1. Field of the Invention
The present invention relates to a user key allocation for broadcast encryption. More particularly, the present invention relates to a user key allocation method which enables only a privileged user to reproduce content when the content is distributed using the broadcast encryption.
2. Description of the Related Art
Recently, a variety of software data (hereafter, referred to as content) such as game programs, audio data, video data, and document preparing programs have become widespread over networks such as the Internet or through distributable memory media such as DVDs and CDs. The distributed content can be stored on a recording device such as a memory card or a hard disc drive of a recording and reproducing device such as personal computer (PC) or video game console owned by a user. Once the content is stored, it is available for reproduction from the storing media.
Typically, the content creator or the content provider has the right to control distribution of the software content such as game programs, music data, and video data. Accordingly, use restriction is imposed on the content distribution. That is, only a qualified user is allowed to use the software and unauthorized copying of the software is blocked. In short, content security is accounted for and controlled through the content distribution.
One means to impose restricted use of the contents is to encrypt the distributed content and give a decryption means to only a privileged user. For instance, when distributing various encrypted contents such as audio data, video data, and game programs over the Internet, the decryption means for the encrypted content, for example a content key, is allocated only to a confirmed privileged user.
In case that a reproduction device is used for illegal duplication and thus revoked, the revoked device should not be considered as a privileged user device. Some broadcast encryption methods can discriminate the illegally duplicated device even after the duplicated device is sold to the user.
The broadcast encryption method transmits the content together with an encryption key block including the content key used to encrypt the content. The user device generates the content key using the received encryption key block and its own user key block.
The broadcast encryption method takes into consideration transmission overhead, storage overhead, and computation overhead which comprise the majority of the key block data. The transmission overhead is a quantity of the transmitted header, the storage overhead is a quantity of the secret key to be stored by the user, and the computation overhead is a quantity of computations required for the user to acquire a session key. Among these, the most important task is to reduce the transmission overhead.
Taking account of the transmission overhead and the storage overhead, diverse broadcast encryption algorithms have been suggested, including complete subtree (CS) method, subset difference method (SD) method, broadcast encryption method using public key cryptography, and encryption method using a hash chain.
However, according to the conventional broadcast encryption methods, when a revoked user is present among the privileged users, the transmission overhead increases in proportion to the increasing number of the user nodes.
Therefore, what is needed is a user key allocation method for broadcast encryption which reduces the transmission overhead even when a revoked user is present.