Abstract: A data processing system, recording device, data processing method and program providing medium are provided to execute authentication processing and content storing processing between apparatuses. Program localization is employed to restrict access to program content. A plurality of key blocks store key data for authentication processing. Key block designation information is set in a recorder/reproducer, which is configured for executing authentication processing with the recording device by designating a key block. The recorder/reproducer can set a key block for each product, model or the like. In addition, data stored according to a selected key block cannot be utilized in a recorder/reproducer in which a different key block is set. Furthermore, an encryption processing controlling section of a recording device executes control in accordance with a pre-defined setting sequence.

Abstract: Disclosed herein is a device authentication system capable of authenticating devices efficiently using the common key system. When a CE device requests service offerings from a service server, the service server in turn requests the CE device to be authenticated by a device authentication server. Given the request, the CE device causes the device authentication server to perform device authentication on that device and transmits the result of the device authentication to the service server. Upon receipt of the device authentication result from the CE device, the service server causes the device authentication server to check that the authentication has been performed correctly and then starts offering services to the CE device. The CE device and device authentication server share a pass phrase, and each of the two parties checks that the other party indeed retains the pass phrase for mutual authentication.

Abstract: It is possible to realize a Feistel-type common key block encryption/decryption processing configuration capable of reducing data stored in a memory at a low cost. The Feistel-type common key block encryption/decryption processing repeatedly executes an SP-type F function having nonlinear and linear transform sections by several rounds. At least one of the nonlinear and linear transform processes executed in the F function in each round is executed as a transform process identical with a transform process applied to an encryption/decryption algorithm other than a Feistel-type common key block encryption/decryption algorithm and/or another hash function such as AES and Whirlpool. With this configuration, it is possible to reduce the design cost and the amount of data stored in a memory.

Abstract: The invention realizes a high-security cryptographic processing apparatus that increases difficulty in analyzing its key and a method therefor. In Feistel-type common-key-block cryptographic processing that repeatedly executes an SPN-type F-function having the nonlinear conversion section and the linear conversion section over a plurality of rounds, Linear conversion processing of an F-function corresponding to each of the plurality of rounds is carried out by linear conversion processing that applies square MDS (Maximum Distance Separable) matrices. The invention uses a setting that arbitrary m column vectors included in inverse matrices of square MDS matrices being set up at least in consecutive even-numbered rounds and in consecutive odd-numbered rounds, respectively, constitute a square MDS matrix. This structure realizes cryptographic processing whereby resistance to linear cryptanalysis attacks in the common-key-block cipher is improved.

Abstract: A common-key blockcipher processing configuration with enhanced immunity against attacks such as saturation attacks and algebraic attacks (XSL attacks) is realized. In an encryption processing apparatus that performs common-key blockcipher processing, S-boxes serving as non-linear transformation processing parts set in round-function executing parts are configured using at least two different types of S-boxes. With this configuration, the immunity against saturation attacks can be enhanced. Also, types of S-boxes present a mixture of different types. With this configuration, the immunity against algebraic attacks (XSL attacks) can be enhanced, thereby realizing a highly secure encryption processing apparatus.

Abstract: A configuration that efficiently executes cryptographic processing to which a plurality of different F-functions are applied is provided. In a configuration that executes cryptographic processing by performing round operations to which different F-functions are selectively applied, a plurality of F-function correspondence tables, each corresponding to one of the F-functions, in which input values and output values or intermediate values are associated with each other are stored in a memory; in accordance with a prescribed cryptographic processing sequence, addresses corresponding to F-functions for the respective rounds are applied to read F-function correspondence tables from the memory; and output values or intermediate values for input values are acquired on the basis of reference to the tables to obtain data transformation results in accordance with the respective F-functions.

