JP2001007801A - Device and method for receiving, and medium - Google Patents

Abstract

PROBLEM TO BE SOLVED: To surely decode encryption data. SOLUTION: An ODD/EVEN flag of encryption data received through an IEEE 1394 interface is read in a step S27, a seed is received in a step S74, and whether or not an attribute of the ODD/EVEN flag of the encryption data is coincident with an attribute of the seed is discriminated in a step S75, and in the case that the discrimination indicates coincidence, the processing proceeds to a step S76 and a decoding key with an attribute different from the attribute of the seed is generated in the step S76. When the discrimination in the step S75 indicates dissidence, the next decoding key is not generated.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to a receiving apparatus, a method, and a medium, and more particularly, to a receiving apparatus, a method, and a medium suitable for receiving encrypted data via an IEEE1394 bus.

[0002]

2. Description of the Related Art Recently, electronic devices, such as personal computers and digital video cameras, capable of mutually communicating data via an IEEE1394 bus have been developed, and the types of such electronic devices will increase in the future. It seems to be.

When content data is communicated between such electronic devices, the content data communicated on the IEEE1394 bus is illegally intercepted and used by electronic devices other than the transmission destination connected to the IEEE1394 bus. Need to be deterred. Therefore, on the transmitting side, the content data to be transmitted is encrypted using an encryption key having an attribute (ODD or EVEN), and the encrypted content data (hereinafter referred to as encrypted data) is encrypted. A flag (ODD / EVEN flag) indicating the attribute of the used encryption key is added, and the packet is transmitted as an isochronous packet. On the transmitting side, in order to generate a decryption key used for decrypting the encrypted data in the electronic device (reception side), which is the transmission destination, by asynchronous communication (as an asynchronous packet) with the communication of the encrypted data. Is supplied.

[0004]

Incidentally, the isochronous packet of the content data and the asynchronous packet of the seed for generating the decryption key are independent from each other, so that the delay from the transmission to the reception is delayed. There are differences in time. Therefore, the encrypted data received on the receiving side may not correspond to the seed,
As a result, there is a problem that a situation occurs in which the received encrypted data cannot be decrypted.

The present invention has been made in view of such a situation, and compares a flag of encrypted data with an attribute of a seed, and generates a decryption key in accordance with the result, thereby achieving encryption. This ensures that the data can be decrypted.

[0006]

According to the first aspect of the present invention, there is provided a receiving apparatus which forms a basis of a first receiving means for receiving encrypted data and a decryption key corresponding to an encryption key to a transmitting side. Requesting means for requesting transmission of the basic information, second receiving means for receiving the basic information transmitted in response to the request of the requesting means, and affixed to the encrypted data received by the first receiving means Identification means for identifying the attribute of the additional information, detection means for detecting the attribute of the basic information received by the second receiving means, attribute of the additional information identified by the identification means, and attribute of the basic information detected by the detection means Determining means for determining a match of
When the determining unit determines that the attribute of the additional information matches the attribute of the basic information, the generating unit generates a decryption key having an attribute different from the attribute of the basic information using the basic information. A storage unit for storing the number of decryption keys of the number of attribute types of the additional information; and a storage key corresponding to the attribute of the additional information identified by the identification unit among the decryption keys of the number of attribute types of the additional information stored by the storage unit. And decrypting means for decrypting the encrypted data received by the first receiving means.

[0007] When the determining means determines that the attribute of the additional information and the attribute of the basic information do not match,
It is possible not to generate a decryption key.

According to a third aspect of the present invention, there is provided a receiving method comprising: a first receiving step of receiving encrypted data; and a request of a transmitting side to transmit basic information which is a basis for generating a decryption key corresponding to the encryption key. Requesting step, a second receiving step of receiving basic information transmitted in response to the request of the processing of the requesting step, and additional information added to the encrypted data received in the processing of the first receiving step. An identification step for identifying the attribute of the information, a detection step for detecting the attribute of the basic information received in the processing of the second reception step, the attribute of the additional information identified in the processing of the identification step, and the attribute detected in the processing of the detection step. A determining step of determining a match between the attributes of the basic information; and, if it is determined in the processing of the determining step that the attribute of the additional information and the attribute of the basic information match, the attribute of the basic information is determined using the basic information. A generating step of generating a decryption key having an attribute different from that of the storing step, a storing step of storing the number of decrypting keys of the number of attribute types of the additional information generated in the processing of the generating step, and an attribute of the additional information stored in the storing step A decryption step of decrypting the encrypted data received in the first receiving step using a decryption key of the number of types corresponding to the attribute of the additional information identified in the identifying step processing. It is characterized by including.

