KR101701625B1 - Method and system for reproducing contents by secure acquiring decryption key for encrypted contents - Google Patents

Method and system for reproducing contents by secure acquiring decryption key for encrypted contents Download PDF

Info

Publication number
KR101701625B1
KR101701625B1 KR1020150099800A KR20150099800A KR101701625B1 KR 101701625 B1 KR101701625 B1 KR 101701625B1 KR 1020150099800 A KR1020150099800 A KR 1020150099800A KR 20150099800 A KR20150099800 A KR 20150099800A KR 101701625 B1 KR101701625 B1 KR 101701625B1
Authority
KR
South Korea
Prior art keywords
key
encrypted
server
client
decryption
Prior art date
Application number
KR1020150099800A
Other languages
Korean (ko)
Other versions
KR20170008514A (en
Inventor
정재헌
정구현
최재영
정상민
류대원
권영재
Original Assignee
라인 가부시키가이샤
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 라인 가부시키가이샤 filed Critical 라인 가부시키가이샤
Priority to KR1020150099800A priority Critical patent/KR101701625B1/en
Priority to JP2016138723A priority patent/JP6794160B2/en
Publication of KR20170008514A publication Critical patent/KR20170008514A/en
Application granted granted Critical
Publication of KR101701625B1 publication Critical patent/KR101701625B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/438Interfacing the downstream path of the transmission network originating from a server, e.g. retrieving encoded video stream packets from an IP network
    • H04N21/4385Multiplex stream processing, e.g. multiplex stream decrypting
    • H04N21/43853Multiplex stream processing, e.g. multiplex stream decrypting involving multiplex stream decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/435Processing of additional data, e.g. decrypting of additional data, reconstructing software from modules extracted from the transport stream
    • H04N21/4353Processing of additional data, e.g. decrypting of additional data, reconstructing software from modules extracted from the transport stream involving decryption of additional data

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Multimedia (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

A method and system for securely acquiring a decryption key of an encrypted content to reproduce the content is disclosed. The content reproduction method includes the steps of generating a cryptographic key for encrypting a decryption key of the encrypted content in response to receipt of an encrypted content or a user's reproduction request for the encrypted content at a client, Encrypting the generated encryption key using the public key of the server and transmitting the encryption key to the server to request a decryption key of the encrypted content to the server; and receiving, from the server, the decryption key encrypted with the encryption key Acquiring the decryption key of the encrypted content by decrypting the encrypted decryption key with the encryption key, and decrypting the encrypted content with the obtained decryption key to acquire and reproduce the content.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method and system for securely acquiring a decryption key of an encrypted content and reproducing the content,

The following description relates to a method and system for securely acquiring a decryption key of an encrypted content to reproduce the content.

HTTPS (Hypertext Transfer Protocol over Secure Sockets Layer, or HTTP over SSL) is a security-enhanced version of HTTP, the world wide web communications protocol, developed for authentication and encryption of communications. HTTPS encrypts session data over SSL or TLS protocols instead of using plain text in socket communications.

However, in transmitting the encrypted content and the decryption key for decrypting the encrypted content using the HTTPS (for example, transmitting content and decryption key encrypted from the server to the client), the communication section encrypts the session section The intermediate key can obtain the decryption key by intercepting the communication through an attack such as MITM (Man In The Middle attack), and the encrypted content can be obtained without permission by using the obtained decryption key There is a problem that it can be acquired.

 References: <PCT / KR / 2014/010167, US20140019540A1, US20130332543A1, US20130260893>

There is provided a content playback method and system capable of securely reproducing content in a client by transferring a decryption key for encrypted content to be played back by a client to a client securely in a server.

A content reproduction method, comprising: generating, in a client, a cryptographic key for encrypting a decryption key of the encrypted content in response to receipt of encrypted content or a user's request to reproduce the encrypted content; Encrypting the generated encryption key with a public key of the server and transmitting the encryption key to the server to request a decryption key of the encrypted content to the server from the client; And a client receiving, from the server, a decryption key encrypted with the encryption key, decrypting the decrypted encryption key with the encryption key to obtain a decryption key of the encrypted content, and encrypting the encrypted content with the decryption key And acquiring and reproducing the content by decrypting the content.

According to one aspect of the present invention, in the server, the cryptographic key encrypted with the public key of the server is decrypted with the secret key of the server, the server obtains the cryptographic key, the decryption key is encrypted with the obtained cryptographic key, And transmits the encrypted decryption key to the client.

