Abstract: A communication apparatus that encrypts a plurality of pieces that constitute a part of data and transmits the encrypted pieces stores an encrypted piece that is one of the pieces encrypted by another communication apparatus, and first decryption key information used for decrypting the encrypted piece, while keeping the encrypted piece and the first decryption key information in correspondence with each other. Further, the communication apparatus generates temporary information that can be different at each time of generation, further performs an encrypting process on the encrypted piece based on the temporary information, and outputs a new encrypted piece. The communication apparatus transmits the new encrypted piece, the first decryption key information that is stored in correspondence with the encrypted piece, and second decryption key information used for decrypting the encrypting process.

Abstract: According to one embodiment, encrypted secret identification information (E-SecretID) and the key management information (FKB) are read from a memory device. Encrypted management key (E-FKey) is obtained using the key management information (FKB) and index information (k). The index information (k) and the encrypted management key (E-FKey) are transmitted to the semiconductor memory device. An index key (INK) is generated using the first key information (NKey) and the received index information (k). The encrypted management key (E-FKey) is decrypted using the index key (INK) to obtain management key (FKey), which is transmitted to the host device.

Abstract: According to one embodiment, an authentication method includes generating, by the memory, first authentication information by calculating secret identification information with a memory session key in one-way function operation, transmitting encrypted secret identification information, a family key block, and the first authentication information to a host, and generating, by the host, second authentication information by calculating the secret identification information generated by decrypting the encrypted secret identification information with the host session key in one-way function operation. The method further includes comparing, by the host, the first authentication information with the second authentication information.

Abstract: According to one embodiment, a device includes first and second data generator, a one-way function processor, and a data output interface. The first data generator generates a second key by encrypting a host constant with a first key in AES operation. The second data generator generates a session key by encrypting a random number with a second key in AES operation. The one-way function processor generates authentication information by processing secret identification information with the session key in one-way function operation. The data output interface outputs the encrypted secret identification information, a family key block, and the authentication information to outside of the device.

Abstract: According to one embodiment, a memory includes a first storage region capable of storing first key (NKey) information, and secret identification information (SecretID) unique to the authenticate, reading and writing data from and to the first storage region from an outside of the authenticatee being inhibited at least after the authenticatee is shipped.

Abstract: According to one embodiment, a device includes a first memory area to store a first key. A second memory area stores encrypted secret identification (ID) information generated from secret ID information with a family key. A third memory area stores a family key block including data generated from the family key with an ID key. An authentication module performs authentication. A second key is generated from a first number with the first key, a session key is generated from a random number with the second key, and authentication information is generated from the secret ID information with the session key. The encrypted secret ID information, family key block and the authentication information is output.

Abstract: According to one embodiment, a device includes a storage and an authenticator. The storage includes a first area, a second area and a third area. The first area stores NKey and SecretID, the second area stores index information. E-SecretID is generated by SecretID. The third area stores FKB including information generated by FKey. The authenticator authenticates the external device. HKey is generated by an AES encryption calculating using NKey and HC. A SKey is generated by an AES encryption process using HKey and RN. A one-way conversion calculating is performed. E-SecretID, FKB and Oneway-ID are output to the external device. The index information is read from the second area.

Abstract: According to one embodiment, a method for authenticating a device, wherein the device holds secret identification information, encrypted secret identification information, and key management information, and an authenticator holds an identification key, the method includes reading, by the authenticator, the encrypted secret identification information and the key management information from the device, and obtaining, by the authenticator, a family key by using the key management information, the family key being capable of being decrypted with the identification key. The method further includes obtaining, by the authenticator, the secret identification information by decrypting the encrypted secret identification information with the family key.

Abstract: According to one embodiment, an authenticator which authenticates an authenticatee, which stores first key information (NKey) that is hidden, includes a memory configured to store second key information (HKey) which is hidden, a random number generation module configured to generate random number information, and a data generation module configured to generate a session key (SKey) by using the second key information (HKey) and the random number information. The authenticator is configured such that the second key information (HKey) is generated from the first key information (NKey) but the first key information (NKey) is not generated from the second key information (HKey).

Abstract: A transmitting apparatus includes a transaction transmitting unit configured to transmit to a receiving apparatus a content to be moved to the receiving apparatus, by using a first transaction established with the receiving apparatus, a counter unit configured to count a progress quantity representing a degree of progress of the transmission of the content from a given point of time with respect to the transmission of the content corresponding to the first transaction to obtain a count value, and a transaction switching unit configured to switch the first transaction used for the transmission of the content to a second transaction, if the count value of the counter unit reaches a predetermined value and the transmission of the content is not completed.

Abstract: According to one embodiment, a communication device, which is connected to an external device, includes a key storage unit, an acquiring unit, a key selecting unit, and a calculating unit. The key storage unit stores therein a plurality of first information items obtained by twisting a plurality of device keys with first identification information for identifying the communication device. The acquiring unit acquires second identification information for identifying the external device. The key selecting unit selects one of the plurality of first information items using a media key block process. The calculating unit calculates a shared key, which is shared with the external device, using second information item obtained by twisting the selected first information item with the second identification information.