According to a fourth aspect of the present invention, there is provided a program for a medium, comprising: a first receiving step of receiving encrypted data; and transmitting basic information serving as a basis for generating a decryption key corresponding to the encryption key to a transmitting side. A requesting step for requesting, a second receiving step for receiving basic information transmitted in response to the request for the processing of the requesting step, and an addition added to the encrypted data received in the processing of the first receiving step An identification step for identifying the attribute of the information, a detection step for detecting the attribute of the basic information received in the processing of the second reception step, an attribute of the additional information identified in the processing of the identification step, and detection in the processing of the detection step A determining step of determining whether the attribute of the basic information matches the attribute of the basic information, and determining that the attribute of the additional information and the attribute of the basic information match in the processing of the determining step. Generating a decryption key having an attribute different from the information attribute, storing the decryption keys of the number of attribute types of the additional information generated in the processing of the generating step, and adding the decryption key stored in the processing of the storage step Using the decryption key of the number of information attribute types corresponding to the attribute of the additional information identified in the processing of the identification step, the first key is used.
A decrypting step of decrypting the encrypted data received in the processing of the receiving step.

[0010] In the receiving apparatus according to the first aspect, the receiving method according to the third aspect, and the program of the medium according to the fourth aspect, the encrypted data is received and the basic information is transmitted to the transmitting side. Is received, and the basic information transmitted in response to the request is received. Also, the attribute of the additional information added to the received encrypted data is identified,
The attribute of the received basic information is detected, and it is determined whether the attribute of the identified additional information matches the attribute of the detected basic information. Further, when it is determined that the attribute of the additional information and the attribute of the basic information match, a decryption key having an attribute different from the attribute of the basic information is generated using the basic information, and the attribute of the attribute of the generated additional information is generated. The number of types of decryption keys is stored, and of the stored number of types of decryption keys of the attribute of the additional information, the received encrypted data is decrypted using the one corresponding to the attribute of the identified additional information. Decrypted.

[0011]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS FIG. 1 shows an MD deck 2-1 and 2-2 to which the present invention is applied. 2), a set-top box (STB) 3 and a personal computer (PC) 4. Each of the MD deck 2 through the personal computer 4 is connected to an IEEE1394 bus 1 by an IE.
An EE1394 interface is provided, and content data (audio data, audio data,
Video data, program data, etc.). The MD deck 2 through the personal computer 4 can control the operation of other electronic devices on the bus network by transmitting control signals via the IEEE1394 bus 1.

The present invention relates to an IEEE 1394 interface provided in each of the MD deck 2 to the personal computer 4. Hereinafter, the IEEE 1394 interface 35 (FIG. 2) provided in the MD deck 2 will be mainly described as an example. The IEEE 1394 interface provided in the set-top box 3 or the personal computer 4 is the same as the IEEE 1394 interface 35, and thus the description is omitted.

An MD deck 2 to which the present invention is applied will be described with reference to FIG. In the MD deck 2, a mini disc (trademark) 11 on which audio data is recorded is driven to rotate by a spindle motor 12. The mini disc 11 is irradiated with a laser beam from the optical head 13 during recording and reproduction. The optical head 13 includes a laser diode, a polarizing beam splitter, and the objective lens 3.
a, a detector and the like. The objective lens 3a is 2
It is held by a shaft mechanism 14 such that it can be displaced in the radial direction of the disk and in the direction of coming into contact with and separating from the disk. Optical head 1
Reference numeral 3 denotes a high level laser output for heating the recording track of the mini disk 11 to the Curie temperature during recording, and a relatively low level laser output for detecting data from reflected light by the magnetic Kerr effect during reproduction. Do.

Optical head 13 with mini disc 11 interposed
A magnetic head 16a disposed at a position facing the mini disk 11 applies a magnetic field modulated according to supplied data to the mini disk 11. Optical head 13 and magnetic head 16
“a” can be moved in the radial direction of the mini-disc 11 by the thread mechanism 15.

At the time of reproduction, information detected from the mini disk 11 by the optical head 13 is supplied to the RF amplifier 17. The RF amplifier 17 performs a predetermined operation on the supplied information, and performs a reproduction RF signal, a tracking error signal TE,
A focus error signal FE, groove information GFM (absolute position information recorded as a pre-groove (wobbling groove) on the mini disc 11) and the like are obtained. The reproduced RF signal is supplied to the encoder / decoder 18. The tracking error signal TE and the focus error signal FE are supplied to the servo circuit 9, and the groove information GFM is supplied to the address decoder 2.
0 is supplied.

The servo circuit 19 receives the tracking error signal TE, the focus error signal FE, the track jump command input from the system controller 21,
Various servo drive signals are generated based on an access command, rotation speed detection information of the spindle motor 12, etc., and the two-axis mechanism 1
4 and the sled mechanism 15 to perform focus and tracking control.
Is controlled to a constant linear velocity.

The address decoder 20 decodes the supplied groove information GFM to extract address information.
The extracted address information is supplied to the system controller 21 and used for various control operations. The reproduction RF signal is subjected to decoding processing such as EFM demodulation and CIRC in the encoder / decoder 18. At this time, addresses, subcode data, and the like are also extracted and supplied to the system controller 11.

EFM demodulation by encoder / decoder 18, CIR
The audio data (sector data) subjected to the decoding processing such as C is written into a buffer memory (RAM) 23 by the memory controller 22.

It should be noted that the optical head 13 reads data from the mini-disc 11, and the optical head 13
The transfer of reproduction data in the system from to the buffer memory 23 is 1.41 Mbit / sec, and the transfer is usually performed intermittently.

