by relevant excluded equipment has a copy by selected user equipment, each message part will be used the managing keys of holding and encrypt, wherein treatment system is programmed, encrypt each message part to use the managing keys that will be used for each message part, and the message part of being encrypted is passed to selected at least subscriber equipment in the group, know other institute message transmitted part and need to reformulate the message part of private message with a kind of operable form; And
(e) distribution interface that is connected to treatment system is used for the message of the part of encrypting messages is offered radio network.
CN99803467A 1998-01-19 1999-01-15 Method and apparatus for conveying private message to selected members Pending CN1292185A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US7177698P 1998-01-19 1998-01-19
US60/071,776 1998-01-19

Publications (1)

Publication Number Publication Date
CN1292185A true CN1292185A (en) 2001-04-18

Family

ID=22103516

Family Applications (1)

Application Number Title Priority Date Filing Date
CN99803467A Pending CN1292185A (en) 1998-01-19 1999-01-15 Method and apparatus for conveying private message to selected members

Country Status (8)

Country Link
EP (1) EP1050132A4 (en)
JP (1) JP2002510164A (en)
CN (1) CN1292185A (en)
AU (1) AU750042B2 (en)
BR (1) BR9907094A (en)
CA (1) CA2318452A1 (en)
NO (1) NO20003651L (en)
WO (1) WO1999037052A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8218769B2 (en) 2006-02-28 2012-07-10 Hitachi, Ltd. Encrypted communication system, communication status management server, encrypted communication method, and communication status management method
CN110419196A (en) * 2017-03-17 2019-11-05 牛津大学创新有限公司 Security data exchange
CN117240620A (en) * 2023-11-13 2023-12-15 杭州金智塔科技有限公司 Privacy set union system and method
CN117473539A (en) * 2023-12-28 2024-01-30 深圳市乐凡信息科技有限公司 Data encryption method, data decryption method, terminal device, and readable storage medium

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2001290188A1 (en) * 2000-09-29 2002-04-08 Nagravision S.A. Method for encrypting a formatted data set
GB2380369B (en) * 2001-09-27 2004-03-24 Marconi Comm Ltd A communications network encryption system
WO2006096035A1 (en) * 2005-03-10 2006-09-14 Electronics And Telecommunications Research Institute Encryption and decryption device in wireless portable internet system, and method thereof
KR101308023B1 (en) 2011-10-27 2013-09-26 국방과학연구소 Broadcast encryption method for securing recipient privacy
JP5875441B2 (en) 2012-03-29 2016-03-02 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation Apparatus and method for encrypting data
CN112152909B (en) 2015-02-16 2022-11-01 钉钉控股(开曼)有限公司 User message reminding method
CN106034068A (en) 2015-03-20 2016-10-19 阿里巴巴集团控股有限公司 Method and device for private chat in group chat, client-side, server and system
CN105610695B (en) 2015-12-21 2021-01-12 阿里巴巴集团控股有限公司 Object allocation method and device
CN105681056B (en) 2016-01-13 2019-03-19 阿里巴巴集团控股有限公司 Object distribution method and device
CN105812237B (en) 2016-03-07 2020-12-04 钉钉控股(开曼)有限公司 Method and device for quickly adding reminding object
CN107306286B (en) 2016-04-21 2020-12-04 钉钉控股(开曼)有限公司 Processing method and device for offline attendance
CN107305459A (en) 2016-04-25 2017-10-31 阿里巴巴集团控股有限公司 The sending method and device of voice and Multimedia Message
CN107368995A (en) 2016-05-13 2017-11-21 阿里巴巴集团控股有限公司 Task processing method and device
CN107800609B (en) * 2016-09-05 2021-06-01 阿里巴巴集团控股有限公司 Communication method and device
CN107846345A (en) 2016-09-18 2018-03-27 阿里巴巴集团控股有限公司 The means of communication and device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4803725A (en) * 1985-03-11 1989-02-07 General Instrument Corp. Cryptographic system using interchangeable key blocks and selectable key fragments
US5016277A (en) * 1988-12-09 1991-05-14 The Exchange System Limited Partnership Encryption key entry method in a microcomputer-based encryption system
US4926478A (en) * 1988-12-30 1990-05-15 Gruenberg Elliot Method and apparatus for continuously acknowledged link encrypting
US5117458A (en) * 1989-11-01 1992-05-26 Hitachi, Ltd. Secret information service system and method
GB9003326D0 (en) * 1990-02-14 1990-04-11 Enfranchise Sixty Ltd Apparatus and method for data communication
US5144664A (en) * 1990-11-16 1992-09-01 General Instrument Corporation Apparatus and method for upgrading terminals to maintain a secure communication network
GB9213169D0 (en) * 1992-06-22 1992-08-05 Ncr Int Inc Cryptographic key management apparatus and method
IL106796A (en) * 1993-08-25 1997-11-20 Algorithmic Res Ltd Broadcast encryption