According to another aspect, the encrypted content includes one encrypted file or a plurality of encrypted files transferred from the server to the client over a communication session established between the client and the server, and generating the encryption key May be configured to generate a different cryptographic key for each communication session or for each of the encrypted files.

According to another aspect, the encrypted content includes a plurality of encrypted files provided from the server to the client via a streaming service during a communication session established between the client and the server, and the encrypted content is encrypted with the encrypted decryption key, The step of decrypting the content to acquire and play the content may include decoding the plurality of encrypted files sequentially received according to the streaming service with the obtained decryption key and sequentially reproducing the decrypted files.

According to another aspect of the present invention, the encryption key includes the public key and the secret key of the client, the encryption key encrypted with the public key of the server includes the public key of the client encrypted with the public key of the server, The decryption key encrypted with the encryption key received from the client includes a decryption key encrypted with the public key of the client and the decryption key encrypted with the client's public key is decrypted with the secret key of the client.

A content playback method comprising: receiving, at a server, a cryptographic key of a client encrypted with a public key of a server as a request for a decryption key of content encrypted from a client; Decrypting the cipher key of the client encrypted with the public key of the server with the secret key of the server to obtain the cipher key of the client; Encrypting the decryption key with the encryption key to generate a decryption key encrypted with the encryption key; And transmitting the decryption key encrypted with the encryption key to the client, wherein the decryption key encrypted with the encryption key in the client is decrypted with the encryption key of the client and reproduced.

A system of a client comprising one or more processors, the one or more processors comprising: a cipher for encrypting a decryption key of the encrypted content in response to a request for the reception of encrypted content or a user &apos; An encryption key generation unit for generating a key; A cryptographic key transfer unit for encrypting the generated cryptographic key with the public key of the server and controlling the client to transmit the encrypted key to the server, in order to request the server with the decrypted key of the encrypted content; And decrypting the decrypted key encrypted with the cryptographic key using the cryptographic key to obtain a decrypted key of the encrypted content, decrypting the decrypted content with the decrypted key, The system comprising:

A system of a server comprising one or more processors, the one or more processors controlling the server to receive an encryption key of the client encrypted with a public key of the server as a request for a decryption key of encrypted content from a client An encryption key reception control section; A cryptographic key decryption unit for decrypting the cryptographic key of the client encrypted with the public key of the server with the secret key of the server to obtain the cryptographic key of the client; A decryption key encrypting unit encrypting the decryption key with the encryption key to generate a decryption key encrypted with the encryption key; And a decryption key transmission controller for controlling the server to transmit the decryption key encrypted with the encryption key to the client, wherein the decryption key encrypted with the encryption key is decrypted and reproduced by the client using the encryption key, System.

The decryption key for the encrypted content to be played back on the client is securely transmitted to the client so that the client can safely play the content.

1 is a diagram illustrating an example of a network environment according to an embodiment of the present invention.
2 is a block diagram illustrating an internal configuration of an electronic device and a server according to an embodiment of the present invention.
3 is a diagram showing an example of a configuration that an electronic device and a processor of a server can include in one embodiment of the present invention.
4 is a flowchart showing an example of a content reproduction method according to an embodiment of the present invention.
5 is a diagram illustrating an example of contents including a plurality of encrypted files in an embodiment of the present invention.
6 is a diagram for explaining an example of a process for encryption and decryption in more detail in one embodiment of the present invention.

Hereinafter, embodiments will be described in detail with reference to the accompanying drawings.

1 is a diagram illustrating an example of a network environment according to an embodiment of the present invention. 1 shows an example in which a plurality of electronic devices 110, 120, 130, 140, a plurality of servers 150, 160, and a network 170 are included. 1, the number of electronic devices and the number of servers are not limited to those shown in FIG.

The plurality of electronic devices 110, 120, 130, 140 may be a fixed terminal or a mobile terminal implemented in a computing system. Examples of the plurality of electronic devices 110, 120, 130 and 140 include a smart phone, a mobile phone, a navigation device, a computer, a notebook, a digital broadcast terminal, a PDA (Personal Digital Assistants) ), And tablet PCs. For example, the electronic device 1 110 may communicate with other electronic devices 120, 130, 140 and / or the servers 150, 160 via the network 170 using a wireless or wired communication scheme.

The communication method is not limited, and may include a communication method using a communication network (for example, a mobile communication network, a wired Internet, a wireless Internet, a broadcasting network) that the network 170 may include, as well as a short-range wireless communication between the devices. For example, the network 170 may be a personal area network (LAN), a local area network (LAN), a campus area network (CAN), a metropolitan area network (MAN), a wide area network (WAN) , A network such as the Internet, and the like. The network 170 may also include any one or more of a network topology including a bus network, a star network, a ring network, a mesh network, a star-bus network, a tree or a hierarchical network, It is not limited.