Abstract: To realize an extended-Feistel-type common-key block-cipher process configuration for realizing a diffusion-matrix switching mechanism (DSM). In a cryptographic process configuration in which an extended Feistel structure having a number of data lines: d that is set to an integer satisfying d?2 is applied, a plurality of multiple different matrices are selectively applied to linear transformation processes performed in F-function sections. A plurality of different matrices satisfying a condition in which a minimum number of branches for all of the data lines is equal to or more than a predetermined value are selected as the matrices, the minimum number of branches for all of the data lines being selected from among minimum numbers of branches corresponding to the data lines, each of the minimum numbers of branches corresponding to the data lines being based on linear transformation matrices included in F-functions that are input to a corresponding data line in the extended Feistel structure.

Abstract: A data processing system, recording device, data processing method and program providing medium are provided to execute authentication processing and content storing processing between apparatuses. Program localization is employed to restrict access to program content. A plurality of key blocks store key data for authentication processing. Key block designation information is set in a recorder/reproducer, which is configured for executing authentication processing with the recording device by designating a key block. The recorder/reproducer can set a key block for each product, model or the like. In addition, data stored according to a selected key block cannot be utilized in a recorder/reproducer in which a different key block is set. Furthermore, an encryption processing controlling section of a recording device executes control in accordance with a pre-defined setting sequence.

Abstract: To realize a common-key block cipher process configuration with increased difficulty of key analysis and improved security. In a configuration for storing in a register an intermediate key generated by using a secret key transformation process and performing a transformation process on the register-stored data to generate a round key, a process of swapping (permuting) data segments constituting the register-stored data is executed to generate a round key. For example, four data segments are produced so that two sets of data segments having an equal number of bits are set, and a process of swapping the individual data segments is repeatedly executed to generate a plurality of different round keys. With this configuration, the bit array of each round key can be effectively permuted, and round keys with low relevance can be generated. A high-security cryptographic process with increased difficulty of key analysis can be realized.

Abstract: A common-key blockcipher processing structure that makes analysis of key more difficult and enhances security and implementation efficiency is realized. In a key scheduling part in an encryption processing apparatus that performs common-key blockcipher processing, a secret key is input to an encryption function including a round function employed in an encryption processing part to generate an intermediate key, and the result of performing bijective transformation based on the intermediate key, the secret key, and the like and the result of performing an exclusive-OR operation on the bijective-transformed data are applied to round keys. With this structure, generation of round keys based on the intermediate key generated using the encryption function whose security has been ensured is performed, thereby making it possible to make analysis of the keys more difficult. The structure of the key scheduling part can be simplified, thereby making it possible to improve the implementation efficiency.

Abstract: A data processing system, recording device, data processing method and program providing medium are provided to execute authentication processing and content storing processing between apparatuses. Program localization is employed to restrict access to program content. A plurality of key blocks store key data for authentication processing. Key block designation information is set in a recorder/reproducer, which is configured for executing authentication processing with the recording device by designating a key block. The recorder/reproducer can set a key block for each product, model or the like. In addition, data stored according to a selected key block cannot be utilized in a recorder/reproducer in which a different key block is set. Furthermore, an encryption processing controlling section of a recording device executes control in accordance with a pre-defined setting sequence.

Abstract: A non-linear transformation processing structure having a high implementation efficiency and a high security is realized. Data transformation is performed using a first non-linear transformation part performing non-linear transformation using a plurality of small S-boxes; a linear transformation part receiving all the outputs from the first non-linear transformation part and performing data transformation using a matrix for performing optimal diffusion mappings; and a second non-linear transformation part including a plurality of small non-linear transformation parts that perform non-linear transformation on individual data units into which output data from the linear transformation part is divided. With this structure, appropriate data diffusion can be achieved without excessively increasing a critical path, and a structure with a high implementation efficiency and a high security can be achieved.

Abstract: The invention realizes a high-security cryptographic processing apparatus that increases difficulty in analyzing its key and a method therefor. In Feistel-type common-key-block cryptographic processing that repeatedly executes an SPN-type F-function having the nonlinear conversion section and the linear conversion section over a plurality of rounds, Linear conversion processing of an F-function corresponding to each of the plurality of rounds is carried out by linear conversion processing that applies square MDS (Maximum Distance Separable) matrices. The invention uses a setting that arbitrary m column vectors included in inverse matrices of square MDS matrices being set up at least in consecutive even-numbered rounds and in consecutive odd-numbered rounds, respectively, constitute a square MDS matrix. This structure realizes cryptographic processing whereby resistance to linear cryptanalysis attacks in the common-key-block cipher is improved.

