Abstract: A method of and apparatus for encrypting and/or decrypting content according to broadcast encryption scheme. The decryption method includes: determining whether or not a revoked device among devices that have licenses for predetermined content is present; and according to the determination result, selectively decrypting a content key encrypted by using a key to prevent the revoked device from decrypting the predetermined content. By doing so, an unnecessary encryption process and decryption process that occur when there is no revoked device are avoided.

Abstract: A key management, user registration and deregistration for a digital rights management (DRM) system in a home network, using a hierarchical node topology. In the key management, node information is generated by allocating a pair of keys (a public key and a private key) to each node. A node tree is made by generating link information using the pair of keys and a content key. The link information is delivered from an upper node to a lower node using the node tree. The link information is obtained by encrypting a private key of a ‘TO’ node using a public key of a ‘FROM’ node. Accordingly, it is possible to realize a DRM system that protects content and easily accomplishes a binding mechanism and a revocation mechanism.

Abstract: Provided is a method of controlling content access in a home network. The method includes: (a) defining a predetermined sub group and allocating a sub group key for the sub group; and (b) checking whether a user belongs to the sub group and transmitting the sub group key to a user device requested by the user, wherein the user device obtains an encrypted content key using a domain key and the sub group key. Since a content key is twice encrypted using a domain key and a sub group key and transmitted to a user device, it is possible to provide authorized content access to a user.

Abstract: A method of packaging broadcast contents are provided. The method includes: extracting a copy control bit from input broadcast contents and determining whether the broadcast contents will be stored after being encrypted based on the extracted copy control bit; creating usage rule information which includes an encryption method of the broadcast contents if it is determined that the broadcast contents will be stored after being encrypted; extracting the copy control bit from each new broadcast content sequentially input and detecting broadcast contents which include copy control bits indicating that the broadcast contents will be stored without being encrypted; and encrypting the input broadcast contents through the broadcast contents before the detected broadcast contents using the encryption method and packaging and storing the encrypted broadcast contents and the usage rule information.

Abstract: A method for transmitting content to a user device from a home server in a home network is provided. The method includes: receiving an allocated user public key and a user private key of a user to whom the home server belongs; generating an arbitrary session public key and a session private key, generating an encrypted session private key by encrypting the session private key using a device public key that is a public key of the user device, and transmitting the encrypted session private key to the user device; and transmitting the content encrypted using a predetermined content key and a content key encrypted using the session private key to the user device. According to the method, by binding the content to each user, instead of to each device, the content can be safely and conveniently shared.

Abstract: A method of managing a home network key in a home network environment, which has a key management server for managing the home network key and a plurality of home network devices, includes: allowing a home network device to generate device unique information and to transmit the device unique information to the key management server; allowing the key management server to generate a parameter for generating the home network key by using the device unique information and to transmit the parameter to the home network device; and allowing the home network device to generate the home network key by using the parameter. The generated home network key being independent of the device unique information.

Abstract: A method and apparatus for managing digital content, which can detect the leakage of an encryption key when the encryption key used for encrypting the digital content is leaked or cracked. When the encrypted digital content is decrypted by an illegal device, a module linked with the encrypted digital content is automatically driven and a digital content managing apparatus is then notified that the encrypted digital content has been decrypted by the illegal device such that the digital content managing apparatus can change the encryption key. Thus, it is possible to prevent the digital content from being continuously leaked due to the use of the same encryption key for encrypting subsequent digital content.

Abstract: A method of backing up domain information relating to the construction of a domain is provided. In the method, the domain information is encrypted and the encrypted domain information is stored in a predetermined storage device in the domain the encrypted domain information to the predetermined storage device, thereby securely backing up the domain information without the help of an external network. Accordingly, even when the existing domain server malfunctions, a new domain server is capable of obtaining the domain information.

Abstract: A method of measuring round trip time (RTT) includes: chain-hashing at least one random number to create a plurality of hash values; (b) transmitting one of the created hash values to a device and starting to measure RTT of the device; and (c) receiving from the device a response to the transmitted hash value and ending the RTT measurement, thereby performing a more effective proximity check than a conventional proximity check requiring encryptions and decryptions of several tens of times through several thousands of times.

Abstract: A method and apparatus for encrypting or decrypting digital content are provided. In the method, a binding range is selected from a plurality of binding ranges of content use based on license information of the content, and the content is encrypted based on the selected binding range so that the content can be used only within the selected binding range. Accordingly, it is possible to limit content use to a plurality of binding ranges of use of the content, using license information of the content.

Abstract: A method of and an apparatus for copying and decrypting encrypted digital data. The method of copying encrypted digital data includes encrypting a first media key block to be used for decryption of the encrypted digital data using a predetermined key of a second information storage medium and storing the encrypted digital data and the encrypted first media key block in the second information storage medium. Security of data encryption is heightened by not discarding an encryption key used for an initial encryption, encrypting the encryption key used for initial encryption using another encryption key used for a second encryption, and storing the encrypted encryption key with the data. Also, since unnecessary decryption and encryption of data are not repeated, the time required for copying data is reduced, and since data is transferred between apparatuses in an encrypted state, a security level is higher.