Each of the servers 150 and 160 may be implemented as a device or a plurality of devices for communicating with a plurality of electronic devices 110, 120, 130, and 140 via the network 170 to provide content for a service.

For example, the server 150 may provide the electronic device 1 110 with a code for configuring the screen of the electronic device 1 (110) according to a user's request message through the electronic device 1 (110). In this case, the electronic device 110 configures a screen using a code provided under the control of an operating system (OS) included in the electronic device 110 and at least one program (for example, a browser or a specific application) And display the content to the user.

As another example, the server 150 may transmit data for the streaming service to the electronic device 1 (110) via the network (170). In this case, the electronic device 1 (110) can reproduce and output the content using the streaming data under the control of the operating system and at least one program included in the electronic device 110 (110).

As another example, the server 150 can set up a communication session between the electronic device 1 110 and the electronic device 2 120 connected to the server 150. In this case, the electronic devices 110 and 120 can receive services such as chatting, data transmission, voice call, video call, etc. between the electronic devices 110 and 120 using the established communication session.

In another embodiment, communication between the electronic devices 110, 120, 130, 140 is also possible without the intervention of the servers 150, 160.

2 is a block diagram illustrating an internal configuration of an electronic device and a server according to an embodiment of the present invention. In FIG. 2, an internal configuration of the electronic device 1 (110) as an example of one electronic device and the server 150 as an example of one server will be described.

The electronic device 1 110 and the server 150 may include memories 211 and 221, processors 212 and 222, communication modules 213 and 223 and input / output interfaces 214 and 224. The memories 211 and 221 may be a computer-readable recording medium and may include a permanent mass storage device such as a random access memory (RAM), a read only memory (ROM), and a disk drive. The memory 211 and 221 may store an operating system and at least one program code (for example, a code for a browser or a specific application installed and operated in the electronic device 110). These software components may be loaded from a computer readable recording medium separate from the memories 211 and 221 using a drive mechanism. Such a computer-readable recording medium may include a computer-readable recording medium such as a floppy drive, a disk, a tape, a DVD / CD-ROM drive, and a memory card. In other embodiments, the software components may be loaded into memory 211, 221 via communication modules 213, 223 rather than a computer readable recording medium. For example, at least one program may be loaded into the memory 211, 221 based on a program installed by the developers through files provided via the network 170. [

Processors 212 and 222 may be configured to process instructions of a computer program by performing basic arithmetic, logic, and input / output operations. The instructions may be provided to the processors 212 and 222 by the memories 211 and 221 or the communication modules 213 and 223. For example, the processor 212, 222 may be configured to execute a command received in accordance with a program code stored in a recording device, such as the memory 211, 221.

The communication modules 213 and 223 may provide functions for the electronic device 1 110 and the server 150 to communicate with each other through the network 170 and may provide functions for communicating with other electronic devices (for example, the electronic device 2 120) Or to communicate with another server (e.g., server 160). For example, when the processor 212 of the electronic device 1 110 receives a request (e.g., a streaming service request for the content) generated in accordance with a program code stored in a recording device such as the memory 211, To the server 150 via the network 170 in accordance with the &lt; / RTI &gt; Contents or files to be provided under the control of the processor 222 of the server 150 are transmitted to the communication module 223 of the electronic device 1 110 through the communication module 223 and the network 170 213 to the electronic device 1 (110). For example, the control signal or command of the server 150 received through the communication module 213 may be transmitted to the processor 212 or the memory 211, May be stored as a storage medium that may further include a &lt; RTI ID = 0.0 &gt;

The input / output interfaces 214 and 224 may be means for interfacing with the input / output device 215. For example, the input device may include a device such as a keyboard or a mouse, and the output device may include a device such as a display for displaying a communication session of the application. As another example, the input / output interface 214 may be a means for interfacing with a device having integrated functions for input and output, such as a touch screen. More specifically, the processor 212 of the electronic device 1 (110) uses the data provided by the server 150 or the electronic device 2 (120) in processing commands of the computer program loaded in the memory 211 A service screen or contents can be displayed on the display through the input / output interface 214. [

Also, in other embodiments, electronic device 1 110 and server 150 may include more components than the components of FIG. However, there is no need to clearly illustrate most prior art components. For example, the electronic device 1 110 may be implemented to include at least some of the input / output devices 250 described above or may include other components such as a transceiver, a Global Positioning System (GPS) module, a camera, various sensors, .

