Abstract: A secure communications system (100, FIG. 1) with a compromised communications node can quickly recover from the compromised condition by sending re-keying messages using a key encryption key hierarchy (200, FIG. 2). Each communications node (330, FIG. 3) includes a memory (300, FIG. 3) with a list of tier-group specific key encryption keys, and whenever a message arrives that is encrypted with a key encryption key in the list, the communications node decrypts the message. When the message includes a new traffic encryption key, the communications node has been re-keyed. Key encryption keys are managed hierarchically such that many communications nodes can be re-keyed with very few broadcast messages, thereby saving communications resources.

Abstract: The present invention provides a multicast communication system having a multicast server and a plurality of clients belonging to a multicast group. The multicast server transmits data encrypted by using a first encryption key to the clients by multicasting, and transmits the result of encrypting the first encryption key by using a second encryption key by unicasting to a client subscribed to a data distribution service, among the plurality of clients. The client subscribed to the data distribution service receives the encrypted data and the result. The client decrypts the result to obtain the first encryption key and decrypts the encrypted data using the first encryption key.

Abstract: A smartcard for use with a receiver of encrypted broadcast signals comprises a microprocessor for enabling or controlling decryption of said signals. A memory is coupled to the microprocessor. The microprocessor is adapted to enable or control the individual decryption of a plurality of such signals from respective broadcast suppliers of such signals by means of respective dynamically created zones in the memory, the dynamically created zones each being arranged to store decryption data associated with a respective one of said broadcast suppliers.

Abstract: A system and method for reusable efficient key distribution is disclosed. Key distribution is effected through the application of self-repairing groups that obviate the need for key distribution messages in portions of a hierarchical tree. In one embodiment, the self-repairing group is based on a reusable power set.

Abstract: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.

Abstract: The invention is related to optimization of data transmission in TCP/IP networks, particularly to problems created by transmission of encrypted traffic. According to the invention, an indication of a TCP ACK being carried in the encrypted payload of a IP datagram is added in the IP header of the datagram. The indication may simply be a flag indicating the presence of a TCP acknowledgment. The indication may also contain the acknowledgment number, which allows processing of the encrypted traffic based on the acknowledgment number. In IPv4 datagrams, the indication may be inserted as an extra option field. In IPv6 datagrams, the indication may be inserted as an extension header.

Abstract: System for updating an encrypted key, by means of which the WEP of IEEE 802.11 can be applied to a wireless LAN system having plural APs and a large number of STAs. A key management server is LAN-connected to the APs. A set of plural (k) encrypted keys used for wireless communication between the entire APs and STAs is provided and managed monistically. If an encrypted key is updated in the key management server, the updated key is delivered to each of the APs and the STAs.

Abstract: An approach for establishing secure multicast communication among multiple event service nodes is disclosed. The event service nodes, which can be distributed throughout an enterprise domain, are organized in a logical tree that mimics the logical tree arrangement of domains in a directory server system. The attributes of the event service nodes include the group session key and the private keys of the event service nodes that are members of the multicast or broadcast groups. The private keys provide unique identification values for the event service nodes, thereby facilitating distribution of such keys. Because keys as well as key version information are housed in the directory, multicast security can readily be achieved over any number of network domains across the entire enterprise. Key information is stored in, and the logical tree is supported by, a directory service. Replication of the directory accomplishes distribution of keys.

Abstract: An intrusion detection security system (IDSS) guards a server against vandals' attacks such as denial of service, distributed denial of service, and common gateway interface attacks. An incoming source address is compared with the contents of a database of privileged addresses. If the incoming address is present in the database, the IDSS instructs protective equipment such as a firewall or router to allow the incoming message to pass to the web server despite any ongoing attack, thus allowing messages from customers or suppliers, for example, through. Otherwise, the IDSS checks a database of blocked addresses. When the incoming address is absent, the IDSS writes the address to the database of blocked addresses and instructs the protective equipment to block subsequent messages from the incoming address.

Abstract: A wireless authentication protocol. Access to a network is managed by providing a challenge-handshake protocol within the Extensible Authentication Protocol for authentication between a client and the network.

Abstract: A proactive browser system configured to implement stateful frame navigation using content specific icons, background frame maintenance, and asynchronous frame submissions. The proactive browser system includes three components: user-side proactive application terminals (PAT), network-resident proactivity enablement servers (PES), and server-side proactive wireless web-based application servers. The PAT resides on user terminals and functions as an enhanced browser that accommodates proactive application services. The PES resides in the wireless network between the proactive application servers and the user terminals, and implements proactivity support services including queuing of proactive application submissions, presence detection of proactive application terminals, and routing of proactive application submissions from proactive application servers to the proactive application terminals.

