An encryption key matrix has rows grouped into segments, with a set of one segment
per column establishing a slot. Slots are assigned to device manufacturers, with
the keys of the slots then being assigned to decryption devices made by the respective
manufacturer. In generating the slots, the number "q" of segments in a column is
first defined such that a predetermined maximum number of devices can be revoked
devices (in that all the keys held by the device are revoked) while ensuring that
a good device remains a functional device with a probability of at least (1-Q),
wherein Q is a predefined device confidence. Once the number "q" of segments has
been defined, the slots themselves are defined in a provably non-discriminatory
fashion using an error-correcting code such as a Reed-Solomon code. With this invention,
overlap between slots can be minimized to minimize the possibility that the key
set of an innocent device might be inadvertently revoked when the keys in the slots
of a "bad" manufacturer are revoked.