Abstract: A data protection system is provided that reduces, to a degree, the amount of encrypted data that is distributed to a plurality of terminals. In the data protection system a terminal whose decryption keys are exposed by a dishonest party is made to be unable to decrypt the data correctly, while other terminals are able to decrypt the data correctly. The data protection system includes a plurality of terminals, and an encryption device that encrypts distribution data distributed to each terminal. Each terminal is corresponded with one node on a lowest level of a 4-ary tree structure or the like having a plurality of hierarchies.

Abstract: To allow a user to easily back up data without anxiety, the present invention provides a backup system that transfers data transmitted by an information terminal device to a backup device via at least one relay device that relays the data, the information terminal device comprising: a storing unit operable to store the data to be backed up; and a communication unit operable to transmit, to the relay device, the data and transfer condition information that indicates a condition to be satisfied by the relay device and relates to protection of the data, the relay device comprising: a device information storing unit operable to store device information relating to transfer destination devices; a receiving unit operable to receive the data and the transfer condition information; and a transfer control unit operable to select, from the transfer destination devices, a transfer destination device that satisfies the condition indicated by the received transfer condition information, and to control transfer of the rece

Abstract: Provided is an elliptic curve exponentiation apparatus that can counter the DFA when an elliptic curve exponentiation technique is used. A computation result verification unit 127 receives, as a computation result, an exponentiation-result-point (X, Y) from an elliptic curve computation unit 124. The computation result verification unit 127 computes X3+a×X+b, and computes Y2, and outputs the received exponentiation-result-point when judging that Y2=X3+a×X+b, and does not output the received exponentiation-result-point when not judging that Y2=X3+a×X+b.

Abstract: A content protection system prevents illegal key acquisition, without checking uniqueness of device keys. The content protection system includes a key data generation apparatus and a user terminal. The key data generation apparatus converts first key data, which is for using content, based on a predetermined conversion rule, thereby generating second key data, encrypts the second key data using a device key held by valid terminals, and outputs the encrypted key data. The user terminal obtains the encrypted key data, decrypts the encrypted key data using a device key held by the user terminal, thereby generating second key data, converts the second key data based on a re-conversion rule corresponding to the conversion rule, thereby generating the first key data, and uses the content with use of the generated first key data.

Abstract: The present invention aims to provide a time authentication device for distinguishing clocks that show a time falling within the predetermined permissible range as compared with a time shown by the time authentication device. In a time authentication device embodied as a distribution device 11, a time-relation information storage unit 104 stores a playback-device-time measured by a clock unit 203 of a playback device 12, and also stores a distribution-device-time measured by a clock unit 103 when the playback-device-time is acquired. The time authentication unit 107 acquires from the playback device 12 a target time measured by the clock unit 203, and also acquires an authentication time measured by the clock unit when the target time is received. The time authentication unit 107 then calculates a first difference (=Authentication Time?Distribution-Device-Time), a second difference (=Target Time?Playback-Device-Time), an authentication difference (=First Difference?Second Difference).

Abstract: A video signal and an audio signal are time division multiplexed, encrypted, and transmitted. A transmission side time-compresses the audio signal, multiplexes, encrypts, and transmits the time-compressed audio signal in a blanking period of the video signal. Control is performed using an audio signal data enable signal ADE, and an audio signal/video signal switch signal.

Abstract: A content distribution system in which content transmission/reception is suppressed when there is a high risk of contents being stolen by a third party during communication. A content server acquires a communication distance indicating how far the content server is from a terminal in data communication. The content server conducts content transmission/reception when the communication distance is less than or equal to a predetermined value, and suppresses content transmission/reception when the communication distance exceeds the predetermined value.

Abstract: A copyright protection system includes a recording device and a reproduction device. The recording device writes encrypted content, an encrypted content key for decrypting the encrypted content, and license information on a recording medium on which a unique media number has been recorded in an unrewritable state. The license information is generated using both the media number and the encrypted content key, and therefore reflects both values. The reproduction device reads the media number, the encrypted content key, and the license information from the recording medium, and judges whether the license information reflects both the media number and the encrypted content key. The reproduction device decrypts the encrypted content key, and decrypts the encrypted content using the content key only if the license information reflects both values. Thus, the copyright protection system allows only original recording media to be reproduced, and prohibits reproduction of copy recording media.

Abstract: A content management system which can prevent a content from being copied exceeding the limited number of copies for the content. The content management system includes a first content management device and a second content management device. The first content management device stores period information that indicates an available period during which a first external device is permitted to use a copied content which has been copied from the content, and outputs the period information to the second content management device when the content is moved. Upon receiving the period information from the first content management device, the second content management device judges whether the available period of the copied content has expired, using the received period information, and if it is judges that the available period has not expired, it inhibits the content from being copied to the second external device.

Abstract: An image processing apparatus enables image data to be handled easily after photography. A server apparatus pattern images and control information in correspondence with user identifiers. A digital camera photographs a subject, obtains a pattern image and a piece of control information from the server apparatus, and judges whether a portion of the image data obtained by photography matches the obtained pattern image. If a matching portion exists, the digital camera operations in accordance with an operation instruction included in the piece of control information. If the operation instruction is mosaic processing, the digital camera performs mosaic processing to the matching portion. If the operation instruction is image replacement, the digital camera replaces the matching portion with a predetermined image or performs CG processing on the matching portion. If the operation instruction is frame deletion, the digital camera deletes the image data.