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8218769B2 (en) 2006-02-28 2012-07-10 Hitachi, Ltd. Encrypted communication system, communication status management server, encrypted communication method, and communication status management method
CN110419196A (en) * 2017-03-17 2019-11-05 牛津大学创新有限公司 Security data exchange
CN110419196B (en) * 2017-03-17 2023-11-03 牛津大学创新有限公司 secure data exchange
CN117240620A (en) * 2023-11-13 2023-12-15 杭州金智塔科技有限公司 Privacy set union system and method
CN117240620B (en) * 2023-11-13 2024-02-06 杭州金智塔科技有限公司 Privacy set union system and method
CN117473539A (en) * 2023-12-28 2024-01-30 深圳市乐凡信息科技有限公司 Data encryption method, data decryption method, terminal device, and readable storage medium
CN117473539B (en) * 2023-12-28 2024-04-26 深圳市乐凡信息科技有限公司 Data encryption method, data decryption method, terminal device, and readable storage medium

Also Published As

Publication number Publication date
AU750042B2 (en) 2002-07-11
JP2002510164A (en) 2002-04-02
EP1050132A1 (en) 2000-11-08
NO20003651D0 (en) 2000-07-17
EP1050132A4 (en) 2005-05-18
BR9907094A (en) 2000-10-24
CA2318452A1 (en) 1999-07-22
AU2758699A (en) 1999-08-02
WO1999037052A1 (en) 1999-07-22
NO20003651L (en) 2000-09-18

Similar Documents

Publication Publication Date Title
CN1292185A (en) Method and apparatus for conveying private message to selected members
CN1146185C (en) Protecting information in system
CN1152507C (en) Generation of cryptographic signatures using hash keys
CN1224211C (en) Sychronization of session keys
US6782475B1 (en) Method and apparatus for conveying a private message to selected members
JP4086782B2 (en) Access to broadcast content
US7688975B2 (en) Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure
EP1661355B1 (en) Method and device for securing content delivery over a communication network via content keys
NO953143D0 (en) Procedure for providing mutual authentication of a user and a server on a network
JP2003501877A (en) Method and apparatus for secure distribution of public / private key pairs
CN100448289C (en) A hybrid network encrypt/decrypt scheme
CN1273490A (en) Cipher method and device for limitting inserting transfered program content
CN112187798B (en) Bidirectional access control method and system applied to cloud-side data sharing
Xu et al. Multi-authority proxy re-encryption based on CPABE for cloud storage systems
CN113239403A (en) Data sharing method and device
CN110012312A (en) The access control method based on key management suitable for pay television system
CN101409618B (en) Method for encrypting and deciphering multi-reader document
CN114205090B (en) Safe file sharing method and system based on cryptographic algorithm
CN115051797A (en) Distributed key escrow system with password
CN1668101A (en) A conditional reception system merging Internet and cable television network environments
CN112822016B (en) Method for data authorization on block chain and block chain network
CN1355654A (en) Encryption system for cable TV network
JPH11187008A (en) Delivering method for cryptographic key
JP2001285278A (en) Encryption communication method and encryption communication system
CN1248837A (en) Personal key encryption method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20010418