Abstract: A method of and apparatus for encrypting and/or decrypting content according to broadcast encryption scheme. The decryption method includes: determining whether or not a revoked device among devices that have licenses for predetermined content is present; and according to the determination result, selectively decrypting a content key encrypted by using a key to prevent the revoked device from decrypting the predetermined content. By doing so, an unnecessary encryption process and decryption process that occur when there is no revoked device are avoided.

Abstract: A method and apparatus for managing digital content, which can detect the leakage of an encryption key when the encryption key used for encrypting the digital content is leaked or cracked. When the encrypted digital content is decrypted by an illegal device, a module linked with the encrypted digital content is automatically driven and a digital content managing apparatus is then notified that the encrypted digital content has been decrypted by the illegal device such that the digital content managing apparatus can change the encryption key. Thus, it is possible to prevent the digital content from being continuously leaked due to the use of the same encryption key for encrypting subsequent digital content.

Abstract: A method of measuring round trip time (RTT) includes: chain-hashing at least one random number to create a plurality of hash values; (b) transmitting one of the created hash values to a device and starting to measure RTT of the device; and (c) receiving from the device a response to the transmitted hash value and ending the RTT measurement, thereby performing a more effective proximity check than a conventional proximity check requiring encryptions and decryptions of several tens of times through several thousands of times.

Abstract: A method of packaging broadcast contents are provided. The method includes: extracting a copy control bit from input broadcast contents and determining whether the broadcast contents will be stored after being encrypted based on the extracted copy control bit; creating usage rule information which includes an encryption method of the broadcast contents if it is determined that the broadcast contents will be stored after being encrypted; extracting the copy control bit from each new broadcast content sequentially input and detecting broadcast contents which include copy control bits indicating that the broadcast contents will be stored without being encrypted; and encrypting the input broadcast contents through the broadcast contents before the detected broadcast contents using the encryption method and packaging and storing the encrypted broadcast contents and the usage rule information.

Abstract: A method of backing up domain information relating to the construction of a domain is provided. In the method, the domain information is encrypted and the encrypted domain information is stored in a predetermined storage device in the domain the encrypted domain information to the predetermined storage device, thereby securely backing up the domain information without the help of an external network. Accordingly, even when the existing domain server malfunctions, a new domain server is capable of obtaining the domain information.

Abstract: A method of generating usage rule information for a broadcast channel. The method includes receiving content and a broadcast flag via the broadcast channel, creating content usage rule information to allow all operations relating to use of the content when the broadcast flag is off, and creating usage rule information to forbid copying of the content when the broadcast flag is on.

Abstract: Provided is a method of controlling content access in a home network. The method includes: (a) defining a predetermined sub group and allocating a sub group key for the sub group; and (b) checking whether a user belongs to the sub group and transmitting the sub group key to a user device requested by the user, wherein the user device obtains an encrypted content key using a domain key and the sub group key. Since a content key is twice encrypted using a domain key and a sub group key and transmitted to a user device, it is possible to provide authorized content access to a user.

Abstract: A key management, user registration and deregistration for a digital rights management (DRM) system in a home network, using a hierarchical node topology. In the key management, node information is generated by allocating a pair of keys (a public key and a private key) to each node. A node tree is made by generating link information using the pair of keys and a content key. The link information is delivered from an upper node to a lower node using the node tree. The link information is obtained by encrypting a private key of a ‘TO’ node using a public key of a ‘FROM’ node. Accordingly, it is possible to realize a DRM system that protects content and easily accomplishes a binding mechanism and a revocation mechanism.

Abstract: A method for transmitting content to a user device from a home server in a home network is provided. The method includes: receiving an allocated user public key and a user private key of a user to whom the home server belongs; generating an arbitrary session public key and a session private key, generating an encrypted session private key by encrypting the session private key using a device public key that is a public key of the user device, and transmitting the encrypted session private key to the user device; and transmitting the content encrypted using a predetermined content key and a content key encrypted using the session private key to the user device. According to the method, by binding the content to each user, instead of to each device, the content can be safely and conveniently shared.

Abstract: A method of receiving a session key in a home network and a method of reproducing content using the same. The method of receiving a session key from a home server in a home network, includes: (a) whenever one of members of the home network changes, receiving and storing the session key and a session version indicating a session key generation sequence; (b) receiving a license necessary for reproducing predetermined content; and (c) determining a session key necessary for reproducing the predetermined content based on an encoding session version (ESV), which is a session version extracted from the license, and the stored session version. A home server transmits a session key and a session version to a user device whenever a subscriber to a home network changes, and the user device determines a session key using the session version, thereby performing a variety of domain administration by freely transmitting content between user devices.

Abstract: An apparatus for receiving broadcast content is provided. The apparatus includes a receiving unit generating the broadcast content from a broadcast stream received from a content provider via a broadcast channel; a content encrypting unit encrypting the broadcast content using a content key; and a link generating unit generating a secure link to a user device by exchanging link messages with the user device, and transmitting the content key to the user device via one of the link messages even when the apparatus is not connected to a content provider. A first link message of the link messages includes one of a public key of the user device and a public key of the apparatus, and a second link message of the link messages includes one of a private key of the apparatus, a secret key of the apparatus, and a secret key of the user device.

