Abstract: A successive data processing method and apparatus is provided. A data processing apparatus, when connected to a data management apparatus, transmits apparatus information of the data processing apparatus, selects target process data, transmits target process information of the selected target process data, processes the target process data, and transmits process status information according to a process result of the target process data to the data management apparatus.

Abstract: A method and an apparatus are provided for generating an encryption key for broadcast encryption. The method of generating the encryption key for the broadcast encryption includes generating a first encryption key with respect to all nodes, configured in a plurality of depths, from a root node to a plurality of leaf nodes, and generating a second encryption key with respect to each intermediate node between the root node and the plurality of leaf nodes, wherein the generation of the second encryption key comprises generating any one of first and second keys using the first encryption key depending on whether a first child node, connected to a sibling node of the intermediate node, is on a left path or a right path of the intermediate node.

Abstract: There are provided efficient basis conversion matrices Dsd and Dds and a basis conversion method in a finite field GF(2n) using the basis conversion matrices for a case where a defining polynomial is a pentanomial, xn+xk(3)+xk(2)+xk(1)+1, and the exponents n, k(3), k(2), and (k1) satisfy the condition, n?k(3)>k(3)?k(1). In addition, an apparatus for the basis conversion in the finite field GF(2n) is provided. Since a pentanomial having a general form in an arbitrary degree is used as the defining polynomial, basis conversion between a standard representation and a dual representation is efficiently performed. Consequently, a dual basis multiplier can be efficiently implemented.

Abstract: A device authentication method using broadcast encryption is provided, in which, a hash value corresponding to a group key version is generated, the generated hash value is encrypted with a group key, group key information comprising the encrypted hash value is generated, and the generated group key information including a signature of an authentication server for the group key information is transmitted. Accordingly, mutual authentication is accomplished by using the group key version including in the group key information.

Abstract: A user key allocation method for broadcast encryption is provided. The user key allocation method includes generating a plurality of subsets by dividing one group including a plurality of nodes to sub-groups and allocating key sets with respect to the subsets, respectively. The nodes included in the subset may be odd nodes and even nodes of the nodes of the group. The nodes are arranged so that privileged nodes are consecutive or there is only one privileged node. Accordingly, it is possible to reduce the data size transmitted from the server to the nodes by constituting one or more subsets from the nodes consecutively arranged and providing key sets with respect to the subsets.

Abstract: An improved security device for digital contents and a method for using the security device are provided. The improved security device and method include a transmission and reception unit for transmitting and receiving data necessary for authentication with a mobile device, and for transmitting and receiving contents of the mobile device and a controller for performing authentication with the mobile device, and for decrypting re-encrypted contents from the mobile device when the authentication is successful. The improved method and device provide enhance mobility for users.

Abstract: A hierarchical threshold tree-based broadcast encryption method includes a first step for a server initialization and a user subscription, a second step of distributing a message to enable a privileged user (authorized user) to decrypt a group key, and a third step of the privileged user (authorized user) decrypting the message using the group key. According to the method, it is possible to prevent any group of revocators from obtaining the group key using their secret information and information being broadcast by the server.

Abstract: Provided is a DRM installation management device and method, which requests secret DRM from a DRM Center in order to use DRM that is necessary to access content, receives the requested secret DRM and installs the DRM, and is able to implement authentication and decryption using the secret DRM. Even if DRM related to digital content stored on the device is not present, DRM for the relevant digital content can be automatically downloaded and installed. Moreover, using the public key certificates and private keys, security problems relating to secret DRM are overcome.

Abstract: A combination-based broadcast encryption method includes: assigning by a server a base group of different combinations to each user; producing and sending secret information for each user by using as a base the base group allocated to each user; producing and sending an inverse-base parameter value through calculations with integers used to produce the base group and key value information of one or more privileged users; and deriving a group key by using the key value information of the privileged users, encrypting a session key by using the derived group key, and sending the encrypted session key to each user. Accordingly, each user is assigned a different base through a combination, thereby having security against collusion attacks.

Abstract: A radio frequency identification (RFID,) tag, an RFID privacy protection system, and an RFID privacy protection method are provided. The RFID privacy protection method includes a pseudo identification (ID) used to authenticate the RFID reader and a key used to generate the pseudo ID are received; if the pseudo ID is received in response to an information request signal for reading information of the RFID tag comprising the pseudo ID, the key is transmitted; and if a pseudo ID generated using the key is equal to the pseudo ID received in response to the information request signal, an RFID of the RFID tag to read the information of the RFID tag is received.

