WO2001003365A1 - Distributed group key management scheme for secure many-to-many communication - Google Patents
Distributed group key management scheme for secure many-to-many communication Download PDFInfo
- Publication number
- WO2001003365A1 WO2001003365A1 PCT/US2000/018583 US0018583W WO0103365A1 WO 2001003365 A1 WO2001003365 A1 WO 2001003365A1 US 0018583 W US0018583 W US 0018583W WO 0103365 A1 WO0103365 A1 WO 0103365A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- key
- group
- node
- blinded
- internal node
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
- H04L63/064—Hierarchical key distribution, e.g. by multi-tier trusted parties
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
- H04L9/0836—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/04—Masking or blinding
- H04L2209/046—Masking or blinding of operations, operands or results of the operations
Definitions
- Multicasting is a scalable solution to group communication; many-to-many secure multicasting protocols must also be scalable.
- Group access control, secret key distribution and dynamic group management are three major components of a secure group communication protocol.
- Most of the existing one-to-many secure multicast protocols use a centralized entity, the group manager to enforce access control and distribute secret keys.
- the group manager When the multicast group membership is dynamic, the group manager must also maintain perfect forward secrecy. This is to guarantee that members cannot decrypt secret data sent before they join the group and the data sent after they left.
- the group manager changes the appropriate secret keys when a member joins or leaves, and distributes them to the corresponding members.
- the rekeying process must be scalable; the key distribution overhead should be independent of the size of the multicast group.
- GSC group security controller
- the present invention presents a group key management system and method for providing secure many-to-many communication.
- the system employs a binary distribution tree structure.
- the binary tree includes a first internal node having a first branch and a second branch depending therefrom.
- Each of the branches includes a first member assigned to a corresponding leaf node.
- the first member has a unique binary ID that is associated with the corresponding leaf node to which the first member is assigned.
- a first secret key of the first member is operable for encrypting data to be sent to other members.
- the first member is associated with a key association group that is comprised of other members.
- the other members have blinded keys.
- a blinded key derived from the first secret key of the first member is transmitted to the key association group.
- the first member uses the blinded keys received from the key association group and the first secret key to calculate an unblinded key of the first internal node.
- the unblinded key is used for encrypting data that is communicated between members located on branches depending from the first internal node.
- Fig. 2 is a diagram of a key distribution tree arranged in accordance with the principles of the present embodiment of the invention.
- Fig. 4 is a diagram of a member leaving a communication system arranged in accordance with the principles of the present embodiment of the invention.
- Fig. 5 is a sequence diagram showing a procedure for determining the members of a key association group
- Fig. 6 is a sequence diagram showing a procedure for encrypting data
- Fig. 7 is a sequence diagram showing a procedure for joining the communication system
- Fig. 8 is a sequence diagram showing a procedure for leaving the communication system.
- the present embodiment of the invention is a communication system 20 employing a distributed tree-based key management scheme (DTKM) for secure many-to-many group communication.
- DTKM distributed tree-based key management scheme
- the system 20 is scalable and members 22 are trusted equally.
- the system 20 delegates group control responsibilities and key distribution tasks evenly to the members.
- Each member 22 generates a unique secret key 28 for itself and each internal node key is computed as a function of the secret keys of its two children. All secret keys 28 are associated with their blinded versions 30, which are computed using a one-way function 32. Each member 22 holds all the unblinded keys of nodes that are in its path to the root and the blinded keys of nodes that are siblings of the nodes in its path to the root. The contribution of the unique secret key toward the computation of the root key gives each member 22 partial control over the group.
- a join/leave requires only the keys in the path to the root from the joining/departing host to be changed. Thus, each membership change necessitates only O(log n) messages where n is the number of members in the group.
- the protocol is scalable.
- Each member generates a unique secret key 28 which is the member's contribution towards the generation of the internal node keys including the root key.
- Internal nodes are associated with secret keys and these keys are computed as a function of their children's keys.
- the root key is computed similarly and is used for data encryption. For each secret key, k, there is a blinded key, k', and an unblinded key. The blinded key is computed by applying a given one-way function to the secret key.
- Each node is assigned a binary ID 24 and is responsible for generating a secret key 28.
- the member 22 associated with the node also computes the blinded version 30 of its key 28 and shares it with its immediate neighbor in the key distribution tree 26.
- Table I provides psuedocode of a Find-Neighbor algorithm that takes a binary ID of node A and returns the binary ID of A' s neighbor.
- X is a binary ID, where b, for 1 ⁇ i ⁇ _h, is a binary digit begin
- leaf_node(X) returns true if X is a leaf node of the key distribution tree; false otherwise.
- the key association module 33 applied to H(1110) 40 is illustrated.
- a binary ED 24 corresponding to a node is loaded.
- the bit positions are then complemented, step 62.
- step 64 if the node is a leaf node, the blinded keys corresponding to the members of the key association group are obtained, step 70. Otherwise if the node is not a leaf node, then at step 66, whether the node is an internal node is determined.
- C 50 generates the key k 0 ⁇ 0 and sends its blinded version k'oio (computed using the given one-way function 32, steps 74 and 76) to D(011) 48. Similarly, D 48 sends k'on to C 50. Both C and D can then individually compute koi by
- Each member, X 22 also maintains a neighbor-of set, N x , which consists of all members for which X is the neighbor.
- N H consists of both G 44 and / 42.
- Each member 22 monitors the members in its neighbor-of set and initiates ID update and key-update processes when a neighbor leaves.
- the elements of neighbor- of sets may change during joins or leaves and the join and leave protocols provide information to members to update these sets as well.
- all members 22 recognize the group membership change.
- Each member 22 is responsible for updating its neighbor-of set using the joining or leaving host's ID 24.
- Undesirable alternative approaches require one or more entities to keep a snap shot of the key distribution tree 26. For example, to keep track of all members 22 of the group and their positions in the key tree 26, either member status report messages are broadcast to the whole group or a centralized entity that keeps track of all joins and leaves. The first alternative creates excessive network traffic and the second has a single point of failure.
- J 56 is a new member which joins at C 50, step 86.
- C splits its ID 010 (shown in Figure 3), keeps 0100 for itself and assigns 0101 to J 56, step 88.
