| CPC H04L 9/0825 (2013.01) [H04L 9/0643 (2013.01); H04L 9/0822 (2013.01); H04L 9/085 (2013.01)] | 14 Claims |
|
1. An encryption key management method in a data subscription platform server accessible by a supplier terminal and at least one subscriber terminal through a network, comprising:
receiving a data registration request of content data from the supplier terminal, determining a data identifier (DataID) associated with the content data, encrypting a master key (MK) with a public key of the supplier terminal, and providing the supplier terminal with the master key encrypted with the public key of the supplier terminal, the data identifier, and a key update count value (cnt) to enable the supplier terminal to decrypt the master key encrypted with the public key of the supplier terminal and derive a symmetric key based on the master key (MK), the data identifier (DataID), and the key update count value (cnt);
receiving a subscription application related to the data identifier (DataID) from a first subscriber terminal, encrypting the master key with a public key of the first subscriber terminal, and providing the first subscriber terminal with the master key encrypted with the public key of the first subscriber terminal and the key update count value to enable the first subscriber terminal to decrypt the master key encrypted with the public key of the first subscriber terminal and derive the symmetric key based on the master key (MK), the data identifier (DataID), and the key update count value (cnt);
receiving encrypted content data encrypted with the symmetric key and a hash for the content data from the supplier terminal, decrypting the encrypted content data, and verifying the content data using the hash; and
transmitting the encrypted content data and the hash to the first subscriber terminal to enable the first subscriber terminal to decrypt the encrypted content data, verify the content data using the hash, and use the content data.
|