(1) Field of the Invention
The present invention relates to a method of updating a key for use in a data distribution system adopting a public key cryptosystem.
(2) Description of the Related Art
So far, various cryptosystems have been developed to prevent unauthorized use of digital contents that are protected by copyright. In some cryptosystems, encrypted digital contents are distributed to users, and only authorized users have, in advance, a key for decrypting the encrypted digital contents.
In the above cryptosystems, unauthorized use of digital contents is prevented since only authorized users can decrypt the encrypted digital contents.
The cryptosystems are roughly divided into secret key cryptosystems and public key cryptosystems. These cryptosystems are described fully in “Modern Encryption Theory” written by Shin-ichi Ikeno & Kenji Koyama and published by the Institute of Electronics, Information and Communication Engineers (IEICE).
In the secret key cryptosystems, a distributor and the receivers own the same key in common secretly. The distributor encrypts digital contents by using the common key, and the receivers decrypt the encrypted digital contents by using the common key. Generally, one distributor has a plurality of receivers. As a result, distributors have a load of secretly managing as many keys as there are receivers.
In the public key cryptosystems, a distributor holds and uses public keys to encrypt digital contents, and receivers hold and use secret keys to decrypt the encrypted digital contents. In this system, the distributors have less load.
It is desirable for security reasons that the keys used for encryption and decryption are updated either regularly or on an as-needed basis.
To update a common key in a secret key cryptosystem, either the distributor or a receiver must generate a new common key and secretly transfer the key to the other. If the new common key is known to a third party with a malicious intention, the encrypted digital contents may be used by the third party. Therefore, strict measures should be taken to protect the key when it is transferred. As understood from this, the secret key cryptosystem is not suitable for uses that require frequent updating of keys.
To update a public key and a secret key in a public key cryptosystem, generally, each receiver generates a pair of a public key and a secret key and sends the public key to the distributor. The receiver holds the generated secret key without sending it to the distributor. With this arrangement, the secret key is not known to a third party, and even if the public key is known to a third party, it is impossible for the third party to decrypt the encrypted digital contents by using only the public key. As understood from this, the public key cryptosystem is suitable for uses that require frequent updating of keys since receivers can send public keys without taking security measures.
As described above, the public key cryptosystem is broadly used in the systems for distributing copyright-protected digital contents or the like since in this cryptosystem, the distributors do not need to manage keys secretly, and key updating is relatively easy.
However, in the distribution systems using the public key cryptosystem, it is desirable from the view point of comprehensive management that the updating of the keys in pairs is performed by the distributor, a key management center or the like rather than being performed by separate receivers at different times. It is also desired that the key pair updating is performed for all receivers at the same time to achieve an effective management of the public keys by the distributor, key management center or the like. However, it is difficult for conventional public key cryptosystems to achieve the above desired operations since, each receiver takes the initiative in updating keys in pairs in the conventional cryptosystems.