- C 50a also changes its secret key 28 and sends the blinded version of its new key to J 56.
- J 56 generates a secret key 28 of its own and transmits the blinded version to C 50a, steps 90, 92, and 94.
- all keys corresponding to the internal nodes in the path to the root 54 from J 56 change due to the join.
- J 56 needs all the unblinded keys of the nodes shown in black and the blinded keys of the nodes show in gray, in Figure 3. Notice that none of the blinded keys known to C 50a have changed and thus it can compute all the new keys corresponding
- step 102 G 44 multicasts k'o encrypted with ki, to be decrypted by E 60, F 46, G 44, H 40, and I 42 only. After the above key exchanges all authorized members will have the keys they need to compute the new root key. In all, there will be O(log n) unicast messages and O(log n) subgroup multicast messages during a join. Note that the multicast messages will be limited to a TTL-scoped or administratively scoped region, since they only need to be sent to selected subgroups within the multicast group.
- Join() module 62 It takes the new member and an existing member's ID 24 as arguments. In the module, k' indicates the
- send_key_from_to (key, X, Y) indicates that X sends "key” to Y.
- scoped_secure_multicast (keyl, X, key2) indicates that X encrypts keyl with key2, and locally multicasts it.
- ⁇ C, J and D can decrypt k Oio
- ⁇ A, B, C, J and D can decrypt k Oi and
- J 56 and D 48 can now compute koi. J 56 then sends k'oi, to A 52, which is responsible
- • compute_intemal_node_keys (Y) indicates that Y locally computes all internal node keys and their blinded counterparts.
- All members in the multicast group can compute the root key with the given keys.
- a member with data to send encrypts the data with the root key and sends it via traditional multicast channels (e.g.: MBONE).
- Other members can decrypt the data without any further key exchanges.
- the protocol also allows secure subgroup communication.
- a sender may send secret data to a subgroup of members by encrypting the key it shares with the subgroup.
- Neighbors may notice network partitions by following a repeated discovery process. For example, when a members neighbor does not send a heartbeat message, the corresponding member 22 may assume that the neighbor is not available or the member may initiate a discovery process to see whether others in the subgroup are available. Subgroup multicast addresses may be used for this discovery process.
- Each subgroup of receivers has at least one sender as a member 22b as shown in Figure 9.
- some senders belong to two subgroups, the group of the senders and one of the groups of the receivers.
- the sender 22b that is part of a receivers' subgroup is responsible for group control of that subgroup. Note that group management overhead however is distributed among all the members of the receivers' subgroup, following the principles of the invention.
- a few-to-many group may form in a number of different ways.
- the senders first form the senders subgroup 124. Some of the senders may then begin to accept requests for membership from the receivers and form receivers' subgroups 126.
- Our protocol also allows for limited data transmission by some of the receivers.
- a receiver wants to send data, it contacts the sender that controls the subgroup it belongs to. If the sender approves the data transmission by the receiver, it forwards it to all the members of the few-to-many group 122.
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP00947097A EP1192751B1 (en) | 1999-07-06 | 2000-07-06 | Distributed group key management scheme for secure many-to-many communication |
JP2001508107A JP2003503950A (en) | 1999-07-06 | 2000-07-06 | Distributed group key management scheme for secure many-to-many communication |
DE60028972T DE60028972T2 (en) | 1999-07-06 | 2000-07-06 | METHOD OF DISTRIBUTING GROUP KEY MANAGEMENT FOR SAFE MORE TO MULTIPORT COMMUNICATION |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14249099P | 1999-07-06 | 1999-07-06 | |
US60/142,490 | 1999-07-06 | ||
US09/439,426 | 1999-11-11 | ||
US09/439,426 US6240188B1 (en) | 1999-07-06 | 1999-11-11 | Distributed group key management scheme for secure many-to-many communication |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001003365A1 true WO2001003365A1 (en) | 2001-01-11 |
WO2001003365A8 WO2001003365A8 (en) | 2001-07-12 |
Family
ID=26840140
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2000/018583 WO2001003365A1 (en) | 1999-07-06 | 2000-07-06 | Distributed group key management scheme for secure many-to-many communication |
Country Status (7)
Country | Link |
---|---|
US (1) | US6240188B1 (en) |
EP (1) | EP1192751B1 (en) |
JP (1) | JP2003503950A (en) |
KR (1) | KR100495540B1 (en) |
CN (1) | CN1160898C (en) |
DE (1) | DE60028972T2 (en) |
WO (1) | WO2001003365A1 (en) |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001078298A1 (en) * | 2000-04-06 | 2001-10-18 | Sony Corporation | Information processing system and method |
WO2001078299A1 (en) * | 2000-04-06 | 2001-10-18 | Sony Corporation | Information processing system and method |
EP1185022A1 (en) * | 2000-04-06 | 2002-03-06 | Sony Corporation | Information recording/reproducing apparatus and method |
WO2002052781A1 (en) * | 2000-12-26 | 2002-07-04 | Sony Corporation | Information processing system and method |
WO2002052780A1 (en) * | 2000-12-26 | 2002-07-04 | Sony Corporation | Information processing system and method |
WO2002052779A1 (en) * | 2000-12-26 | 2002-07-04 | Sony Corporation | Information processing system and method |
GB2394629A (en) * | 1999-07-15 | 2004-04-28 | Nds Ltd | Key management for content protection |
US6880081B1 (en) | 1999-07-15 | 2005-04-12 | Nds Ltd. | Key management for content protection |
EP1575210A1 (en) * | 2004-03-10 | 2005-09-14 | Sun Microsystems, Inc. | Method and apparatus for hybrid group key management |