Abstract: A method and apparatus for controlling access to digital information utilizes a location identity attribute that defines a specific geographic location. The location identity attribute is associated with the digital information such that the digital information can be accessed only at the specific geographic location. The location identity attribute further includes a location value and a proximity value. The location value corresponds to a location of an intended recipient appliance of the digital information, and may be further defined in terms of latitude, longitude and altitude dimensions. The location identity attribute is enforced by allowing access to the digital information only at the specific geographic location. As a first part of this enforcement process, the location of an appliance through which access to the digital information is sought is identified.

Abstract: A method for creating a secure sub-network on a public network that includes a set of devices. The secure sub-network is to include a subset of devices from among the set of devices. An access card is provided having a first private key comprised thereon. The access card is scanned to determine the first private key, by the subset of devices. A master device is determined from among the subset of devices. A second private key is selected and a public key is computed based on the second private key, by the master device. The second private key is only known to the master device. The public key is sent to the set of devices, by the master device. A shared encryption key is computed, and an encryption is requested of any subsequent messages between any of the devices comprising the subset of devices using the shared encryption key.

Abstract: Information that must remain secure is often stored on untrusted storage devices. To increase security, this information is encrypted by an encryption value prior to storing on the untrusted storage device. The encryption value itself is then encrypted. The encryption value is decrypted by correctly solving an access formula describing a function of groups. Each group includes a list of at least one consumer client. A requesting consumer client is granted access to the information if the requesting consumer client is a member of at least one group which correctly solves the access formula.

Abstract: Byzantine Agreement requires a set of parties in a distributed system to agree on a value even if some parties are corrupted. The invention comprises a method for achieving agreement among participating network devices in an asynchronous network is disclosed that makes use of cryptography, specifically of threshold digital signatures and a distributed coin-tossing protocol.

Abstract: An RF electronic identification system (10) is disclosed and claimed. The system includes at least one transponder encoder (14.1) for writing data into a memory arrangement (52) of a selected transponder (1.1) of a plurality of transponders (1.1 to 1.n) adapted to receive data from the at least one encoder. The system further includes at least one verifier (16) for interrogating a selected transponder (1.1) and to read data stored in the transponder. The encoder includes a controller (42) for providing an identification code characteristic of the encoder to form part of the data to be written into the transponder. The verifier includes computing means (56) for extracting the identification code from the data read thereby and for comparing the code to authorized codes. An indicator (18) provides an indication whether the identification code corresponds to any of the authorized codes or not. A method of verifying the authenticity of a transponder is also disclosed and claimed.

Abstract: A version number is associated with an encrypted key executable to allow real time updating of keys for a system which facilitates users signing on to multiple websites on different domains using an encrypted ticket. Two keys may be used at each site during updating of keys, each having an associated one digit Hex version tag. When a key is to be updated with a new key, the existing or old key is provided an expiration time. A second key is provided from the system in a secure manner with a new version number and made the current key which provides decryption of the encrypted ticket. The system tracks both keys while they are concurrent. After the existing key expires, only the second, or updated key is used to provide login services for users. The system periodically flushes old keys.

Abstract: An optimized approach for arriving at a shared secret key in a dynamically changing multicast or broadcast group environment is disclosed. In one aspect of the invention, a method is provided for communicating through a secure channel between members of a dynamically changing multicast group connected over an insecure network. The method provides that a first shared secret key for establishing a first multicast group is computed that includes a set of one or more first members. Based on the first shared secret key, a first multicast group exchange key is also generated. Upon receiving a first user exchange key from a first user requesting entry into the first multicast group, a second secret key, based on the first user exchange key and the first shared secret key is computed. The first multicast group exchange key is sent to the first user and used by the first user to generate the same second shared secret key.

Abstract: A secure wireless local or metropolitan area network and data communications device therefor are provided, where the device transmits plain text in an encrypted message including cipher text and an initialization vector. The device may include a seed generator for performing a one-way algorithm using a secret key, a device address, and a changing reference value for generating a seed. Further, a random initialization vector (IV) generator may be included for generating a random IV, and a key encryptor may generate a key sequence based upon the seed and the random IV. Additionally, a logic circuit may be included for generating cipher text based upon the key sequence and plain text, and a wireless communications device may be connected to the logic circuit and the random IV generator for wirelessly transmitting the encrypted message.

