The present invention relates to a data communicating apparatus, a data communicating method, and a program. More particularly, the invention relates to a data communicating apparatus, a data communicating method, and a program used advantageously to exchange data between members belonging to the same group over a public network such as the Internet.
Members constituting a group may communicate data within the group over a public network such as the Internet. In such cases, there is a possibility that the data could be intercepted, tampered with or falsified by nonmembers.
There exist conventional techniques such as SSL (secure sockets layer) for preventing interception, tampering or falsification of communicated data. SSL is an encrypted communication technique adopted as standard in the field of communications between a single source and a single destination (i.e., between a browser and a Web server). Illustratively, as shown in FIG. 1, SSL may be adopted for data communications between members A, B, C and D making up a group. In this example, an encryption key KAB is used for communication between the members A and B, an encryption key KAC between the members A and C, and an encryption key KBC between the members B and C. When communications within the group composed of “n” members are considered, the necessary number of encryption keys equals the combinations of the “n” members involved. In the case of FIG. 4 where there are four members (n=4), six encryption keys (4C2) are needed.
As opposed to the techniques such as SSL above requiring a large number of encryption keys, there have been proposed methods, as shown in FIG. 2, which allow a group administrator or the like to supply a common encryption key KCOM only to the members belonging to a given group and not to any nonmembers. One such method is disclosed illustratively in Japanese Patent Laid-Open No. 2003-143121 (called the cited method hereunder).
The cited method is capable of letting a server broadcast data only to the members of a given group while preventing nonmembers from intercepting, tampering with or falsifying the transmitted data. The act of interception, in this context, means not only acquiring transmitted data but also decoding the obtained data for use as effective information.
However, the cited method is incapable of preventing an unscrupulous member within the group from committing unscrupulous acts against other members of the group (e.g., where the member A sends illicitly prepared data to other members; where data sent by the member A to the member B is intercepted, tampered with or falsified by the member C).