US7188242B2 (en) | 1999-07-15 | 2007-03-06 | Nds Ltd. | Key management for content protection |
US7340603B2 (en) * | 2002-01-30 | 2008-03-04 | Sony Corporation | Efficient revocation of receivers |
US7362870B2 (en) | 2001-04-19 | 2008-04-22 | Sony Corporation | Method and apparatus for recording/playing back information |
US7505599B2 (en) | 2000-04-06 | 2009-03-17 | Sony Corporation | Information processing system and method for managing encrypted data with tag information |
US7599497B2 (en) | 2002-03-27 | 2009-10-06 | British Telecommunications Public Limited Company | Key management protocol |
WO2011041933A1 (en) * | 2009-10-10 | 2011-04-14 | 西安西电捷通无线网络通信股份有限公司 | Method for key pre-distribution and key establishment in a sensor network |
WO2012052079A1 (en) * | 2010-10-22 | 2012-04-26 | Telefonica, S.A. | A method and a system for asynchronous and unreported cryptographic secret symmetric keys cogeneration in spatially distant locations through a distributed system |
KR101362529B1 (en) | 2007-03-27 | 2014-02-14 | 재단법인서울대학교산학협력재단 | Method and system for distributing and redistributing secret |
Families Citing this family (159)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6901509B1 (en) | 1996-05-14 | 2005-05-31 | Tumbleweed Communications Corp. | Apparatus and method for demonstrating and confirming the status of a digital certificates and other data |
US5903651A (en) * | 1996-05-14 | 1999-05-11 | Valicert, Inc. | Apparatus and method for demonstrating and confirming the status of a digital certificates and other data |
US7953671B2 (en) * | 1999-08-31 | 2011-05-31 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
US7343351B1 (en) | 1999-08-31 | 2008-03-11 | American Express Travel Related Services Company, Inc. | Methods and apparatus for conducting electronic transactions |
US6289455B1 (en) * | 1999-09-02 | 2001-09-11 | Crypotography Research, Inc. | Method and apparatus for preventing piracy of digital content |
US7103185B1 (en) * | 1999-12-22 | 2006-09-05 | Cisco Technology, Inc. | Method and apparatus for distributing and updating private keys of multicast group managers using directory replication |
US7181014B1 (en) | 1999-09-10 | 2007-02-20 | Cisco Technology, Inc. | Processing method for key exchange among broadcast or multicast groups that provides a more efficient substitute for Diffie-Hellman key exchange |
US6987855B1 (en) | 1999-09-10 | 2006-01-17 | Cisco Technology, Inc. | Operational optimization of a shared secret Diffie-Hellman key exchange among broadcast or multicast groups |
US7013389B1 (en) | 1999-09-29 | 2006-03-14 | Cisco Technology, Inc. | Method and apparatus for creating a secure communication channel among multiple event service nodes |
US7434046B1 (en) * | 1999-09-10 | 2008-10-07 | Cisco Technology, Inc. | Method and apparatus providing secure multicast group communication |
US6684331B1 (en) | 1999-12-22 | 2004-01-27 | Cisco Technology, Inc. | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure |
US7260716B1 (en) | 1999-09-29 | 2007-08-21 | Cisco Technology, Inc. | Method for overcoming the single point of failure of the central group controller in a binary tree group key exchange approach |
US7391865B2 (en) * | 1999-09-20 | 2008-06-24 | Security First Corporation | Secure data parser method and system |
US7089211B1 (en) * | 2000-01-12 | 2006-08-08 | Cisco Technology, Inc. | Directory enabled secure multicast group communications |
US6738900B1 (en) * | 2000-01-28 | 2004-05-18 | Nortel Networks Limited | Method and apparatus for distributing public key certificates |
JP2001358707A (en) * | 2000-06-15 | 2001-12-26 | Sony Corp | Information processing system and method using cryptographic key block and program providing medium |
CN100490369C (en) * | 2000-06-15 | 2009-05-20 | 索尼公司 | System and mehtod for processing information using encryption key block |
US20020013823A1 (en) * | 2000-06-16 | 2002-01-31 | Eubanks Thomas Marshall | Multicast peering in multicast points of presence (MULTIPOPs) network - neutral multicast internet exchange |
KR100763693B1 (en) * | 2000-06-21 | 2007-10-04 | 소니 가부시끼 가이샤 | Information processing device and processing method |
US7162199B1 (en) * | 2000-06-23 | 2007-01-09 | Lockheed Martin Corporation | Method for real-time team coordination with unrealiable communications between team members |
US6941457B1 (en) * | 2000-06-30 | 2005-09-06 | Cisco Technology, Inc. | Establishing a new shared secret key over a broadcast channel for a multicast group based on an old shared secret key |
JP4608749B2 (en) * | 2000-07-24 | 2011-01-12 | ソニー株式会社 | Data processing apparatus, data processing method, license system, and program providing medium |
US8370507B1 (en) * | 2000-09-13 | 2013-02-05 | Rockstar Bidco Lp | System, device, and method for receiver access control in an internet television |
JP2004512734A (en) * | 2000-10-18 | 2004-04-22 | コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ | Generating a common encryption key |
US20020076204A1 (en) * | 2000-12-18 | 2002-06-20 | Toshihisa Nakano | Key management device/method/program, recording medium, reproducing device/method, recording device, and computer-readable, second recording medium storing the key management program for copyright protection |
AU1547402A (en) * | 2001-02-09 | 2002-08-15 | Sony Corporation | Information processing method/apparatus and program |
US20020150097A1 (en) * | 2001-02-21 | 2002-10-17 | Wei Yen | Method and apparatus for secured multicasting |
US20030159033A1 (en) * | 2001-03-29 | 2003-08-21 | Ryuji Ishiguro | Information processing apparatus |
US7590247B1 (en) * | 2001-04-18 | 2009-09-15 | Mcafee, Inc. | System and method for reusable efficient key distribution |
US7043024B1 (en) * | 2001-04-18 | 2006-05-09 | Mcafee, Inc. | System and method for key distribution in a hierarchical tree |