Abstract: In general, according to one embodiment, a storage device includes a data storage, a key storage, a receiver, an acquisition unit, a first computing unit, and a second computing unit. The data storage stores therein data. The key storage stores therein a plurality of device keys. The receiver receives identification information on an access device that accesses the data. The acquisition unit acquires an index specifying one of the device keys stored in the key storage. The first computing unit computes a second key based on the device key specified by the index and the identification information, the second key being used to perform an operation on key information acquired by performing an operation on a first key shared with the access device. The second computing unit computes the first key by performing an operation on the key information using the second key.

Abstract: A communication apparatus stores encrypted pieces having plural pieces as a part of a content encrypted, and number of transmission times. At least one first piece is encrypted by plural different encryption keys. The communication apparatus selects as priority pieces plural encrypted pieces corresponding to at least one first piece among the first pieces, based on number of untransmitted encrypted pieces of which number of transmission times is zero among plural encrypted pieces of which first piece is encrypted, and stores priority piece information specifying the priority piece. When a piece request is received from other communication apparatus, the communication apparatus determines an encrypted piece to be transmitted, based on priority piece information, and transmits the encrypted piece to the other communication apparatus.

Abstract: According to an embodiment, an information processing device includes: an extracting unit configured to extract a feature quantity of a content; a first detecting unit configured to detect a point in the content where variation of the feature quantity is a first predetermined amount or more; a second detecting unit configured to detect components of watermark information including components corresponding to respective intervals based on the point; a determining unit configured to determine a reliability of the watermark information that is detected; and a selecting unit configured to select a first watermark information from the watermark information based on a result of determination determined by the determining unit.

Abstract: A decryption key unique to each user system is a value obtained by (a)assigning different individual key generation polynomials to a root, a plurality of nodes, and a plurality of leaves of a tree structure, respectively, (b) assigning the different leaves on the tree structure a plurality of subgroups obtained by dividing a group of a plurality of user identification information items which are for individually identifying the user systems, and (c) substituting the user identification information item of the each user system into one of the individual key generation polynomials which corresponds to one of leaves assigned to one of the subgroups to which the user identification information item corresponding to the each user system belongs or an ancestor node of the one of the leaves and a common key generation polynomial common to the root, the nodes, and the leaves.

Abstract: An information processing system in which information transfers between communication devices through a network is limited within a prescribed range by registering unique information obtainable within the prescribed range into each device and permitting information transfer between devices which share common unique information, where the unique information is formed by a pair of public and secret unique information, a bridge device is controlled such that, upon receiving a proxy check request from a reception device, whether a transmission device is another bridge device or not is judged when the public unique information registered by the reception device is registered in the bridge device and one public unique information registered in the bridge device is registered by the transmission device. Then, the secret unique information registered by the reception device is transmitted to the transmission device when the transmission device is not another bridge device.

Abstract: With each embodiment of the present invention, a content providing system comprises a content encrypting section which encrypts content by use of a session key and a header generating section which encrypts the session key by use of an encryption key in such a manner that the session key can be obtained by use of a decryption key assigned to a user system and generates header information including the encrypted session key and one or more values based on user identification information of each of the user systems that are permitted to obtain the session key. The content providing system transmits the encrypted content and the header information to each user system. Since the header information does not explicitly include user identification information of the user systems, information about whose decryption keys have been revoked is not leaked out in the block box tracing.

Abstract: A content distribution system encrypts a content by using different session keys assigned to user systems, encrypts each of the session keys with a public key corresponding to a decryption key unique to each user system, generates, for a group of user identification information items, header information including the encrypted session keys, and a first vector which corresponds to a session key of the session keys and is assigned to arbitrary user identification information u in the group, the first vector being set such that an inner product of the first vector and a second vector concerning the user identification information u becomes equal to zjuv (where zj is a constant value of a session key sj assigned to the user identification information u, and v is group identification information to the group), and transmits the header information and one of the encrypted contents to the user systems.

Abstract: A decryption apparatus stores secret keys, each of which is specified by two nodes in tree structure in first memory, one of the two nodes indicated by ciphertext index information item of the decryptable ciphertext being an ancestor node of leaf and the other of the two nodes being a node which is not an ancestor node of leaf, and stores an identifier of decryption apparatus corresponding to a leaf in a tree structure in a second memory. The decryption apparatus acquires a plurality of ciphertexts, each ciphertext including a ciphertext index information item indicating two nodes in the tree structure which correspond to a decryption key for decrypting the respective ciphertext, and acquires a decryptable ciphertext from the plurality of ciphertexts. Further, the decryption apparatus selects, from the stored secret keys, a secret key corresponding to the respective ciphertext, and derives a decryption key from the selected secret key to decrypt the decryptable ciphertext by using the derived decryption key.

Abstract: According to one embodiment, a repeater receives content data from a sender device through a first content protection technology and transmits the content data to another device through a second content protection technology. The repeater includes a receiver, a preparation module, and a transmitter. The receiver receives identification information that identifies a device compliant with the second content protection technology through the second content protection technology. The preparation module prepares an identification information list based on the first content protection technology that contains the identification information based on the second content protection technology received by the receiver and identification information based on the first content protection technology that identifies the repeater. The transmitter transmits the identification information list to the sender device through the first content protection technology.