Abstract: Each of a plurality of contents supply systems connected to a single user apparatus uses a group management method that employs flexible and unique tree structures. A manager in each contents supply system uses a system apparatus key distributed by a key management organization to generate a public list that corresponds to a unique tree structure, and releases the public list when the contents supply system is constructed. The user apparatus stores only an apparatus key corresponding to a leaf of the tree structure. Using the public list, which is released via a web page, package media or the like, the user apparatus reconstructs the tree sequentially from the leaf up, and derives a node key corresponding to the user apparatus. The user apparatus then decrypts an encrypted content using the derived node key.

Abstract: In an authentication system, a key registration apparatus receives input of an identifier unique to a second device, generates first key data from the identifier according to a predetermined key generation algorithm, and transmits the generated first key data to a first device, which receives and stores the first key data, and authenticates the second device with use of the first key data. The second device stores in advance second key data generated from the identifier according to the predetermined key generation algorithm, and is authenticated by the first device with use of the second key data. Accordingly, the first and second devices cannot be registered without using the key registration apparatus, thereby preventing communication with unregistered devices. This enables usage of content to be limited to individual usage in the home of a user, and can be realized even with devices that are not connected outside the home.

Abstract: A personal information management device aims to save troubles of inputting passwords and deleting personal information, to prevent others from viewing the personal information, and to maintain confidentiality of the personal information even when a mobile device is lost. Personal information storage unit 201 holds encrypted personal information, key distribution unit 204 distributes a decryption key used for decrypting the encrypted personal information into a first and a second distributed keys based on a secret sharing scheme, distributed key storage unit 205 stores thereon the first distributed key, stores the second distributed key on home device 30, and deletes the decryption key. Upon decryption, link judgment unit 210 judges link establishment. Key recovery unit 207 acquires the second distributed key from home device 30, and recovers the decryption key using the first and the second distributed keys. Decryption unit 208 decrypts the encrypted personal information using the decryption key.

Abstract: A secure device is provided that can store programs therein, the secure device including: a low-protection level storage unit; a high-protection level storage unit; a program acquiring unit that acquires a program and corresponding additional information, the additional information used for determining a storage destination of the acquired program; an additional information analyzing unit that stores the acquired program in one of the low-protection level storage unit and the high-protection level storage unit, according to additional information; an area searching unit; a protection level judging unit; and a program storing unit.

Abstract: In a system composed of a recording apparatus that records digitized content such as a movie, or a reproduction apparatus that reproduces the digitized content, and a recording medium, a media key for use in recording or reproduction is encrypted by a plurality of device keys and recorded on the recording medium. Here, the recording apparatus or the reproduction apparatus specifies the encrypted media key that it is to decrypt, from amongst the plurality of encrypted media keys. A key management apparatus records node revocation patterns assigned to nodes in a tree structure to the recording medium in a particular order, as header information of key information, together with the encrypted media keys. The recording apparatus or the reproduction apparatus specifies the encrypted media key to be decrypted, by analyzing the node revocation patterns sequentially.

Abstract: There are conventional pet robots that distinguish users and take a different behavior pattern per user, and pet robots that phase their behavior patterns based on their own behavior history to stage a growth process. The present invention provides a robot that, when in contact with a user in possession of a memory card, acquires various types of information from the memory card, such as identification information of the memory card, information regarding the user, and history information regarding contact between the user and the robot, and can give the user a high degree of satisfaction by performing behavior that reflect the acquired information.

Abstract: An authentication system that permits the user to use a function by authenticating the user in a more reliable manner than conventional technologies. The authentication system 1 includes a user terminal 10, an authentication recording medium 20, and wireless ID tags 31, 32, 33, 34, 35, . . . 36. Upon receiving from a user an instruction to activate a function provided by the authentication system for which the access by the user is limited, the user terminal 10 collects ID codes from the wireless ID tags 31, 32, 33, 34, 35, . . . 36, and judge whether or not a level of match between the collected ID codes and the ID codes stored beforehand in the authentication recording medium 20 satisfies a predetermined condition. If the level of match satisfies the predetermined condition, the user terminal 10 activates the designated function.

Abstract: A server apparatus encrypts content, based on a distribution key, and transmits the encrypted content to a PC via a network. The PC, to which a memory card is connected, outputs the received encrypted content to the memory card. The memory card decrypts the encrypted content using the distribution key, converts the data format of the decrypted content, encrypts the content using a medium unique key that is unique to the memory card, and records the resulting re-encrypted content internally. A playback apparatus decrypts the re-encrypted content using the medium unique key, and plays back the decrypted content.

Abstract: A secure device is provided that can store programs therein, the secure device including: a low-protection level storage unit; a high-protection level storage unit; a program acquiring unit that acquires a program and corresponding additional information, the additional information used for determining a storage destination of the acquired program; an additional information analyzing unit that stores the acquired program in one of the low-protection level storage unit and the high-protection level storage unit, according to additional information; an area searching unit; a protection level judging unit; and a program storing unit.

Abstract: A password registration unit encrypts key information using an input password, and stores the generated encrypted key as a file into a computer. A file encryption unit generates a file key arbitrarily, encrypts the file key using the key information, encrypts a plaintext using the file key to generate a ciphertext, and stores an encrypted file including the encrypted file key in its header part and the ciphertext in its data part. A file decryption unit decrypts the encrypted file key using the key information to obtain a file key, or receives an input of a password, decrypts the encrypted key using the password to obtain key information, and decrypts the encrypted file key using the key information to obtain a file key. The file decryption unit then decrypts the ciphertext using the obtained file key.