US7096356B1 (en) * | 2001-06-27 | 2006-08-22 | Cisco Technology, Inc. | Method and apparatus for negotiating Diffie-Hellman keys among multiple parties using a distributed recursion approach |
US7463739B2 (en) * | 2001-08-02 | 2008-12-09 | Safenet, Inc. | Method and system providing improved security for the transfer of root keys |
US7664840B2 (en) * | 2001-09-13 | 2010-02-16 | Network Foundation Technologies, Llc | Systems for distributing data over a computer network and methods for arranging nodes for distribution of data over a computer network |
JP3864247B2 (en) * | 2001-10-19 | 2006-12-27 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Network system, terminal device, information distribution method and decoding method |
US7334125B1 (en) | 2001-11-27 | 2008-02-19 | Cisco Technology, Inc. | Facilitating secure communications among multicast nodes in a telecommunications network |
US7681034B1 (en) | 2001-12-12 | 2010-03-16 | Chang-Ping Lee | Method and apparatus for securing electronic data |
US7921284B1 (en) | 2001-12-12 | 2011-04-05 | Gary Mark Kinghorn | Method and system for protecting electronic data in enterprise environment |
US7478418B2 (en) * | 2001-12-12 | 2009-01-13 | Guardian Data Storage, Llc | Guaranteed delivery of changes to security policies in a distributed system |
US7930756B1 (en) | 2001-12-12 | 2011-04-19 | Crocker Steven Toye | Multi-level cryptographic transformations for securing digital assets |
US7565683B1 (en) | 2001-12-12 | 2009-07-21 | Weiqing Huang | Method and system for implementing changes to security policies in a distributed security system |
US8065713B1 (en) | 2001-12-12 | 2011-11-22 | Klimenty Vainstein | System and method for providing multi-location access management to secured items |
US7380120B1 (en) | 2001-12-12 | 2008-05-27 | Guardian Data Storage, Llc | Secured data format for access control |
US7260555B2 (en) | 2001-12-12 | 2007-08-21 | Guardian Data Storage, Llc | Method and architecture for providing pervasive security to digital assets |
US10360545B2 (en) | 2001-12-12 | 2019-07-23 | Guardian Data Storage, Llc | Method and apparatus for accessing secured electronic data off-line |
US7783765B2 (en) * | 2001-12-12 | 2010-08-24 | Hildebrand Hal S | System and method for providing distributed access control to secured documents |
US10033700B2 (en) | 2001-12-12 | 2018-07-24 | Intellectual Ventures I Llc | Dynamic evaluation of access rights |
US7178033B1 (en) | 2001-12-12 | 2007-02-13 | Pss Systems, Inc. | Method and apparatus for securing digital assets |
US7921288B1 (en) | 2001-12-12 | 2011-04-05 | Hildebrand Hal S | System and method for providing different levels of key security for controlling access to secured items |
US7921450B1 (en) | 2001-12-12 | 2011-04-05 | Klimenty Vainstein | Security system using indirect key generation from access rules and methods therefor |
USRE41546E1 (en) | 2001-12-12 | 2010-08-17 | Klimenty Vainstein | Method and system for managing security tiers |
US8006280B1 (en) | 2001-12-12 | 2011-08-23 | Hildebrand Hal S | Security system for generating keys from access rules in a decentralized manner and methods therefor |
US7950066B1 (en) | 2001-12-21 | 2011-05-24 | Guardian Data Storage, Llc | Method and system for restricting use of a clipboard application |
US8176334B2 (en) | 2002-09-30 | 2012-05-08 | Guardian Data Storage, Llc | Document security system that permits external users to gain access to secured files |
US7673136B2 (en) * | 2002-02-26 | 2010-03-02 | Stewart Ian A | Method for secure multicast repeating on the public Internet |
US7092527B2 (en) * | 2002-04-18 | 2006-08-15 | International Business Machines Corporation | Method, system and program product for managing a size of a key management block during content distribution |
US8613102B2 (en) | 2004-03-30 | 2013-12-17 | Intellectual Ventures I Llc | Method and system for providing document retention using cryptography |
US7140040B2 (en) * | 2002-04-25 | 2006-11-21 | International Business Machines Corporation | Protecting wireless local area networks from intrusion by eavesdropping on the eavesdroppers and dynamically reconfiguring encryption upon detection of intrusion |
TWI246298B (en) * | 2002-04-30 | 2005-12-21 | Ibm | Cryptographic communication system, key distribution server and terminal device constituting the system, and method for sharing key |
US7400732B2 (en) * | 2002-07-25 | 2008-07-15 | Xerox Corporation | Systems and methods for non-interactive session key distribution with revocation |
US7512810B1 (en) | 2002-09-11 | 2009-03-31 | Guardian Data Storage Llc | Method and system for protecting encrypted files transmitted over a network |
US7486795B2 (en) * | 2002-09-20 | 2009-02-03 | University Of Maryland | Method and apparatus for key management in distributed sensor networks |
US7836310B1 (en) | 2002-11-01 | 2010-11-16 | Yevgeniy Gutnik | Security system that uses indirect password-based encryption |
US7346771B2 (en) * | 2002-11-13 | 2008-03-18 | Nokia Corporation | Key distribution across networks |
US7890990B1 (en) | 2002-12-20 | 2011-02-15 | Klimenty Vainstein | Security system with staging capabilities |
MXPA05007498A (en) * | 2003-01-15 | 2005-09-21 | Matsushita Electric Ind Co Ltd | Content protection system, key data generation apparatus, and terminal appparatus. |
US7062048B2 (en) | 2003-01-27 | 2006-06-13 | Wegener Communications, Inc. | Apparatus and method for single encryption with multiple authorization of distributed content data |
US8707034B1 (en) | 2003-05-30 | 2014-04-22 | Intellectual Ventures I Llc | Method and system for using remote headers to secure electronic files |
US7532622B2 (en) * | 2003-06-16 | 2009-05-12 | National University Of Singapore | Methods, devices and software for merging multicast groups in a packet switched network |