Abstract: A method and system for encrypting, in a telecommunication system, outgoing message traffic between mobile stations operating in accordance with current mobile communication standards and/or between a mobile station and a service provider, and for decrypting incoming message traffic, includes directing encrypted messages to and receiving encrypted messages from only those members of a limited closed receiver group that are located in a given geographic area.

Abstract: A storage apparatus includes a key management unit for managing an individual key unique to the apparatus and a common key shared with other storage apparatuses, and an encryption unit for performing an encrypting process or verifying data for performing the encrypting process on electronic data stored in the apparatus to which the unit belongs using the individual key, and performing the encrypting process or verifying the data on the electronic data transmitted to or received from another apparatus using the common key. Thus, the apparatus communicates data using an applicable common key in a local environment and a global environment, appropriately manages a key in each environment, and guarantees the security of the electronic data.

Abstract: A system and method for generating a plurality of authentication tags using a plurality of authentication mechanisms is disclosed. The plurality of authentication tags can reflect different authentication strength-performance levels. It is a feature of the present invention that a receiver is afforded increased flexibility in adaptively choosing strength-performance levels. It is a further feature of the present invention that multiple authentication tags can be used in multicast environments, where different receivers may have different processor capabilities or security policies.

Abstract: An efficient multicast key management is achieved by using seals. A security server generates a seal. In one embodiment, the seal contains a key. In another embodiment, the seal contains information for generating a key. An application server requests the seal from the security server and broadcasts the seal to a plurality of recipients. A recipient wishing to encrypt or decrypt a data stream transmits the received seal to the security server to be opened. If the recipient is authorized, the security server transmits a permit to the authorized recipient. In one embodiment, the recipient generates a key from the permit. In another embodiment, the permit is the key. If the recipient is a sender, the recipient encrypts data using the key and broadcasts the same encrypted data stream to all receivers. If the recipient is a receiver, the recipient decrypts an encrypted data stream using the key. In one embodiment, a seal with a corresponding offset value is sent periodically in a data stream.

Abstract: Apparatus and computer-readable media are disclosed for establishing secure multicast communication among multiple multicast proxy service nodes of domains of a replicated directory service that spans a wide area network. Domains are organized in a logical tree. Each domain has a logical tree that organizes the multicast proxy service nodes, a group manager at the root node, a multicast key distribution center, multicast service agent, directory service agent and key distribution center. Multicast proxy service nodes store a group session key and a private key. Replication of the directory performs key distribution. A multicast group member joins or leaves the group by publishing message. The local key distribution center and multicast service agent obtain the publisher's identity from a local directory service agent. Based on the identity, a secure channel is established with the directory service agent in the group member's domain.

Abstract: In one embodiment, a method is described to secure transfer data from one location to another for storage in an electronic component. The transfer occurs with part of the data routed to a first destination and the remaining data routed to a second destination. The data routed to the first destination is for securely loading a current sort encrypted key (SEK) and a next SEK into memory of the electronic component. The data routed to the second destination includes a private key which is recovered using the current SEK and the next SEK.

Abstract: The present invention relates to a method and system for Internet Protocol network communications and a use thereof for protecting Internet sites against denial of service attacks on insecure public networks such as the Internet. The method utilizes a multicast address hopping technique which selectively varies the chosen multicast IP address from a set of available multicast addresses according to a predetermined scheme known to the communicating end stations but not to unauthorized end stations. The packets associated with the multicast stream are then communicated on the chosen multicast address. The set of available multicast IP addresses may also be selectively varied according to a secret predetermined scheme known to the transmitter and subscriber end stations, particularly by adding to and dropping from the set of multicast IP addresses in a seemingly random fashion.

Abstract: A method for content access control operative to enable authorized devices to access protected content and to prevent unauthorized devices from accessing protected content, the method comprising: providing a plurality of authorized devices; dividing the plurality of authorized devices into a plurality of groups, each of the plurality of authorized devices being comprised in at least one of the plurality of groups, no two devices of the plurality of authorized devices being comprised in exactly the same groups; determining whether at least one device of the plurality of authorized devices is to be prevented from having access to the protected content and, if at least one device is to be prevented, removing all groups comprising the at least one device from the plurality of groups, thus producing a set of remaining groups; and determining an authorized set comprising groups from the set of remaining groups, such that each device of the plurality of authorized devices which was not determined, in the determining

Abstract: A method and an apparatus for providing only authorized mobile subscribers with a specified commercial broadcasting service in a cellular mobile communication network. A base station transmits a control signal including a common traffic ciphered key having a specified validation period through a dedicated secure signal channel assigned to a respective authorized subscriber terminal. The base station then enciphers broadcasting data from a broadcasting system with the common traffic ciphered key, for broadcasting through a common traffic broadcasting channel. The base station periodically updates the common traffic ciphered key according to the corresponding validation period. A subscriber terminal obtains the common traffic ciphered key from the control signal received through the dedicated secure signal channel, and deciphers the broadcasting signal with the obtained common traffic ciphered key to obtain therefrom the broadcasting data.