FIG. 3 is a diagram illustrating an example of a configuration that an electronic device and a processor of a server can include in an embodiment of the present invention. FIG. 4 is a flowchart illustrating a method of reproducing a content according to an embodiment of the present invention FIG. 3, the processor 212 of the electronic device 110 may include an encryption key generation unit 311, an encryption key transmission control unit 312, and a content reproduction unit 313, The processor 222 of the mobile terminal 150 may include a cryptographic key receiving control unit 321, a cryptographic key decrypting unit 322, a decryption key encrypting unit 323 and a decryption key transfer control unit 324. The components of these processors 212 and 222 may be implemented in the memory 211, 212 and 214 so that the steps 410 through 480 included in the content reproduction method of FIG. 4 can be executed through the electronic device 1 110 and the server 150, 221) and at least one program code.

In step 410, electronic device 1 110 may generate a cryptographic key. More specifically, the encryption key generation unit 311 of the first electronic device 110 encrypts the decryption key of the encrypted content in response to the reception of the encrypted content or the user's request to reproduce the encrypted content in step 410 It is possible to generate a cryptographic key to be used. For example, a communication session can be established between the electronic device 1 (110) and the server (150) for providing the contents. For this purpose, a process of establishing a communication session between the electronic device 1 (110) and the server 150 may be included, but a detailed description of well known portions will be omitted. The server 150 may provide the encrypted content to the electronic device 1 110 through such a communication session and the electronic device 110 may send the encrypted content to the user 150 The server 150 may generate the encryption key so that the server 150 can encrypt and decrypt the decryption key for decrypting the encrypted content.

In step 420, the electronic device 110 may send an encryption key to the server 150. More specifically, the encryption key transmission control unit 312 of the electronic device 110 encrypts the generated encryption key with the public key of the server 150 to request the server 150 to decrypt the encrypted content, 150 to the electronic device 1 (110). To this end, the electronic device 110 may receive and store the public key of the server 150 in advance, encrypt the generated encryption key using the stored public key, and transmit the encryption key to the server 150, Can not know the encryption key.

In step 430, the server 150 may receive the encryption key. More specifically, the cryptographic key reception control unit 321 of the server 150 may control the server 150 to receive the cryptographic key encrypted with the public key of the server 150 as a request for the decryption key of the encrypted content. In other words, in step 420, the electronic device 110 may encrypt the encryption key with the public key of the server 150 and transmit it to the server 150 while requesting the decryption key of the encrypted content, The server 150 can receive the encrypted encryption key from the electronic device 1 (110).

In step 440, the server 150 may decrypt the encrypted cryptographic key. More specifically, the cryptographic key decryption unit 322 of the server 150 can decrypt the cryptographic key encrypted with the public key of the server 150 with the secret key of the server 150 to obtain the cryptographic key. As described above, since the encryption key is encrypted with the public key of the server 150 and transmitted from the electronic device 1 (110) to the server 150, it is possible to securely transmit the encryption key.

In step 450, the server 150 may encrypt the decryption key with the encryption key. More specifically, the decryption key encryption unit 323 of the server 150 can encrypt the decryption key with the encryption key, and generate the decryption key encrypted with the encryption key.

In step 460, the server 150 may transmit the decryption key encrypted with the encryption key to the electronic device 1 (110). More specifically, the decryption key transfer control unit 324 of the server 150 may control the server 150 to transfer the decryption key encrypted with the encryption key to the client.

In step 470, the electronic device 1 (110) receives and decrypts the encrypted decryption key. More specifically, the content reproduction unit 313 of the electronic device 1 (110) can decrypt the decryption key encrypted with the encryption key received from the server 150 with the encryption key to obtain the decryption key of the encrypted content.

In step 480, the electronic device 1 (110) can decrypt and reproduce the content encrypted with the decryption key. More specifically, the content reproduction unit 313 of the electronic device 110 can acquire and reproduce the content by decrypting the content encrypted with the decryption key.

As described above, in the prior art, even if a decryption key is transmitted using a technique of encrypting a communication section (session data) for security, such as HTTPS (Hypertext Transfer Protocol over Secure Sockets Layer) A middle attack can intercept the communication and acquire a decryption key. In the embodiments of the present invention, the server 150 securely obtains the encryption key generated by the client (for example, the electronic device 1 (110)) using the public key of the server 150, The decryption key is encrypted with the encryption key and transmitted to the client so that the intermediate can not obtain the decryption key even if the decryption key is encrypted with the encryption key (since the intermediate key can not know the encryption key of the client).