US7206411B2 (en) | 2003-06-25 | 2007-04-17 | Wegener Communications, Inc. | Rapid decryption of data by key synchronization and indexing |
RU2315438C2 (en) * | 2003-07-16 | 2008-01-20 | Скайп Лимитед | Peer phone system |
US7197508B1 (en) * | 2003-07-25 | 2007-03-27 | Brown Iii Frederick R | System and method for obtaining, evaluating, and reporting market information |
US20050031119A1 (en) * | 2003-08-04 | 2005-02-10 | Yuying Ding | Method and communications device for secure group communication |
US20050036623A1 (en) * | 2003-08-15 | 2005-02-17 | Ming-Jye Sheu | Methods and apparatus for distribution of global encryption key in a wireless transport network |
CN100344183C (en) * | 2003-09-19 | 2007-10-17 | 华为技术有限公司 | Group system group key managing method |
CN100359968C (en) * | 2003-09-19 | 2008-01-02 | 华为技术有限公司 | Method for changing group key in group system |
US7703140B2 (en) | 2003-09-30 | 2010-04-20 | Guardian Data Storage, Llc | Method and system for securing digital assets using process-driven security policies |
US8127366B2 (en) | 2003-09-30 | 2012-02-28 | Guardian Data Storage, Llc | Method and apparatus for transitioning between states of security policies used to secure electronic documents |
US20050100166A1 (en) * | 2003-11-10 | 2005-05-12 | Parc Inc. | Systems and methods for authenticating communications in a network medium |
KR101044937B1 (en) | 2003-12-01 | 2011-06-28 | 삼성전자주식회사 | Home network system and method thereof |
US8209537B2 (en) * | 2004-03-30 | 2012-06-26 | Hewlett-Packard Development Company, L.P. | Secure information distribution between nodes (network devices) |
JP4606055B2 (en) * | 2004-04-21 | 2011-01-05 | 株式会社バッファロー | Encryption key setting system, access point, and encryption key setting method |
US8249258B2 (en) * | 2004-06-07 | 2012-08-21 | National Institute Of Information And Communications Technology | Communication method and communication system using decentralized key management scheme |
KR100968181B1 (en) * | 2004-06-24 | 2010-07-07 | 인터내셔널 비지네스 머신즈 코포레이션 | Access control over multicast |
US7707427B1 (en) | 2004-07-19 | 2010-04-27 | Michael Frederick Kenrich | Multi-level file digests |
KR100657273B1 (en) * | 2004-08-05 | 2006-12-14 | 삼성전자주식회사 | Rekeying Method in secure Group in case of user-join and Communicating System using the same |
US8594323B2 (en) * | 2004-09-21 | 2013-11-26 | Rockstar Consortium Us Lp | Method and apparatus for generating large numbers of encryption keys |
EP1825412A1 (en) | 2004-10-25 | 2007-08-29 | Rick L. Orsini | Secure data parser method and system |
US7434047B2 (en) * | 2004-12-30 | 2008-10-07 | Nokia, Inc. | System, method and computer program product for detecting a rogue member in a multicast group |
CN101107806B (en) * | 2005-01-21 | 2010-09-29 | 三菱电机株式会社 | Key storage device, key storage method, and program |
US7813510B2 (en) * | 2005-02-28 | 2010-10-12 | Motorola, Inc | Key management for group communications |
US7474618B2 (en) * | 2005-03-02 | 2009-01-06 | Objective Interface Systems, Inc. | Partitioning communication system |
KR100717005B1 (en) * | 2005-04-06 | 2007-05-10 | 삼성전자주식회사 | Method and apparatus for determining revocation key, and method and apparatus for decrypting thereby |
KR100629495B1 (en) * | 2005-07-23 | 2006-09-28 | 삼성전자주식회사 | Method for generating group key |
ATE492956T1 (en) * | 2005-09-06 | 2011-01-15 | Nero Ag | METHOD AND DEVICE FOR DETERMINING A COMMUNICATION KEY BETWEEN A FIRST COMMUNICATION PARTNER AND A SECOND COMMUNICATION PARTNER USING A THIRD PARTY |
JP5014608B2 (en) * | 2005-09-30 | 2012-08-29 | 富士通株式会社 | Group communication method, utilization device and management device |
FR2895177B1 (en) * | 2005-12-20 | 2008-06-13 | Eads Telecom Soc Par Actions S | SHARING A SECRET ELEMENT |
CN101043334B (en) * | 2005-12-23 | 2011-09-07 | 国际商业机器公司 | Method and device of encryption and data certification and decryption and data authenticity validating |
CN100438614C (en) * | 2006-02-16 | 2008-11-26 | 清华大学深圳研究生院 | Method for realizing distributing asymmetric video conference safety system |
KR100746037B1 (en) * | 2006-02-28 | 2007-08-06 | 삼성전자주식회사 | Method and apparatus for configuring key of groups included in domain |
FR2899748B1 (en) * | 2006-04-07 | 2008-11-28 | Thales Sa | EFFICIENT HYBRID DIFFUSION SCHEME, ADAPTED TO LOW BANDWIDTH |
US8189791B2 (en) * | 2006-06-22 | 2012-05-29 | Koninklijke Philips Electronics N.V. | Hierarchical deterministic pairwise key predistribution scheme |
US8086850B2 (en) * | 2006-06-23 | 2011-12-27 | Honeywell International Inc. | Secure group communication among wireless devices with distributed trust |
KR101285597B1 (en) * | 2006-06-29 | 2013-07-15 | 삼성전자주식회사 | Method of updating group key and group key update device using the same |
KR101223499B1 (en) * | 2006-09-27 | 2013-01-18 | 삼성전자주식회사 | Method of updating group key and group key update device using the same |
US7860244B2 (en) * | 2006-12-18 | 2010-12-28 | Sap Ag | Secure computation of private values |
US8059819B2 (en) * | 2007-01-17 | 2011-11-15 | Panasonic Electric Works Co., Ltd. | Systems and methods for distributing updates for a key at a maximum rekey rate |
US7840810B2 (en) * | 2007-01-18 | 2010-11-23 | Panasonic Electric Works Co., Ltd. | Systems and methods for rejoining a second group of nodes with a first group of nodes using a shared group key |
US8588420B2 (en) * | 2007-01-18 | 2013-11-19 | Panasonic Corporation | Systems and methods for determining a time delay for sending a key update request |
JP2008236377A (en) * | 2007-03-20 | 2008-10-02 | Sony Corp | Key providing system, device, and method, terminal device, and key generating method |
WO2009008069A1 (en) * | 2007-07-11 | 2009-01-15 | Kabushiki Kaisha Toshiba | Group signature system, device, and program |
KR100938262B1 (en) | 2007-07-18 | 2010-01-22 | 한국전자통신연구원 | Method for predistributing secret key |