Abstract: The present invention comprises a method and apparatus for securely providing billable multicast data. The invention describes a solution that provides an architecture for enabling different types of security devices to operate interchangeably in very large consumer networks, corporate networks, for authentication and metered access to services, as well as payment. An embodiment of the invention comprises a mechanism for ensuring that only authorized parties may obtain access to a particular data stream. For example, the present invention provides a way build a restricted-channel system. In a restricted-channel system, a multicast server transmits encrypted information that can be deciphered by authorized multicast client programs or multicast client programs operating under authorized conditions. Access to the multicast data is allowed when the data is appropriately decrypted or otherwise verified and/or the payment is obtained from a portable device such as a smart card.

Abstract: A long-lived broadcast encryption method that adapts to the presence of compromised keys and continues to broadcast securely to privileged sets of users over time. In one aspect, a method for providing long-lived broadcast encryption comprises the steps of: allocating, to each of a plurality of subscribers, a corresponding set of subscriber keys; broadcasting encrypted content to the plurality of subscribers using a set of broadcast keys, wherein the encrypted content is decoded by a given subscriber using the subscriber's corresponding set of subscriber keys; modifying the set of broadcast keys, which are used for broadcasting encrypted content, by excluding compromised subscriber keys; and updating a set of subscriber keys corresponding to at least one subscriber when the at least one subscriber's set of subscriber keys comprises an amount of active keys that falls below a first predetermined threshold.

Abstract: Illegal cable decoders, i.e., black boxes, are defeated by adding, inserting and/or superimposing an added signal onto an already scrambled video signal, which added signal is capable of disrupting the operation of the illegal cable decoder. As a result of the added signal, the illegal cable decoder outputs an unstable or unviewable picture or signal and concealment is maintained. In another embodiment of an added signal, a modulated signal with a range from about blanking level to about peak white level is added, inserted and/or superimposed on the unstable scrambled video signal in the vertical blanking interval and/or its vicinity. As a result, the illegal cable decoder is caused to generate some horizontal instabilities at its output.

Abstract: Methods and systems for selectively encrypting and decrypting messages transmitted on a channel of a communication network, such as a broadcast channel, are provided. Group encryption keys are provided for one or more services utilizing the broadcast channel to communicate messages. A message associated with a particular service first receives an error check value, such as a cyclical redundancy check (CRC) value generated from the unencrypted message. The message is then encrypted using the group encryption key for the service and the CRC is added to the encrypted message and transmitted with a broadcast address of the communication network. A receiver then receives the message and determines that the CRC indicates an error (as it is generated from the encrypted message rather than the unencrypted message). The receiver then decrypts the message using the group encryption key for the service (assuming the receiver is authorized to receive the service, i.e.

Abstract: The invention relates to a data network and a method for creating a static address table for a number of target addresses. Said method comprises the following steps: replication of each of the target addresses in an entry address of the address table; if a subset of the number of target addresses is replicated in the same entry address: a) the entry address is allocated to one of the target addresses of the subset, b) the entry address is allocated with an offset to each of the remaining target addresses of the subset, c) one or more transmission ports is/are saved in the address table, together with the relevant target address, for each target address of the number in one or more locations that is/are characterized by the respective entry address or by the respective entry address with one or more offsets.

Abstract: Multicast communications are expanded to include the concept of private multicasts. An address space dedicated to multicast is partitioned into a subspace for public multicasts and a subspace for private multicasts. A public key/private key encryption pair is used for private multicasts and installed on domain name servers or on certification authorities. Portions of a multicast join request are sent together with a corresponding encrypted version. Private multicast equipped routers receive the multicast join request, retrieve the public key from a domain name server or from a certification authority and decrypt the encrypted portion of the join request to determine if the requester is authorized. Group specific multicast joins are also permitted by sending a bit-mask identifying a group of senders which are authorized or prohibited from sending to a user joining a multicast.