Abstract: A method and apparatus are provided for generating and sharing a system key over a DRM system. The method includes: defining a (k?1)th order polynomial having k random numbers as coefficients, where k denotes a natural number; generating n polynomial solutions by inputting n constants into the polynomial, where n denotes a natural number; generating characteristic information values by performing an XOR operation on the polynomial solutions and n system information values, the system information values representing identification information on components of the application device; and selecting one of the coefficients of the polynomial as a system key and transmitting the system key to the license server, wherein the characteristic information values are used to generate the same system key when part of the system information values are changed. The application device can generate the system key even when the system information values are changed due to the upgrade of components of the application device.

Abstract: A method of generating a key for device authentication includes: generating an element vector by generating a number of elements corresponding to a size of an ID of the device; generating a subvector corresponding to a bit location at every location of the device ID at which a “1” is disposed, and generating a subvector by shifting the element vector by a number of bit positions corresponding to the location of the “1” in the device ID; and combining the subvectors generated with respect to the device. The method of generating the key is provided to perform authentication without using a public key encryption operation in a device having limited performance capabilities, for example, a mobile phone.

Abstract: A method and apparatus are provided for simply and securely limiting a number of times that contents can be accessed using a hash chain. The apparatus limiting a number of times contents are accessed by a user terminal includes a hash chain generator receiving information indicating selected contents by the user terminal and information indicating how many times (n) the user terminal has authority to access the selected contents and generating a hash chain including n hash values derived from a seed value, and a contents access manager deleting the hash values one by one from the hash chain whenever the user terminal accesses the selected contents such that the number of times the contents can be accessed by the user terminal is decreased by the number of deleted hash values.

Abstract: A scheduled recording method, which schedules recording of copy-protected content, is provided. The scheduled recording method involves determining whether copy control information of content of interest exists in a recording device storing various copy control information; if the copy control information does not exist in the recording device, newly receiving copy control information and then determining whether the copy control information exists among the newly received information; if the copy control information of the content exists in the recording device, determining whether the copy control information “copy never”; and if the copy control information of the content is “copy never”, transmitting an error message to a user indicating that the content of interest is not recordable to a user.

Abstract: An analog/digital signal processor outputting analog input signals without eliminating copy protection signals from analog input signals, analog input signals having been subjected to copy protection process such as macrovision without adding complicated processes. The analog/digital signal processor for receiving input signals and outputting received input signals to a predetermined appliance through an analog or a digital communication unit, includes: a control unit determining whether the input signals are digital or analog signals and controlling a processing path and an output path of the input signals in accordance with the determination result; and a switching unit switching the input signals to the analog or the digital communication unit under the control of the control unit. When the input signals are analog signals, the control unit sets the processing path of the input signals to the switching unit and the switching unit switches the input signals to the analog communication unit.

Abstract: A scrambling apparatus and method are provided for increasing randomness without damaging compression efficiency of total video data by selectively and randomly performing conversion when converting motion vector codes of compressed video data into other motion vector codes indicating other motion vector values, and more particularly, by performing conditional conversion only if a predetermined condition is satisfied when selective conversion of motion vector codes is performed. The scrambling apparatus includes a conversion motion vector code table generator generating a conversion motion vector code table comprising motion vector codes obtained by converting motion vector codes corresponding to motion vector values of input video data in a standard motion vector code table; and a conversion controller randomly determining whether a certain motion vector value is encoded using the conversion motion vector code table or the standard motion vector code table.

Abstract: A home domain building method and system that allow devices to join a home domain using smart cards. In the method, a master device reads device information from a smart card having a device ID and a device key as the device information of a guest device authenticated as a legal device and transmits a challenge request signal to the guest device, the guest device randomly generates a challenge value in response to the challenge request signal, the master device encrypts the challenge value using the device key of the guest device and transmits the encrypted challenge value to the guest device, the guest device decrypts the encrypted challenge value, and if the decrypted challenge value is the same as the challenge value generated in response to the challenge request signal, the guest device allows the master device to join the guest device in the home domain.

Abstract: A home network system allowing a user to directly control joining or removing of member devices in a domain using a user interface and to effectively control a status change of the member devices of the domain and a management method therefor. The home network system includes: a master device, which forms a domain with more than one controlled device, transmits a predetermined domain key to the controlled devices included in the domain, generates a new domain key whenever a configuration of the domain is changed, and transmits the new domain key to the controlled devices remaining in the domain; and a control point, which provides a user interface allowing a user to directly change the configuration of the domain.

Abstract: A method of preventing tampering with a program, a method of upgrading a program, and an apparatus thereof. The method of preventing tampering with a program creates a plurality of obfuscated codes by processing an original code using a plurality of obfuscation methods, generates a program unique number, determines one of the created obfuscated codes based on the unique number, and provides the selected code to a user. The method of upgrading a program creates a plurality of obfuscated codes by processing an upgrade code using a plurality of obfuscation methods, compares the created, obfuscated codes with existing obfuscated codes, and creates a plurality of patch codes based on the difference obtained through the comparison. A patch code is selected based on the unique number input by a user.