CN102932136B (en) | 2007-09-14 | 2017-05-17 | 安全第一公司 | Systems and methods for managing cryptographic keys |
FR2921530A1 (en) * | 2007-09-20 | 2009-03-27 | France Telecom | Cryptographic key generating method for company, involves generating cryptographic key associated with subgroup using public information associated with parent subgroup when determined number is greater than or equal to two |
CN103281190B (en) * | 2008-02-22 | 2018-03-09 | 安全第一公司 | Systems and methods for secure workgroup management and communication |
AU2014201692B2 (en) * | 2008-02-22 | 2016-05-26 | Security First Corp. | Systems and Methods for Secure Workgroup Management and Communication |
JP4764447B2 (en) * | 2008-03-19 | 2011-09-07 | 株式会社東芝 | Group signature system, apparatus and program |
US20090257593A1 (en) * | 2008-04-10 | 2009-10-15 | Comverse Ltd. | Method and apparatus for secure messaging |
US20100050204A1 (en) * | 2008-08-22 | 2010-02-25 | King-Hang Wang | User group assignment method for key management |
JP5637990B2 (en) * | 2008-09-17 | 2014-12-10 | コーニンクレッカ フィリップス エヌ ヴェ | Method, communication apparatus and system for communicating in network |
WO2010041164A2 (en) * | 2008-10-06 | 2010-04-15 | Philips Intellectual Property & Standards Gmbh | A method for operating a network, a system management device, a network and a computer program therefor |
CN101488849B (en) * | 2009-02-18 | 2010-12-01 | 华南理工大学 | Group key management method base spherical surface in N dimension |
US8325924B2 (en) * | 2009-02-19 | 2012-12-04 | Microsoft Corporation | Managing group keys |
US8983066B2 (en) * | 2009-02-27 | 2015-03-17 | Cisco Technology, Inc. | Private pairwise key management for groups |
US8254978B2 (en) * | 2009-04-02 | 2012-08-28 | Qualcomm Incorporated | Methods and systems for fast power control(FPC) message broadcasting in WiMAX systems |
CN101562519B (en) * | 2009-05-27 | 2011-11-30 | 广州杰赛科技股份有限公司 | Digital certificate management method of user packet communication network and user terminal for accessing into user packet communication network |
US8254580B2 (en) * | 2009-09-30 | 2012-08-28 | Telefonaktiebolaget L M Ericsson (Publ) | Key distribution in a hierarchy of nodes |
KR101099851B1 (en) | 2010-03-03 | 2011-12-28 | 서울대학교산학협력단 | System and method for batch rekeying |
JP2013524352A (en) | 2010-03-31 | 2013-06-17 | セキュリティー ファースト コーポレイション | System and method for securing data in motion |
US8824492B2 (en) | 2010-05-28 | 2014-09-02 | Drc Computer Corporation | Accelerator system for remote data storage |
EP2619939A2 (en) | 2010-09-20 | 2013-07-31 | Rick L. Orsini | Systems and methods for secure data sharing |
US9369448B2 (en) * | 2011-06-01 | 2016-06-14 | Broadcom Corporation | Network security parameter generation and distribution |
US9185191B2 (en) | 2011-06-16 | 2015-11-10 | Mediatek Inc. | Unified network architecture based on medium access control abstraction sub-layer |
WO2013020172A1 (en) * | 2011-08-08 | 2013-02-14 | Mikoh Corporation | Radio frequency identification technology incorporating cryptographics |
US9197700B2 (en) | 2013-01-18 | 2015-11-24 | Apple Inc. | Keychain syncing |
US20150026465A1 (en) * | 2013-07-18 | 2015-01-22 | Alcatel Lucent | Methods And Devices For Protecting Private Data |
US9544230B2 (en) | 2013-09-17 | 2017-01-10 | Cisco Technology, Inc. | Migration support for bit indexed explicit replication |
US10225090B2 (en) | 2013-09-17 | 2019-03-05 | Cisco Technology, Inc. | Bit indexed explicit replication using multiprotocol label switching |
US9438432B2 (en) | 2013-09-17 | 2016-09-06 | Cisco Technology, Inc. | Bit indexed explicit replication packet encapsulation |
US10461946B2 (en) * | 2013-09-17 | 2019-10-29 | Cisco Technology, Inc. | Overlay signaling for bit indexed explicit replication |
US10003494B2 (en) | 2013-09-17 | 2018-06-19 | Cisco Technology, Inc. | Per-prefix LFA FRR with bit indexed explicit replication |
US10218524B2 (en) | 2013-09-17 | 2019-02-26 | Cisco Technology, Inc. | Bit indexed explicit replication for layer 2 networking |
US9806897B2 (en) | 2013-09-17 | 2017-10-31 | Cisco Technology, Inc. | Bit indexed explicit replication forwarding optimization |
US11451474B2 (en) | 2013-09-17 | 2022-09-20 | Cisco Technology, Inc. | Equal cost multi-path with bit indexed explicit replication |
EP2913955A1 (en) * | 2014-02-28 | 2015-09-02 | Gemalto SA | Method to authenticate two devices to establish a secure channel |
US9906378B2 (en) | 2015-01-27 | 2018-02-27 | Cisco Technology, Inc. | Capability aware routing |
US10341221B2 (en) | 2015-02-26 | 2019-07-02 | Cisco Technology, Inc. | Traffic engineering for bit indexed explicit replication |
US10447624B2 (en) * | 2016-05-09 | 2019-10-15 | Quazi Shamim Islam | Method for streamlining communications between groups of primary and secondary users, wherein communication capabilities between primary and secondary users are based on whether the user is a primary or secondary user |
US10630743B2 (en) | 2016-09-23 | 2020-04-21 | Cisco Technology, Inc. | Unicast media replication fabric using bit indexed explicit replication |
US10637675B2 (en) | 2016-11-09 | 2020-04-28 | Cisco Technology, Inc. | Area-specific broadcasting using bit indexed explicit replication |
US10447496B2 (en) | 2017-03-30 | 2019-10-15 | Cisco Technology, Inc. | Multicast traffic steering using tree identity in bit indexed explicit replication (BIER) |
US10164794B2 (en) | 2017-04-28 | 2018-12-25 | Cisco Technology, Inc. | Bridging of non-capable subnetworks in bit indexed explicit replication |
CN108063756B (en) | 2017-11-21 | 2020-07-03 | 阿里巴巴集团控股有限公司 | Key management method, device and equipment |
US11601263B2 (en) | 2018-05-16 | 2023-03-07 | Lg Electronics Inc. | Systems and methods for efficient key management in a vehicular intranet |
US11178712B2 (en) | 2018-10-02 | 2021-11-16 | Deere & Company | Systems and methods to establish secure vehicle networks |