Abstract: A radio frequency system and a password management method applied to a storage device of the radio frequency system are provided, in which a first access password is stored for deciding whether to permit access to information and a first changed password. The first changed password, a second access password, and a second changed password are received, and the first access password is changed to the second access password, and the first changed password is changed to the second changed password. Accordingly, information access authority in the storage device and a password change authority can be exclusively transferred according to the transfer of management of the storage device, and information leakage caused by a previous manager's password leakage or a third person's password leakage can be prevented.

Abstract: A radio frequency identification (RFID) tag encryption method and system using a broadcast encryption (BE) scheme are provided by encrypting an ID of an RFID tag, storing the encrypted ID in a server and the RFID tag, and storing information relating to a reader authorized to read out the RFID tag in the server so that the reader can read out the RFID tag by decrypting the encrypted ID based on the encrypted ID information read from the RFID tag and the reader information. When readers read out ID data from the RFID tag, a privileged reader can read the data. Thus, it is possible to block unintended information leakage to the readers. In addition, user usability can be enhanced since an attacker cannot perform an access lock on the RFID tag.

Abstract: A method for authorizing an off-line image device to play contents in use of a recording medium, including recording an encrypted key on a recording medium; recording contents on the recording medium using the encrypted key; and recording information as to a play right to play the contents recorded on the recording medium. Thus, the off-line image device can be authorized to play contents in use of the recording medium. As a result, the off-line image device can play contents that are recorded on the recording medium and must be authorized to play the contents.

Abstract: A method and a system for managing a key of a home device in a broadcast encryption system are provided. A hierarchical structure of a group set comprising a plurality of nodes corresponding to the home server and a plurality of nodes corresponding to the home device is formed. A key set to be allotted to the node set is generated. The node group is allowed to correspond to the key set to generate key-node corresponding information according to a request of the home server.

Abstract: Provided are a method of managing data in a network system and a network system using the method. The method includes substituting a master password for a predetermined function to generate a password; if a password for requesting an access to specific data is input, checking whether the input password matches with the generated password; and if the input password matches with the generated password, allowing the access to the specific data. Thus, in a case where a storage unit makes access levels of data into multilayered access levels to authenticate a password, the storage unit can store only a password to efficiently authenticate and manage an access to data.

Abstract: A security device and a head end of a conditional access system (CAS), and a method for controlling illegal use of the conditional access system, capable of minimizing the number of entitlement management messages (EMMs) to be distributed from a head end to a user are provided. Update keys encrypted with user keys and channel management keys encrypted with the update keys are utilized.

Abstract: An RFID tag used to purchase service related to the RFID tag containing purchase information, a service purchase system using the RFID tag, and a service purchase method thereof. The RFID tag provides content information, right information, and purchase information. Therefore, when purchasing service products such as contents, user convenience can be increased and reliability can be guaranteed.

Abstract: A security method using an electronic signature, which improves the performance of an electronic signature authentication by generating and verifying an electronic signature using a mediator, and acquires a forward security in an electronic signature generation and verification by adding a forward secure signature of semi-trusted party (SEM) to a partial signature value generated based on a secret key piece of the SEM. A public key and an optional secret key composed of two kinds of pieces are generated by a certificate authority in response to a request from a user terminal device. The secret key pieces are issued to the user terminal device and a semi-trusted party not to be overlapped with each other. A first signature piece generated from the issued pieces of the private key is transmitted to the user terminal device from the semi-trusted party when a certificate of the user terminal device is still valid.

Abstract: A tag generation method for generating tags used in data packets in a broadcast encryption system is provided. The method includes detecting at least one revoked leaf node; setting a node identification (node ID) assigned to at least one node among nodes assigned node IDs at a layer 0 and to which the at least one revoked leaf node is subordinate, to a node path identification (NPID) of the at least one revoked leaf node at the layer 0; generating a tag list in the layer 0 by combining the NPID of each of the at least one revoked leaf nodes at the layer 0 in order of increment of node IDs of the corresponding at least one revoked leaf nodes; and generating a tag list in a lowest layer by repeatedly performing the setting and generation operation down to the lowest layer.

Abstract: A hybrid broadcast encryption method is provided. The hybrid broadcast encryption method includes setting initialization values, generating a node secret using the initialization values; generating a private secret using the node secret; sending the node secret and the private secret; generating a broadcast message based on a revoked group; encrypting a session key using a key encryption key (KEK) which is allocated to every user group and the broadcast message; and broadcasting to every user the encrypted session key and the broadcast message.