Abstract: A method of receiving a session key in a home network and a method of reproducing content using the same. The method of receiving a session key from a home server in a home network, includes: (a) whenever one of members of the home network changes, receiving and storing the session key and a session version indicating a session key generation sequence; (b) receiving a license necessary for reproducing predetermined content; and (c) determining a session key necessary for reproducing the predetermined content based on an encoding session version (ESV), which is a session version extracted from the license, and the stored session version. A home server transmits a session key and a session version to a user device whenever a subscriber to a home network changes, and the user device determines a session key using the session version, thereby performing a variety of domain administration by freely transmitting content between user devices.

Abstract: Provided are a method of recording/reproducing data under control of a domain management system. The method includes extracting, from the write command, domain management information regarding the predetermined domain and contents, and copy control information specifying an extent of copying the contents within the predetermined domain; recording the extracted domain management information on the storage medium; generating a domain-bound flag that is used to determine whether the recording apparatus which records the contents on a storage medium is present in the predetermined domain, based on the extracted copy control information; and recording the domain-bound flag and the contents on the storage medium. Accordingly, it is possible to record contents, recording of which is limited within a predetermined domain, on a storage medium outside a slave under control of a domain management system, while preventing the contents from being reproduced within other domains.

Abstract: An apparatus and method for controlling content are provided. A memory which stores storage medium information regarding a storage medium, and a main control unit which groups a plurality of contents in the storage medium into a plurality of groups, allocates a group nonce to each group, stores the group nonce in the storage medium, and if a move of at least one content item of the plurality of content items is requested, controls the move of the content item based on whether the storage medium information contains an identifier or a group nonce of a first target group including the requested content item.

Abstract: A method of checking revocation of a device and software, and transmitting data to a secure device and secure software whose keys have not been leaked is provided. The method includes receiving authentication information of a device requesting transmission of data, and authentication information of software accessing the data in the device; checking revocation of the device and the software, based on the received authentication information; and transmitting the data to the software of the device, when the device and the software are not revoked as a result of the checking. By doing so, during transmission of data, such as content or a license, it is possible to check security of a device and software being executed in the device, so that the data can be more safely transmitted.

Abstract: A method and apparatus for restricting the use of a disc are provided. In this method, first, lead-in data is read out from a loaded disc. Then, a user key is read out from a lead-in area of the disc. Thereafter, the user key undergoes authentication based on a user key received from a host. The authentication is performed by comparing a random number produced by a disc drive with a decrypted random number obtained by the disc drive decrypting a random number encrypted by the host. Accordingly, the use of the disc by an unauthorized third person is restricted, thus preventing a leakage of personal information and a protection of the copyrights of data.

Abstract: Disclosed are a method and apparatus for storing digital content in a storage device. A content key, which is a key used by a host for encrypting content when the content is stored to a storage device connected to the host, is encrypted by using a storage key of the storage device. The encrypted content key and encrypted content are stored in the storage device, and the host only stores storage keys. Thus, quantity of information maintained by the host can be reduced. Also, when a storage key is stored in a portable security component (PSC), portability and mobility of content bound to a single host may be improved.

Abstract: A method and apparatus for managing a client revocation list are provided. The method includes receiving a first client revocation list from a server; and selectively discontinuing an operation of a client, based on the first client revocation list. By doing so, the method and the apparatus can securely control contents.

Abstract: A method of managing and restoring an identifier of a storage device and an apparatus therefor are provided. The method includes the operations of generating a storage device identifier; recording the storage device identifier in a non-volatile memory of a host; generating an identifier file including the storage device identifier and a host identifier; and recording the identifier file in the storage device. By doing so, the method and apparatus can efficiently and securely manage the storage device.

Abstract: Provided is a method of preventing digital content from being used despite the presence of copy control information. In the method, a security apparatus capable of restricting use of contents generates a nonce with respect to a storage device and stores the nonce in the storage device and a memory separated from the storage device when content is stored in the storage device; updates the nonces stored in the memory and storage device when movement of the content occurs; and permits use of the content only when the nonce of the storage device, which is stored in the memory, is equal to the nonce stored in the storage device if the content is requested for use, thereby preventing a disk cloning attack.