Abstract: Provided is a method of copying data stored in a first storage medium to a second storage medium. The method includes recording the encrypted data stored in the first storage medium on the second storage medium; reproducing a first content key, which is used to encrypt the encrypted data, using a first drive into which the first storage medium is loaded; encrypting the first content key; sending the encrypted first content key to a second drive into which the second storage medium is loaded; and recording the encrypted first content key on the second storage medium. In this method, encrypted data stored in a first storage medium is sent to a second storage medium via a host without decrypting the encrypted data, thereby preventing the data from being hacked or being accessed by unauthorized users and increasing a speed of copying the encrypted data.

Abstract: A method of receiving a session key in a home network and a method of reproducing content using the same. The method of receiving a session key from a home server in a home network, includes: (a) whenever one of members of the home network changes, receiving and storing the session key and a session version indicating a session key generation sequence; (b) receiving a license necessary for reproducing predetermined content; and (c) determining a session key necessary for reproducing the predetermined content based on an encoding session version (ESV), which is a session version extracted from the license, and the stored session version. A home server transmits a session key and a session version to a user device whenever a subscriber to a home network changes, and the user device determines a session key using the session version, thereby performing a variety of domain administration by freely transmitting content between user devices.

Abstract: Provided are a method of recording/reproducing data under control of a domain management system. The method includes extracting, from the write command, domain management information regarding the predetermined domain and contents, and copy control information specifying an extent of copying the contents within the predetermined domain; recording the extracted domain management information on the storage medium; generating a domain-bound flag that is used to determine whether the recording apparatus which records the contents on a storage medium is present in the predetermined domain, based on the extracted copy control information; and recording the domain-bound flag and the contents on the storage medium. Accordingly, it is possible to record contents, recording of which is limited within a predetermined domain, on a storage medium outside a slave under control of a domain management system, while preventing the contents from being reproduced within other domains.

Abstract: A method of measuring round trip time (RTT) and a proximity checking method using the same. The method of measuring RTT includes: transmitting a hashed second random number and starting the RTT measurement; and receiving a hashed first random number from a device that received the hashed second random number and ending the RTT measurement, thereby greatly reducing repetitive encryption and decryption operations in the proximity check using a repetitive RTT measurement.

Abstract: A method and apparatus for restricting the use of a disc are provided. In this method, first, lead-in data is read out from a loaded disc. Then, a user key is read out from a lead-in area of the disc. Thereafter, the user key undergoes authentication based on a user key received from a host. The authentication is performed by comparing a random number produced by a disc drive with a decrypted random number obtained by the disc drive decrypting a random number encrypted by the host. Accordingly, the use of the disc by an unauthorized third person is restricted, thus preventing a leakage of personal information and a protection of the copyrights of data.

Abstract: An encoding and decoding apparatus and method thereof includes first and second soft encoders, a transmission channel, and first and second soft decoders. The first soft encoder performs a first soft encoding of input data to correct errors in the input data and outputting first soft-encoded data. The second soft encoder receives the first soft-encoded data, performs a second soft encoding to determine a success or failure of the encoding of the first soft-encoded data, and outputs second soft-encoded data. The first soft decoder soft-decodes data input through a transmission channel and corresponds to the second soft encoding, and outputs first soft-decoded data. The second soft decoder receives the first soft-decoded data, soft-decodes the first soft-decoded data corresponding to the first soft encoding, and outputs second soft-decoded data and additional information indicating the success or failure of the decoding of the first soft-decoded data.

Abstract: A method of constructing a unique domain for preventing content from being illegally used by an unauthorized third person in a public key-based architecture and applying the constructed domain to a home network using universal plug and play (UPnP). The method of the present invention includes selecting one of controlled devices that are operable as a master device and determining the selected device as the master device; performing device authentication in such a manner that other controlled devices receive a secret information block from the determined master device and create certificates; and determining slave devices by selecting one or more devices among the authenticated controlled devices.

Abstract: A soft demodulation method and apparatus including calculating partial sums for a unit of each predetermined number of bits of a codeword received from a channel; calculating a value of each entry of the decoding table by referring to the partial sums; and detecting a maximum among values of all entries of the decoding table and calculating a log-likelihood ratio (LLR) using the detected maximum. Accordingly, it is possible to reduce the amount of computation required to perform a soft demodulation process using run-length limited (RLL) codes and to simplify the soft demodulation process.

Abstract: A method and an apparatus for providing content encrypted in a broadcast encryption scheme to a plurality of devices in a local network are provided. The method includes: storing a minimal number of keys needed by the devices to decode the encrypted content among a plurality of keys that can be used in the predetermined encryption scheme; and transmitting the stored keys to the devices. Accordingly, it is possible for a local server having a small storage capacity to provide the encrypted content to the devices by storing only the minimal number of keys needed by the devices to decode the encrypted content.