US11082406B2 (en) * | 2018-11-29 | 2021-08-03 | Secret Double Octopus Ltd | System and method for providing end-to-end security of data and metadata |
CN110519708B (en) * | 2019-08-27 | 2021-08-10 | 深圳成谷科技有限公司 | Point-to-multipoint communication method and device based on PC5 interface |
US11416473B2 (en) * | 2019-12-20 | 2022-08-16 | Oracle International Corporation | Using path encoding method and relational set operations for search and comparison of hierarchial structures |
KR102094705B1 (en) * | 2020-01-17 | 2020-03-30 | 주식회사 에프엔에스벨류 | A multi-node authentication method and apparatus based on block chain |
US11888824B2 (en) * | 2021-12-31 | 2024-01-30 | Huawei Technologies Co., Ltd. | Methods, apparatuses, and computer-readable storage media for secure end-to-end group messaging among devices using dynamic grouping |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5036518A (en) * | 1988-11-02 | 1991-07-30 | Tseung Lawrence C N | Guaranteed reliable broadcast network |
US5109384A (en) * | 1988-11-02 | 1992-04-28 | Tseung Lawrence C N | Guaranteed reliable broadcast network |
US5592552A (en) * | 1993-08-25 | 1997-01-07 | Algorithmic Research Ltd. | Broadcast encryption |
US5748736A (en) * | 1996-06-14 | 1998-05-05 | Mittra; Suvo | System and method for secure group communications via multicast or broadcast |
US5831975A (en) * | 1996-04-04 | 1998-11-03 | Lucent Technologies Inc. | System and method for hierarchical multicast routing in ATM networks |
US6049878A (en) * | 1998-01-20 | 2000-04-11 | Sun Microsystems, Inc. | Efficient, secure multicasting with global knowledge |
-
1999
- 1999-11-11 US US09/439,426 patent/US6240188B1/en not_active Expired - Fee Related
-
2000
- 2000-07-06 EP EP00947097A patent/EP1192751B1/en not_active Expired - Lifetime
- 2000-07-06 KR KR10-2002-7000207A patent/KR100495540B1/en not_active IP Right Cessation
- 2000-07-06 DE DE60028972T patent/DE60028972T2/en not_active Expired - Lifetime
- 2000-07-06 WO PCT/US2000/018583 patent/WO2001003365A1/en active IP Right Grant
- 2000-07-06 JP JP2001508107A patent/JP2003503950A/en active Pending
- 2000-07-06 CN CNB008102805A patent/CN1160898C/en not_active Expired - Fee Related
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5036518A (en) * | 1988-11-02 | 1991-07-30 | Tseung Lawrence C N | Guaranteed reliable broadcast network |
US5109384A (en) * | 1988-11-02 | 1992-04-28 | Tseung Lawrence C N | Guaranteed reliable broadcast network |
US5592552A (en) * | 1993-08-25 | 1997-01-07 | Algorithmic Research Ltd. | Broadcast encryption |
US5831975A (en) * | 1996-04-04 | 1998-11-03 | Lucent Technologies Inc. | System and method for hierarchical multicast routing in ATM networks |
US5748736A (en) * | 1996-06-14 | 1998-05-05 | Mittra; Suvo | System and method for secure group communications via multicast or broadcast |
US6049878A (en) * | 1998-01-20 | 2000-04-11 | Sun Microsystems, Inc. | Efficient, secure multicasting with global knowledge |
Non-Patent Citations (7)
Title |
---|
CHANG ET AL.: "Kex management for secure internet multicast using boolean function minimization techniques", pages 1 - 10, XP002931668 * |
DONDETI ET AL.: "Comparison of scalable key distribution schemes for secure group communication", IEEE,, May 1999 (1999-05-01), pages 1774 - 1778, XP002931672 * |
DONDETI ET AL.: "Dual encryption protocol for scalable secure multicasting", IEEE,, April 1999 (1999-04-01), pages 2 - 8, XP002931670 * |
MITTRA S.: "Iolus: A framework for scalable secure multicasting", 14 September 1997 (1997-09-14), pages 1 - 12, XP002931671 * |
RODEH ET AL.: "Optimized group rekey for group communication systems", 19 July 1999 (1999-07-19), pages 1 - 20, XP002931667 * |
See also references of EP1192751A4 * |
WONG ET AL.: "Secure group communications using kex graphs", 28 July 1997 (1997-07-28), pages 1 - 27, XP002931669 * |
Cited By (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7263611B2 (en) | 1999-07-15 | 2007-08-28 | Nds Ltd. | Key management for content protection |
US8054978B2 (en) | 1999-07-15 | 2011-11-08 | Nds Limited | Key management for content protection |
US7188242B2 (en) | 1999-07-15 | 2007-03-06 | Nds Ltd. | Key management for content protection |
US7382884B2 (en) | 1999-07-15 | 2008-06-03 | Nds Ltd. | Key management for content protection |
GB2394629A (en) * | 1999-07-15 | 2004-04-28 | Nds Ltd | Key management for content protection |
US6880081B1 (en) | 1999-07-15 | 2005-04-12 | Nds Ltd. | Key management for content protection |
GB2394629B (en) * | 1999-07-15 | 2004-06-09 | Nds Ltd | Key management for content protection |
WO2001078299A1 (en) * | 2000-04-06 | 2001-10-18 | Sony Corporation | Information processing system and method |
US7225339B2 (en) | 2000-04-06 | 2007-05-29 | Sony Corporation | Information recording/playback apparatus and method |
US7707410B2 (en) | 2000-04-06 | 2010-04-27 | Sony Corporation | Information processing system and method |
US7505599B2 (en) | 2000-04-06 | 2009-03-17 | Sony Corporation | Information processing system and method for managing encrypted data with tag information |
EP1185022A4 (en) * | 2000-04-06 | 2006-07-26 | Sony Corp | Information recording/reproducing apparatus and method |
US7443984B2 (en) | 2000-04-06 | 2008-10-28 | Sony Corporation | Information processing system and method for distributing encrypted message data |
WO2001078298A1 (en) * | 2000-04-06 | 2001-10-18 | Sony Corporation | Information processing system and method |
EP1185022A1 (en) * | 2000-04-06 | 2002-03-06 | Sony Corporation | Information recording/reproducing apparatus and method |
WO2002052779A1 (en) * | 2000-12-26 | 2002-07-04 | Sony Corporation | Information processing system and method |
US7346170B2 (en) | 2000-12-26 | 2008-03-18 | Sony Corporation | Information processing system and method |
