Abstract: A server and a client hold common secret information in respective secret information holding units. A server Cyclic Redundancy Check (CRC) unit in the server generates a CRC code after adding the secret information to communication data, and transmits the communication data with the CRC code attached. A client CRC unit of the client generates a CRC code after adding the secret information to communication data, and checks whether or not an error has occurred in the communication data on the communication path. Since the client holds the secret information, the client determines that an error has not occurred, and obtains the communication data. On the other hand, a router, which does not hold the secret information, is unable to obtain the communication data. This prevents the communication data from being transferred to devices outside an authorized domain.

Abstract: A content distribution system in which content transmission/reception is suppressed when there is a high risk of contents being stolen by a third party during communication. A content server acquires a communication distance indicating how far the content server is from a terminal in data communication. The content server conducts content transmission/reception when the communication distance is less than or equal to a predetermined value, and suppresses content transmission/reception when the communication distance exceeds the predetermined value.

Abstract: A highly-convenient content duplication management system for allowing users to duplicate a content as long as the duplication is in compliance with a given usage right. In the system, a request destination device stores a content and a permitted number of duplications of the content. In response to a duplication request, the request destination device judges whether or not the request source device is an in-group device that belongs to the same group as the request destination device. When judging that the request source device is an in-group device, the request destination device transmits the content together with a permitted number that is equal to or smaller than the currently stored permitted number. The request destination device then updates the currently stored permitted number by subtracting the permitted number transmitted.

Abstract: A security communication packet processing apparatus (100) comprises an encryption processing unit (102) that performs encryption processing and decryption processing in a data block unit of B1 bits, an authentication processing unit (104) that performs authentication processing in a data block unit of B2(=n×B1) bits in parallel to the encryption processing or the decryption processing in the encryption processing unit (102) and outputs an authentication value, a data block accumulation unit (103) that accumulates the data blocks from the encryption processing unit (102) and outputs the data blocks to the authentication processing unit (104) when the accumulated amount of the data blocks reaches B2 bits, a packet construction unit (105) that reconstructs a packet with the data blocks from the encryption processing unit (102) and the authentication value from the authentication processing unit (104), and an encryption and authentication processing control unit (101) that divides the inputted packet into the da

Abstract: A server 10 and a client 20 hold common secret information in respective secret information holding units 13 and 23. A server CRC unit 14 in the server 10 generates a CRC code after adding the secret information to communication data, and transmits the communication data with the CRC code attached. A client CRC unit 24 of the client 20 generates a CRC code after adding the secret information to communication data, and checks whether or not an error has occurred in the communication data on the communication path. Since the client 20 holds the secret information, the client 20 determines that an error has not occurred, and obtains the communication data. On the other hand, a router 30, which does not hold the secret information, is unable to obtain the communication data. This prevents the communication data from being transferred to devices outside an authorized domain.

Abstract: An apparatus authentication system that includes a server apparatus and a client apparatus which perform a mutual authentication when a content is transmitted from the server apparatus to the client apparatus for use. The client apparatus receives challenge data from the server apparatus, generates signature data based on the received challenge data and a first password, and transmits the generated signature data. The server apparatus generates and transmits the challenge data, holds a second password in advance, receives the signature data from the client apparatus, performs an authentication of the received signature data using the challenge data and the second password, and if the authentication results in success, transmits an encrypted content to the client apparatus.

Abstract: The conventional method of limiting the number of receiving apparatus has a problem that if the limited number of appliances is reduced to limit distribution to unspecified appliances outside a home, distribution to appliances in the home is limited unnecessarily. If the limited number of appliances is increased, distribution to appliances outside the home cannot be sufficiently limited. The invention provides at least one receiving apparatus, (e.g., digital television sets and PCs,) connected to a network and capable of receiving and using predetermined data, and a transmitting apparatus, (e.g., an AV server) for transmitting the data to the receiving apparatus via the network. Use of the data on the network is managed based on the transmission time required for transmission of predetermined information between the transmitting apparatus and the receiving apparatus.

Abstract: A content distribution system in which content transmission/reception is suppressed when there is a high risk of contents being stolen by a third party during communication. A content server acquires a communication distance indicating how far the content server is from a terminal in data communication. The content server conducts content transmission/reception when the communication distance is less than or equal to a predetermined value, and suppresses content transmission/reception when the communication distance exceeds the predetermined value.

Abstract: In a server, an echo-request transmitting unit 204 transmits echo-request data to a target device, and an echo-reply receiving unit 205 receives echo-reply data from the target device. A time measuring unit 206 measures, as the target time, the time required between transmission of the echo-request data and reception of the echo-reply data, and compares the target time with the reference time. In this way, the server judges whether the target device connected to its network belongs to a predetermined group.

Abstract: A content-duplication management system formed from a playback apparatus that requests and plays contents, and a content-duplication management apparatus that manages duplication and deletion of contents. The playback apparatus notifies group information of the playback apparatus to the content-duplication management apparatus, acquires information from the content-duplication management apparatus showing whether requests are permitted, and duplicates/deletes contents.

Abstract: A highly-convenient content duplication management system for allowing users to duplicate a content as long as the duplication is in compliance with a given usage right. In the system, a request destination device stores a content and a permitted number of duplications of the content. In response to a duplication request, the request destination device judges whether the request source device is an in-group device that belongs to the same group as the request destination device. When judging that the request source device is an in-group device, the request destination device transmits the content together with a permitted number that is equal to or smaller than the currently stored permitted number. The request destination device then updates the currently stored permitted number by subtracting the permitted number transmitted.

Abstract: A key delivery apparatus that prevents the improper use of contents, and manages a decryption key for decrypting an encrypted content and a suppliable number showing how many times the decryption key is suppliable, with respect to one or more terminal apparatuses connected to a network. The key delivery apparatus receives a supply request for the decryption key from a terminal apparatus, and if the terminal apparatus is a legitimate supply target, judges whether the terminal apparatus is a first-type terminal apparatus that manages a content-usage period or a second-type terminal apparatus that does not manage the content-usage period, and if the suppliable number has a remaining number, supplies to the terminal apparatus, the decryption key and a key-usage period of the decryption key when judged that the terminal apparatus is the first-type terminal apparatus and the decryption key when judged that the terminal apparatus is the second-type terminal apparatus.

Abstract: In a content distributing system 1, content includes additional information relating to its use, according to characteristics of the content. A data-communication controlling device 40 generates a judgment table associating additional information and a device ID of a client device to which content having the additional information is permitted to be transmitted, and stores the generated judgment table. Upon receipt of a content request including a device ID from a client device, the data-communication controlling device 40 receives content from the broadcast receiving device 10, and judges whether the content is permitted to be transmitted to the client device, using a judgment table corresponding to additional information included in the received content. When judging that the content is not permitted to be transmitted, the data-communication controlling device 40 prohibits transmission of the content.

Abstract: A security communication packet processing apparatus (100) comprises an encryption processing unit (102) that performs encryption processing and decryption processing in a data block unit of B1 bits, an authentication processing unit (104) that performs authentication processing in a data block unit of B2 (=n×B1) bits in parallel to the encryption processing or the decryption processing in the encryption processing unit (102) and outputs an authentication value, a data block accumulation unit (103) that accumulates the data blocks from the encryption processing unit (102) and outputs the data blocks to the authentication processing unit (104) when the accumulated amount of the data blocks reaches B2 bits, a packet construction unit (105) that reconstructs a packet with the data blocks from the encryption processing unit (102) and the authentication value from the authentication processing unit (104), and an encryption and authentication processing control unit (101) that divides the inputted pack