Abstract: Provided is a method and apparatus for performing authentication between clients that complete authentication with a server. The method includes receiving first authentication information generated using the second session key from the server; receiving second authentication information generated using the second session key from the second client; and determining whether the authentication with the second client is successful using the first authentication information and the second authentication information.

Abstract: Provided are a method and apparatus for encrypting and transmitting contents and decrypting the encrypted contents in order to improve security for authority of use of the contents in a contents used environment by installing various content protection software in a content device. The method of encrypting and transmitting the contents includes: receiving contents to be transmitted; encrypting the contents using a content key which is an encryption key according to the received contents; encrypting the content key using an external device key of an external device which is permitted to receive the encrypted contents to be used and a software key of a software program which is executed in the external device and permitted to decrypt the encrypted contents; and transmitting the encrypted contents and the encrypted content key to the external device.

Abstract: Provided are a method and apparatus for controlling an output of a content device. The method includes: receiving a request signal that requests the use of encrypted content; executing software for decrypting the encrypted content in response to the received request signal; and controlling the decrypted content to be output through an output port that is allowed by the executed software.

Abstract: A method of and apparatus for installing software for using digital content and are provided. The method of installing software for using digital content includes: transmitting a request for the software; transmitting security information indicating a security status of a device in which the software is to be installed; and receiving the software from an external apparatus that received the request and security information. According to the method and apparatus, the software can be dynamically securely installed, thereby allowing a variety of digital contents to be used and enhancing the utilization of the device.

Abstract: A method of protecting important data in digital content and an apparatus therefor are provided. The method includes: receiving digital content which includes first important data; receiving reference data which includes second important data and authentication data for verifying whether the first important data is modified; and selectively correcting the first important data included in the digital content based on the reference data.

Abstract: A method and apparatus of transmitting data using authentication between a first device and a second device are provided. The method includes transmitting an encrypted certificate of the first device using a shared key shared by the first device and the second device, receiving authentication key generation information for generating an authentication key, which is received when it is determined that the certificate of the first device is valid and not revoked, generating a first random number and generating an authentication key based on the first random number and the authentication key generation information, and encrypting and transmitting data using the authentication key.

Abstract: A method of encrypting data is provided. The method includes dividing data in packet units into N data blocks; generating an initial counter value using a random number used for generating an encryption key for encrypting the data blocks; generating N counter values by increasing the initial value by a predetermined value N times and encrypting the N counter values using the encryption key; and performing an exclusive OR operation on the N encrypted counter values and the N data blocks.

Abstract: Provided is a method of inserting authentication code into a data packet. The method includes determining whether to insert authentication code into a data packet based on at least one of an importance of the data packet and a type of the data packet, and inserting the authentication code into the data packet based on a result of the determining.

Abstract: A method and apparatus for performing authentication are provided. The method includes: receiving an authentication request signal for requesting authentication from an external device; determining whether authentication has been performed with the external device that has transmitted the authentication request signal; based on the determination, selectively outputting an indication representing that it is necessary to perform authentication with the external device; if the indication representing that it is necessary to perform authentication with the external device is output, receiving an authentication execution command for instructing the execution of authentication in response to the indication; and performing authentication with the external device according to the authentication execution command.

Abstract: An information recording medium, in which a software version of an apparatus for reproducing contents is actively examined in order to provide update information about the software used in reproducing contents, the apparatus for reproducing contents, and a method of reproducing contents. The information recording medium includes contents and an active application which checks a version of software of an apparatus for reproducing the content and provides update information based on the checked version.

Abstract: Provided is a method of key agreement between devices. Using the method, two devices on a network can exchange information using polynomials of a polynomial ring, authenticate each other using the exchanged information, and generate a shared key. Accordingly, an authenticated key agreement protocol, which has better security and a faster processing speed than a conventional encoding system, can be realized.