Also, as described above, the encrypted content may be transmitted from the server 150 to the electronic device 110 through the communication session established between the electronic device 110 and the server 150, It may be composed of an encrypted file or a plurality of encrypted files. In this case, the electronic device 1 (110) may generate a different encryption key for each communication session, or may generate a different encryption key for each encrypted file. For example, if the communication session is different even when receiving the same encrypted content, the user can request a decryption key of the encrypted content using a different encryption key for each communication session. As another example, if one encrypted content is composed of a plurality of encrypted files, a decryption key for a plurality of encrypted files may be requested with one encryption key, but a different encryption key may be generated for each file, You can also request it. In the latter case, a different decryption key may exist for each file. For example, if one content includes a plurality of files, and a plurality of files are encrypted with different keys, and a plurality of different decryption keys exist, the electronic device 110 generates a different encryption key for each file, Keys, respectively.

The encrypted content may also include a plurality of encrypted files that are provided from the server 150 to the electronic device 1 110 via the streaming service during a communication session established between the electronic device 1 110 and the server 150.

5 is a diagram illustrating an example of contents including a plurality of encrypted files in an embodiment of the present invention. A screen 500 shows a plurality of files having an extension 'ts' transmitted through a streaming service as a part of a screen of the electronic device 1 (110). If a plurality of files with the extension 'ts' can be encrypted with a single key and decrypted with a single decryption key, the electronic device 110 can generate one cryptographic key for the corresponding communication session. On the other hand, if a plurality of files having the extension 'ts' are encrypted with different keys and a plurality of decryption keys are required, the first electronic device 110 may generate a different encryption key for each file to request a decryption key.

FIG. 6 is a diagram for explaining an example of a process of acquiring a decryption key according to an embodiment of the present invention in more detail. 6, a process of acquiring a decryption key from the viewpoint of the electronic device 1 (110) is described as an example in which the content is composed of one file.

In step 610, the electronic device 1 (110) may receive the public key c of the server 150 from the server 150. The public key c of the received server 150 may be stored in a storage medium that the electronic device 110 may include. As another example, the public key c of the server 150 may be stored in the memory 211. [

In step 620, the electronic device 1 (110) may receive the content a (A) encrypted with the content encryption key a from the server 150. The content A may be encrypted in the server 150 with the content encryption key a, but may be encrypted in the separate system for the content A and provided to the server 150 together with the content decryption key b. In another embodiment, the encrypted content a (A) may be provided to the electronic device 1 (110) through a separate system. In this case, the server 150 may receive and store the content decryption key b from a separate system. At this time, the electronic device 1 (110) can generate the encryption key e according to the reception of the encrypted content a (A) or the user's reproduction request for the encrypted content a (A) It is possible to generate the encrypted encryption key c (e) by encrypting the encryption key e with the public key c.

In step 630, the electronic device 110 may transmit the encryption key c (e) encrypted with the public key c of the server 150 to the server 150. For example, c (e) may be included in a message for requesting the decryption key b for content to the server 150 and transmitted. At this time, the server 150 may obtain cryptographic key e by decrypting c (e) with the secret key d of the server 150. In addition, the server 150 may encrypt the content decryption key b with the encryption key e to generate an encrypted decryption key e (b).

In step 640, the electronic device 1 (110) may receive the encrypted decryption key e (b) from the server 150. At this time, the electronic device 1 (110) can decrypt the decryption key e (b) encrypted with the encryption key e to obtain the decryption key b. Also, the electronic device 1 (110) can obtain and reproduce the content A by decoding the encrypted content a (A) using the decryption key b.

In the above embodiments, the encryption key generated by the client (for example, the electronic device 1 (110)) is a symmetric key, but an asymmetric key including a public key and a secret key may be used as the encryption key. For example, the client may encrypt the client &apos; s public key with the public key of the server (e.g., server 150) and send it to the server. At this time, the server can obtain the public key of the client by decrypting the public key of the encrypted client with the secret key of the server, encrypt the decryption key with the public key of the client, and transmit it to the client. In this case, the client can obtain the decryption key by decrypting the encrypted decryption key with the secret key of the client.

As described above, according to the embodiments of the present invention, the decryption key for the encrypted content to be played back by the client is securely transmitted to the client, so that the client can safely play the content.