Abstract: The present invention is a method and apparatus for securing a session in a system having application and network layers. The session is managed by a session manager. Security components used in the session are provided by a security storage. The session manager coordinates a mapping of a conference session at the application layer to a multicast session at the network layer using the security components provided by the security storage.

Abstract: Multicasting network packets is disclosed. A total number of copies of a frame, t, to be sent is determined. A number of copies of the frame, m, which is less than a total number of copies of the frame, t, to be made during a current iteration is determined. M copies of the frame are made. The m copies of the frame are then sent to their destinations. The original input frame is provided as output with an indication that the frame should be returned for further processing. Processing of the frame is discontinued during an interval in which other frames are processed. The process is repeated until t copies have been sent.

Abstract: Disclosed is a scalable, hierarchical, distributed network architecture and processes for the delivery of high-performance, end-to-end online multimedia services, including Internet services such as World Wide Web access. The network architecture connects a high-speed private backbone to multiple network access points of the Internet, to a network operation center, to a back office system, and to multiple regional servers in regional data centers. Each of the regional servers connects to several caching servers in modified head-ends, which in turn connect via fiber optics to many neighborhood nodes. Finally, each node connects via coaxial cable to multiple end-user systems. The processes include those for replicating and caching frequently-accessed content, and multicasting content customized per region or locality.

Abstract: Each terminal (Ti) recovers descriptive data associated with the source (S), into which an address of a collection server (SC) is inserted. The source (S) broadcasts the content over the network, and the receiver terminals (Ti) acquire the broadcast content, using the descriptive data, and send to the address of the collection server (SC) periodic reports on the reception by said terminal (Ti) of the content broadcast by said broadcast source (S).

Abstract: Content is distributed via a network. Hierarchical watermarks are embedded in the content to prevent unauthorized copying of the content. In particular, a first digital watermark is embedded by a content source prior to distributing content to an intermediary distributor. The first watermark identifies the content source and the distributor. Clients that request copies of the content from the distributor receive copies that have a second digital watermark embedded. The second digital watermark identifies the distributor and the client. This approach alleviates the burden placed on the content source to embed watermarks to each copy of the content that is distributed to clients.

Abstract: A method and apparatus for distributed group key management for multicast security. According to one aspect of the invention, a common multicast group includes a number of key servers, as well as clients of those key servers that are currently members. In addition, there exists a server group key that is shared by the key servers and not by their clients to form a server multicast group within the common multicast group. A first of the key servers encrypts a message using the server group key. The message instructs the key servers regarding one or more keys used for encrypted communication between entities in the common multicast group. The encrypted message is then multicast to the rest of the key servers.

Abstract: An encrypted broadcast messaging system determines the management crypto-keys held by each selected subscriber device and not held by each excluded subscriber device of a group. The private message is decomposed into message-parts, one message-part per an excluded subscriber device, each message-part intended to be encrypted using each management crypto-key held by the selected subscriber devices and not held by the excluded subscriber device. Each message-part is encrypted using the intended management crypto-keys, and delivered to at least the selected subscriber devices, identifying the message-parts delivered and the message-parts necessary to re-compose the private message. Each received encrypted message-part is decrypted using the intended management crypto-key, and the necessary message-parts are chosen from which the private message is re-composed by combining in the selected subscriber devices.

Abstract: A multicast processor minimizes the software resource needed to process multicast protocol and broadcast protocol for bridges and routers in a network processor based environment. The multicast forwarding processor receives multicast and broadcast Layer 2/Layer 3/Layer 4 (L2/L3/L4) frames from a network processor. During reception, a frame layer flag, a unicast/multicast flag, and a frame position flag are set. A multitask forwarding table is accessed, and the frame, unicast/multicast, and frame position flags are stored and updated. The frame, unicast/multicast, and frame position flags are then sent to a frame forwarding processor. The L2/L3/L4 frames are routed to an L2 learning processor. The L2/L3/L4 frames are received from the frame forwarding processor, and the L2/L3/L4 frames are sent to an L3/L4 processor for frame header modification. The modified L2/L3/L4 frames are received from said L3/L4 processor, and the modified L2/L3/L4 frames are sent to an L2 filter processor.