US7167564B2 (en) | 2000-12-26 | 2007-01-23 | Sony Corporation | Information processing system and method |
US6911974B2 (en) | 2000-12-26 | 2005-06-28 | Sony Corporation | Information processing system and method |
WO2002052781A1 (en) * | 2000-12-26 | 2002-07-04 | Sony Corporation | Information processing system and method |
US7405731B2 (en) | 2000-12-26 | 2008-07-29 | Sony Corporation | Information processing system and method |
EP1710947A1 (en) * | 2000-12-26 | 2006-10-11 | Sony Corporation | Hierarchical data content tree distribution information system and method |
WO2002052780A1 (en) * | 2000-12-26 | 2002-07-04 | Sony Corporation | Information processing system and method |
US7362870B2 (en) | 2001-04-19 | 2008-04-22 | Sony Corporation | Method and apparatus for recording/playing back information |
US7757082B2 (en) | 2002-01-30 | 2010-07-13 | Sony Corporation | Efficient revocation of receivers |
US7340603B2 (en) * | 2002-01-30 | 2008-03-04 | Sony Corporation | Efficient revocation of receivers |
US7599497B2 (en) | 2002-03-27 | 2009-10-06 | British Telecommunications Public Limited Company | Key management protocol |
EP1575210A1 (en) * | 2004-03-10 | 2005-09-14 | Sun Microsystems, Inc. | Method and apparatus for hybrid group key management |
US7328343B2 (en) | 2004-03-10 | 2008-02-05 | Sun Microsystems, Inc. | Method and apparatus for hybrid group key management |
KR101362529B1 (en) | 2007-03-27 | 2014-02-14 | 재단법인서울대학교산학협력재단 | Method and system for distributing and redistributing secret |
WO2011041933A1 (en) * | 2009-10-10 | 2011-04-14 | 西安西电捷通无线网络通信股份有限公司 | Method for key pre-distribution and key establishment in a sensor network |
WO2012052079A1 (en) * | 2010-10-22 | 2012-04-26 | Telefonica, S.A. | A method and a system for asynchronous and unreported cryptographic secret symmetric keys cogeneration in spatially distant locations through a distributed system |
Also Published As
Publication number | Publication date |
---|---|
US6240188B1 (en) | 2001-05-29 |
JP2003503950A (en) | 2003-01-28 |
CN1160898C (en) | 2004-08-04 |
EP1192751B1 (en) | 2006-06-21 |
DE60028972T2 (en) | 2006-11-16 |
EP1192751A1 (en) | 2002-04-03 |
EP1192751A4 (en) | 2003-08-06 |
KR20020037022A (en) | 2002-05-17 |
CN1363160A (en) | 2002-08-07 |
KR100495540B1 (en) | 2005-06-16 |
DE60028972D1 (en) | 2006-08-03 |
WO2001003365A8 (en) | 2001-07-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6240188B1 (en) | Distributed group key management scheme for secure many-to-many communication | |
US6049878A (en) | Efficient, secure multicasting with global knowledge | |
US7434046B1 (en) | Method and apparatus providing secure multicast group communication | |
Dondeti et al. | DISEC: a distributed framework for scalable secure many-to-many communication | |
US6584566B1 (en) | Distributed group key management for multicast security | |
Canetti et al. | Multicast security: A taxonomy and some efficient constructions | |
EP0952718B1 (en) | Efficient, secure multicasting with minimal knowledge | |
US6901510B1 (en) | Method and apparatus for distributing and updating group controllers over a wide area network using a tree structure | |
US7383436B2 (en) | Method and apparatus for distributing and updating private keys of multicast group managers using directory replication | |
US6263435B1 (en) | Dual encryption protocol for scalable secure group communication | |
US7260716B1 (en) | Method for overcoming the single point of failure of the central group controller in a binary tree group key exchange approach | |
US6785809B1 (en) | Server group key for distributed group key management | |
Dondeti et al. | Survey and comparison of secure group communication protocols | |
Yiu et al. | SOT: secure overlay tree for application layer multicast | |
Du et al. | Towards solving multicast key management problem | |
Ranjani et al. | Current trends in group key management | |
Lee et al. | Scalable and lightweight key distribution for secure group communications | |
Dondeti | Efficient private group communication over public networks | |
Roh et al. | Key management scheme for providing the confidentiality in mobile multicast | |
Aye et al. | Key management for secure multicast over IPv6 wireless networks | |
Yang et al. | A secure multicast protocol for the internet's multicast backbone | |
Seba et al. | A new approach to scalable and fault‐tolerant group key management protocols | |
Seba et al. | A hybrid approach to group key management | |
Devi et al. | A Survey on Multicast rekeying for secure group communication | |
Kulkarni et al. | Distributing key updates in secure dynamic groups |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN JP KR US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
AK | Designated states |
Kind code of ref document: C1 Designated state(s): CN JP KR US |
|
AL | Designated countries for regional patents |
Kind code of ref document: C1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
CFP | Corrected version of a pamphlet front page | ||
CR1 | Correction of entry in section i |
Free format text: PAT. BUL. 02/2001 UNDER (30) REPLACE THE EXISTING TEXT BY "60/142490, 06.07.99, US 09/439426, 11.11.99, US" AND UNDER (63) REPLACE THE EXISTING TEXT BY "US, 09/439426 (CON) FILED ON 11.11.99" |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2000947097 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020027000207 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 008102805 Country of ref document: CN |
|
WWP | Wipo information: published in national office |
Ref document number: 2000947097 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1020027000207 Country of ref document: KR |
|
WWG | Wipo information: grant in national office |
Ref document number: 1020027000207 Country of ref document: KR |
|
WWG | Wipo information: grant in national office |
Ref document number: 2000947097 Country of ref document: EP |