The apparatus described above may be implemented as a hardware component, a software component, and / or a combination of hardware components and software components. For example, the apparatus and components described in the embodiments may be implemented within a computer system, such as, for example, a processor, a controller, an arithmetic logic unit (ALU), a digital signal processor, a microcomputer, a field programmable gate array (FPGA) , A programmable logic unit (PLU), a microprocessor, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and one or more software applications running on the operating system. The processing device may also access, store, manipulate, process, and generate data in response to execution of the software. For ease of understanding, the processing apparatus may be described as being used singly, but those skilled in the art will recognize that the processing apparatus may have a plurality of processing elements and / As shown in FIG. For example, the processing unit may comprise a plurality of processors or one processor and one controller. Other processing configurations are also possible, such as a parallel processor.

The software may include a computer program, code, instructions, or a combination of one or more of the foregoing, and may be configured to configure the processing device to operate as desired or to process it collectively or collectively Device can be commanded. The software and / or data may be in the form of any type of machine, component, physical device, virtual equipment, computer storage media, or device , Or may be permanently or temporarily embodied in a transmitted signal wave. The software may be distributed over a networked computer system and stored or executed in a distributed manner. The software and data may be stored on one or more computer readable recording media.

The method according to an embodiment may be implemented in the form of a program command that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions to be recorded on the medium may be those specially designed and configured for the embodiments or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Magneto-optical media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the embodiments, and vice versa.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments. For example, it is to be understood that the techniques described may be performed in a different order than the described methods, and / or that components of the described systems, structures, devices, circuits, Lt; / RTI &gt; or equivalents, even if it is replaced or replaced.

Therefore, other implementations, other embodiments, and equivalents to the claims are also within the scope of the following claims.

Claims (17)