Abstract: In a network, a media coordination system provides secure multimedia communication channels in a collaborative network environment. The media coordination system provides automatic encryption, dynamic interconnection of streams of data, and user interface elements that provide users with control over the ultimate destination of their audio and video data. The infrastructure of the system includes a plurality of client workstations that are connected to a central server using point-to-point network connections. The central server maintains a persistent virtual world of network places with objects located therein. Streams of audio and video data are coordinated between client workstations operating in the persistent virtual world by a key manager object using channels, transmitters, and receivers. The client workstations multicast their audio and video data over the network to defined recipients after receiving a multicast address and an encryption key for a specific multicast channel.

Abstract: A method for secure multiparty computation is disclosed. In one embodiment, participants to a secure computation agree upon a function to be computed and a representation of the function as a circuit with at least one gate. Logical tables are then generated for each gate. A logical table includes all possible input and output values for the gate based on the function. These input and output values are then encoded and the encoded tables are passed through a mix network, which generates a blinded table for each encoded logical table. A blinded table corresponds to the encoded logical table except that its rows are randomly permuted and entries are encrypted. After this initial blinding round, participants provide encryptions of their encoded secret inputs. The participants then jointly compute the function of interest using the encrypted secret inputs and the representative circuit.

Abstract: An improved subset-difference method is provided. The improved method uses the value of a current content key to help generate the requisite difference keys. The requisite difference keys are then used to encrypt the next content key which will be delivered only to users who are supposed to remain in the group. Users who have the current content key are then able to generate the requisite difference keys which they can then use to decrypt the next content key. Using the decrypted next content key, the users are then able to continue to receive contents. Since previously revoked users do not have the current content key, they are unable to determine the next content key and thus are prevented from receiving future contents.

Abstract: A node device for providing secure communication services over a data network, such as the Internet or another public or private packet switched network, to multiple computers that are coupled through the node device and multiple other node devices. The node device includes a network communication interface for coupling the node device to the data network. The node device includes a data storage containing cryptographic information including information that is unique to the node device. The node device also includes a tunneling communication service coupled to the network interface configured to maintaining an encrypted communication tunnel with each of multiple other node devices using the cryptographic information. For example, the encrypted communication tunnels are implemented using the IPsec or PPTP protocols. The node device includes a routing database for holding routing data and a router coupled to the tunneling communication service and to the routing database.

Abstract: A system, device, and method for detecting and recovering from failures in a multicast communication system involves joining a multicast group over a primary interface, monitoring for multicast group information received over the primary interface, and determining that there is a multicast group failure if no multicast group information is received over the primary interface for a predetermined amount of time. Recovering from such a failure typically involves joining the multicast group over a backup interface in order to continue receiving multicast group information over the backup interface. A relay/proxy device may join the multicast group on behalf of a multicast host and forward multicast group information to the multicast host.

Abstract: A group messaging system enabling anonymous collective communications in a group which is locally defined in association with a group owner's messaging account, wherein messaging software at the group owner converts a group message into multiple one-to-one group messages destined to each group member in collaboration with the said group membership resolution process. The invention further includes a group message reply process wherein the messaging software at a recipient's side composes a reply message and transmits it to the group owner messaging software which then forwards it to the group members in collaboration with said group membership resolution process, thereby providing a means of designating the identity of a group in the group owner messaging account, sending a group message, and hiding the identities of individual recipients during the lifetime of the group message. The group owner side can additionally perform access control for group communications.

Abstract: A system, method, and computer program product to prepare files for transmission in a broadcast encryption system to prevent piracy and enable traitor tracing. Typically, each file in a group of original files is modified to include variations of critical file segments. A file identifier denotes which set of variations corresponds to which file. The group of files is then broadcast with individualized codes that enable particular authorized receivers to properly process the modified files. The modifications in a pirated version of a file can identify which traitorous receivers contributed to its piracy; such receivers may be subject to legal action and selective cryptographic revocation. The invention minimizes the likelihood of falsely concluding an innocent receiver is traitorous yet can identify large groups of colluding attackers with only a small increase in broadcast bandwidth overhead.

Abstract: A transmitter for transmitting news data via satellite and which includes an information storage unit for storing news data, an information scramble processing unit for scrambling the news data using a predetermined first key to output once scrambled news data, a data scrambler for scrambling the once scrambled news data using a predetermined second key and outputting twice scrambled news data, a transmitter for broadcasting the twice scrambled news data via a transmitter antenna to a receiver which includes a data descrambler for descrambling the twice scrambled news data using the second key and outputting once descrambled news data, a storage medium for storing the once descrambled news data, an information descramble processing unit for reading the once descrambled data from the recording medium and descrambling the once descrambled news data using the first key to produce fully descrambled news data, and a user terminal for reading the fully descrambled news data.