Abstract: There is provided a highly secure cryptographic processing apparatus and method where an analysis difficulty is increased. In a Feistel type common key block encrypting process in which an SPN type F function having a nonlinear conversion section and a linear conversion section is repeatedly executed a plurality of rounds. The linear conversion process of an F function corresponding to each of the plurality of rounds is performed as a linear conversion process which employs an MDS (Maximum Distance Separable) matrix, and a linear conversion process is carried out which employs a different MDS matrix at least at each of consecutive odd number rounds and consecutive even number rounds. This structure makes it possible to increase the minimum number (a robustness index against a differential attack in common key block encryption) of the active S box in the entire encrypting function.

Abstract: A high-security cryptanalysis-resistant cryptographic processing apparatus and a cryptographic processing method are provided. A Feistel common key block cipher is produced by repeatedly performing an SPN-type F-function including a nonlinear transformation part and a linear transformation part over a plurality of rounds. In each round, a linear transformation process is performed according to an F-function using a matrix determined so as to satisfy a relatively loose constraint whereby high resistance to differential attacks and/or linear attacks is achieved. The relatively loose constraint allows an increase in the number of candidates for usable matrices, and it is possible to maintain the number of active S-boxes to a sufficiently large level.

Abstract: A Feistel type common key block cipher process configuration capable of maintaining the involution property and safety and easily changing the number of rounds is realized. The Feistel type cipher process configuration having an SP type F function which includes a nonlinear conversion section and a linear conversion section configures an n-round basic unit which has a matrix arrangement satisfying involution property and ODM-MR or SDM-MR which is a preset F function arrangement condition. For this unit, an F function satisfying the arrangement condition of the F function is selected and added or a plurality of basic units are connected so as to constitute the Feistel cipher configuration having an increased number of rounds having the arrangement satisfying the involution property and the ODM-MR or the SDM-MR.

Abstract: There is provided a highly secure cryptographic processing apparatus and method where an analysis difficulty is increased. In a Feistel type common key block encrypting process in which an SPN type F function having a nonlinear conversion section and a linear conversion section is repeatedly executed a plurality of rounds. The linear conversion process of an F function corresponding to each of the plurality of rounds is performed as a linear conversion process which employs an MDS (Maximum Distance Separable) matrix, and a linear conversion process is carried out which employs a different MDS matrix at least at each of consecutive odd number rounds and consecutive even number rounds. This structure makes it possible to increase the minimum number (a robustness index against a differential attack in common key block encryption) of the active S box in the entire encrypting function.

Abstract: A data processing system, apparatus and method are provided to verify and validate data. Cryptographic processes employ keys to encrypt the data, check the data and prevent tampering with the data. The data may include header information such as compressed contents or an expansion processing program used to process the data.

Abstract: An encryption processing apparatus for performing common-key blockcipher processing, the encryption processing apparatus includes an encryption processing part that performs data transformation in which a round function is iterated for a plurality of rounds; and a key scheduling part that generates round keys used to execute the round function. The key scheduling part is configured to repeatedly apply an xs times multiplication over an extension field GF( 2m), generated by an m-th order irreducible polynomial f(x) defined over GF(2), to an m-bit intermediate key generated by transformation of a secret key to generate a plurality of different round intermediate keys serving as data for generating a plurality of different round keys.

Abstract: Between a data recording/playback device and a data storage device, CBC-mode encryption processing is executed which encrypts a plurality of encryption keys of content which correspond to sectors. The encrypted data is stored in a header corresponding to the content. The CBC-mode encryption processing is executed by using a storage key unique to media in which the content is stored. For using the content, only by decrypting the key data in media in which mutual authentication is established, the content can be used, so that highly-secure key storage is implemented.