A content reproducing method comprising:
Generating, in the client, a cryptographic key for encrypting the decryption key of the encrypted content in response to receipt of the encrypted content or a user's playback request for the encrypted content;
Encrypting the generated encryption key with a public key of the server and transmitting the encryption key to the server to request a decryption key of the encrypted content to the server from the client; And
Wherein the client receives a decryption key encrypted with the encryption key from the server, decrypts the decrypted encryption key with the encryption key to obtain a decryption key of the encrypted content, and encrypts the encrypted content with the decryption key Decoding and acquiring and reproducing the content
Lt; / RTI &gt;
In the server, the cryptographic key encrypted with the public key of the server is decrypted with a secret key of the server, the server obtains the cryptographic key, the decryption key is encrypted with the obtained cryptographic key, and the decryption key To the client. delete The method according to claim 1,
Wherein the encrypted content comprises one encrypted file or a plurality of encrypted files transferred from the server to the client over a communication session established between the client and the server,
Wherein the generating the encryption key comprises:
And generates a different encryption key for each communication session or for each encrypted file. The method according to claim 1,
Wherein the encrypted content comprises a plurality of encrypted files provided from the server to the client via a streaming service during a communication session established between the client and the server,
Wherein the step of decrypting the encrypted content with the obtained decryption key to acquire and reproduce the content comprises:
And decrypting the plurality of encrypted files sequentially received according to the streaming service with the obtained decryption key, and sequentially reproducing the decrypted files. The method according to claim 1,
Wherein the cryptographic key includes a public key and a secret key of the client,
Wherein the cryptographic key encrypted with the public key of the server includes the public key of the client encrypted with the public key of the server,
Wherein the decryption key encrypted with the encryption key received from the server includes a decryption key encrypted with the public key of the client,
Wherein the decryption key encrypted with the public key of the client is decrypted with the secret key of the client. A content reproducing method comprising:
Receiving, at the server, a cryptographic key of the client encrypted with the public key of the server as a request for a decryption key of the encrypted content from the client;
Decrypting the cipher key of the client encrypted with the public key of the server with the secret key of the server to obtain the cipher key of the client;
Encrypting the decryption key with the encryption key to generate a decryption key encrypted with the encryption key; And
Transmitting the decryption key encrypted with the encryption key to the client
Lt; / RTI &gt;
Wherein the decryption key encrypted with the encryption key is decrypted and reproduced by the client using the encryption key of the client. The method according to claim 6,
Wherein the client generates a cryptographic key for encrypting the decryption key of the encrypted content in response to receipt of the encrypted content or a user's request to reproduce the encrypted content. Way. The method according to claim 6,
Wherein the encrypted content comprises one encrypted file or a plurality of encrypted files transferred from the server to the client over a communication session established between the client and the server,
Wherein a different encryption key is generated for each communication session or for each encrypted file. The method according to claim 6,
Sequentially transmitting a plurality of files included in the encrypted content to the client through a streaming service during a communication session established between the client and the server
Further comprising:
Wherein the plurality of encrypted files sequentially transmitted from the server to the client according to the streaming service are decrypted by the decryption key in the client and sequentially played back. The method according to claim 6,
Wherein the client's encryption key includes a public key and a secret key of the client,
Wherein the cryptographic key encrypted with the public key of the server includes the public key of the client encrypted with the public key of the server,
Wherein the decryption key encrypted with the encryption key includes a decryption key encrypted with the public key of the client,
Wherein the decryption key encrypted with the public key of the client is decrypted with the secret key of the client. A computer-readable recording medium having recorded thereon a program for executing the method according to any one of claims 1 to 10. A system of a client comprising one or more processors,
The one or more processors,
A cryptographic key generation unit for generating a cryptographic key for encrypting the decryption key of the encrypted content in response to receipt of the encrypted content or a user's request to reproduce the encrypted content;
A cryptographic key transmission control unit for controlling the client to encrypt the generated cryptographic key using the public key of the server and transmit the encrypted key to the server, in order to request the server for the decryption key of the encrypted content; And
A content reproduction unit for obtaining and decrypting the encrypted content by decrypting the decrypted key encrypted with the encryption key received from the server with the encryption key to obtain a decryption key for the encrypted content,
&Lt; / RTI &gt; 13. The method of claim 12,
In the server, the cryptographic key encrypted with the public key of the server is decrypted with a secret key of the server, the server obtains the cryptographic key, the decryption key is encrypted with the obtained cryptographic key, and the decryption key To the client. 13. The method of claim 12,
Wherein the encrypted content comprises one encrypted file or a plurality of encrypted files transferred from the server to the client over a communication session established between the client and the server,
Wherein the encryption key generation unit generates,
And generates a different encryption key for each communication session or for each of the encrypted files. A system of a server comprising one or more processors,
The one or more processors,
A cryptographic key receiving control unit for controlling the server to receive the cryptographic key of the client encrypted with the public key of the server as a request for a decryption key of the encrypted content from the client;
A cryptographic key decryption unit for decrypting the cryptographic key of the client encrypted with the public key of the server with the secret key of the server to obtain the cryptographic key of the client;
A decryption key encrypting unit encrypting the decryption key with the encryption key to generate a decryption key encrypted with the encryption key; And
And a decryption key transmission control unit for controlling the server to transmit the decryption key encrypted with the encryption key to the client,
Lt; / RTI &gt;
And the decryption key encrypted with the encryption key is decrypted and reproduced by the client using the encryption key. 16. The method of claim 15,
Wherein the encrypted content comprises one encrypted file or a plurality of encrypted files transferred from the server to the client over a communication session established between the client and the server,
Wherein a different encryption key is generated for each communication session or for each of the encrypted files. 16. The method of claim 15,
The one or more processors,
A file transfer unit for controlling the server to sequentially transmit a plurality of files included in the encrypted content to the client through a streaming service during a communication session established between the client and the server,
Further comprising:
Wherein the plurality of encrypted files sequentially transmitted from the server to the client according to the streaming service are decrypted by the decryption key in the client and sequentially played back.
KR1020150099800A 2015-07-14 2015-07-14 Method and system for reproducing contents by secure acquiring decryption key for encrypted contents KR101701625B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR1020150099800A KR101701625B1 (en) 2015-07-14 2015-07-14 Method and system for reproducing contents by secure acquiring decryption key for encrypted contents
JP2016138723A JP6794160B2 (en) 2015-07-14 2016-07-13 Methods and systems for securely obtaining decryption keys for encrypted content and playing the content

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150099800A KR101701625B1 (en) 2015-07-14 2015-07-14 Method and system for reproducing contents by secure acquiring decryption key for encrypted contents

Publications (2)

Publication Number Publication Date
KR20170008514A KR20170008514A (en) 2017-01-24
KR101701625B1 true KR101701625B1 (en) 2017-02-01

Family

ID=57888465

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150099800A KR101701625B1 (en) 2015-07-14 2015-07-14 Method and system for reproducing contents by secure acquiring decryption key for encrypted contents

Country Status (2)

Country Link
JP (1) JP6794160B2 (en)
KR (1) KR101701625B1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113285927A (en) * 2021-04-28 2021-08-20 深圳市联洲国际技术有限公司 File operation method of embedded network equipment and embedded network equipment
US20230262107A1 (en) * 2022-02-14 2023-08-17 Adshield, Inc. Method and device for providing advertisement by couteracting on violent advertisement blocking function

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003229843A (en) 2002-01-31 2003-08-15 Sony Corp Streaming system and streaming method, client terminal and contents data decoding method, stream server and stream distribution method, authoring device and authoring method, and program and recording medium
JP2003235012A (en) 2001-08-21 2003-08-22 Canal & Technologies Sa File and content management
KR100446336B1 (en) 2003-05-20 2004-09-01 엔에이치엔(주) Method and Device of Data Encryption
JP5908296B2 (en) 2012-02-06 2016-04-26 シャープ株式会社 Information terminal device, information terminal system, information terminal control method, and program

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4173924B2 (en) * 1998-04-27 2008-10-29 株式会社日立製作所 Cryptographic communication device, key management device and method, network communication system and method
JP2001333126A (en) * 2000-05-23 2001-11-30 Ntt Docomo Inc Communication system, communication method and communication unit
JP2003198525A (en) * 2001-12-27 2003-07-11 Victor Co Of Japan Ltd Enciphering method for contents and reproducing method for enciphered contents
JP2004133801A (en) * 2002-10-11 2004-04-30 Toshiba Corp System and method for providing contents
JP2005020580A (en) * 2003-06-27 2005-01-20 Toshiba Tec Corp Network system
JP2005086457A (en) * 2003-09-08 2005-03-31 Sanyo Electric Co Ltd Decoding key request program, storage medium, terminal equipment and server device
JP2006014239A (en) * 2004-06-29 2006-01-12 Mitsubishi Electric Corp Content distribution system, content distribution server, user terminal, content distribution method and content distribution program
US8194859B2 (en) * 2005-09-01 2012-06-05 Qualcomm Incorporated Efficient key hierarchy for delivery of multimedia content

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003235012A (en) 2001-08-21 2003-08-22 Canal & Technologies Sa File and content management
JP2003229843A (en) 2002-01-31 2003-08-15 Sony Corp Streaming system and streaming method, client terminal and contents data decoding method, stream server and stream distribution method, authoring device and authoring method, and program and recording medium
KR100446336B1 (en) 2003-05-20 2004-09-01 엔에이치엔(주) Method and Device of Data Encryption
JP5908296B2 (en) 2012-02-06 2016-04-26 シャープ株式会社 Information terminal device, information terminal system, information terminal control method, and program

Also Published As

Publication number Publication date
JP2017022711A (en) 2017-01-26
KR20170008514A (en) 2017-01-24
JP6794160B2 (en) 2020-12-02

Similar Documents

Publication Publication Date Title
US10574443B2 (en) Secured communication in network environments
JP5756567B2 (en) Method and apparatus for dynamic and real-time advertisement insertion based on metadata within a hardware-based trust route
KR101130415B1 (en) A method and system for recovering password protected private data via a communication network without exposing the private data
US9413754B2 (en) Authenticator device facilitating file security
KR101941049B1 (en) Method and system for encrypted communications
US20170270306A1 (en) Reducing time to first encrypted frame in a content stream
JP5430652B2 (en) Apparatus and method for providing security service in user interface
US20150195256A1 (en) Methods and Apparatus for Key Delivery in HTTP Live Streaming
EP3299990A1 (en) Electronic device server and method for communicating with server
RU2685975C2 (en) Providing communication security with extended multimedia platforms
US20170171166A1 (en) Anti-hotlinking method and electronic device
JP6756056B2 (en) Cryptographic chip by identity verification
CN110708291B (en) Data authorization access method, device, medium and electronic equipment in distributed network
US20230376941A1 (en) Methods, Devices, and Systems for Creating and Managing Web3 App Credentials
KR101839048B1 (en) End-to-End Security Platform of Internet of Things
CN117061105A (en) Data processing method and device, readable medium and electronic equipment
CN116633582A (en) Secure communication method, apparatus, electronic device and storage medium
KR101701625B1 (en) Method and system for reproducing contents by secure acquiring decryption key for encrypted contents
CN111786955B (en) Method and apparatus for protecting a model
KR101445483B1 (en) Method and system for secure data transfer using conditional proxy re-encryption
JP4222132B2 (en) Software providing method and system
KR20190007336A (en) Method and apparatus for generating end-to-end security channel, and method and apparatus for transmitting/receiving secure information using security channel
KR102507864B1 (en) Secure instant messaging method and apparatus thereof
KR101462335B1 (en) Method for efficient data sharing in hierarchical storage and apparatus for processing the same method
KR102538230B1 (en) Method and apparatus for digital content protection

Legal Events

Date Code Title Description
GRNT Written decision to grant