The data written in the buffer memory 13 is read out at a timing when the transfer of the reproduced data becomes 0.3 Mbit / sec, and is supplied to the encoder / decoder 24.
The signal is subjected to signal reproduction processing such as decoding processing for audio compression processing, and is converted into a digital audio signal of 44.1 KHz sampling and 16-bit quantization. This digital audio signal is converted into an analog signal by the D / A converter 25, the level adjustment and the impedance adjustment are performed by the output processing unit 26, and the digital audio signal is output to the external device as the analog audio signal Aout from the line output terminal 27. . In addition, it is supplied to the headphone output terminal 37 as a headphone output HPout, and is output to the connected headphones.

The digital audio signal decoded by the encoder / decoder 24 is supplied to a digital output terminal 3 via a digital interface (I / F) 32.
1 can be output to an external device as a digital audio signal Dout. For example, it is output to an external device in the form of transmission by an optical cable.

The standard applied to the digital interface 32 is not particularly limited, but here, it is assumed that IEC958, one of the standards of the digital audio interface, is adopted. .

At the time of recording, the recording signal (analog audio signal Ain) supplied to the line input terminal 28 is A
After being converted into digital data by the / D converter 29, it is supplied to the encoder / decoder 24 and subjected to audio compression encoding processing (ATRAC (Adaptive Transform Acoustic Coding)). When a digital audio signal Din is supplied from an external device to the digital input terminal 30, control codes and the like are extracted by the digital interface 32 and then supplied to the encoder / decoder 24 to be subjected to audio compression encoding processing. Although not shown, it is naturally possible to provide a microphone input terminal and use the microphone input as a recording signal.

The recording data compressed by the encoder / decoder 24 is written and stored in the buffer memory 23 under the control of the memory controller 22.
The data is read out for each predetermined amount of data unit and supplied to the encoder / decoder 18, subjected to encoding processing such as CIRC encoding and EFM modulation, and then supplied to the magnetic head driving circuit 16.

The magnetic head drive circuit 16 supplies a magnetic head drive signal to the magnetic head 16a in accordance with the encoded recording data. That is, the application of the N or S magnetic field to the mini disk 11 by the magnetic head 16a is performed. At this time, the system controller 21 supplies a control signal to the optical head 13 so as to output a laser beam at a recording level.

The operation section 33 indicates a part to be operated by a user, and is provided with various operation keys and operators as dials. As controls, for example, play, record, pause,
Keys for recording and playback operations such as stop, FF (fast forward), REW (fast rewind), AMS (search for cue), normal playback,
Keys related to play modes such as program playback and shuffle playback, and keys for display mode operation for switching the display state on the display unit 34, track (program) division, track concatenation, track deletion, track name input, disc name input, etc. Keys for program editing operations. Operation information from these operation keys and dials is transmitted to the system controller 21.
Supplied to The receiving unit 40 receives, for example, a command signal by infrared rays transmitted from the remote controller 41 and outputs a command code (operation information) corresponding to the command signal to the system controller 21. The system controller 21 controls the entire MD deck 2 in accordance with operation information input from the operation unit 33 or the reception unit 40.

The display unit 34 is provided with the system controller 21
In response to the control by the controller, a display including a liquid crystal panel or the like is driven, and display data supplied from the system controller 21 (operation mode state of a recording / reproducing disc, track number, recording time / reproduction time, editing operation) The display unit 34 displays numbers, characters, symbols, and the like indicating the status, etc. The display unit 34 also displays character information (such as a track name) recorded along with a program as main data on the mini disc 11.
Is displayed. The display unit 34 further receives an MD from another electronic device (such as the set-top box 3) via the IEEE1394 bus 1.
The copyright information of the content data input to the deck 2 is displayed based on the control from the system controller 21.

The IEEE1394 interface (I / F) 35
The content data is communicated with another electronic device via the E1394 bus 1. The detailed description of the IEEE1394 interface 35 will be described later.

The system controller 21 is constituted by a microcomputer including a CPU, an internal interface unit, and the like, and executes a program stored in the program ROM 38 for realizing various operations.
Controls the entire MD deck 2. The work RAM 39 appropriately holds data, programs, and the like necessary for the system controller 21 to execute various processes.

Next, an authentication process executed as a pre-process when data is communicated between the electronic devices constituting the bus network system via the IEEE1394 bus 1 will be described with reference to a flowchart of FIG. .

This authentication process is performed, for example, when the set-top box 3 distributes audio data to the IEEE1394 bus 1 as an isochronous packet, and when the MD deck 2 tries to receive the isochronous packet of the audio data, the isochronous packet is transmitted. Started before packet reception starts.

In the authentication process, the MD deck 2 (reception side) executes the system controller 2 based on the authentication program stored in the program ROM 38.
1 is realized by controlling the IEEE1394 interface 35, and in the set-top box 3 (transmission side), similarly to the MD deck 2, the built-in IEEE1394 interface is realized by the controller.

In step S1, the IEEE of MD deck 2
The 1394 interface 35 transmits an authentication request to the set-top box 3 via the IEEE1394 bus 1. This authentication request is received by the IEEE1394 interface of the set-top box 3 in step S11.

In step S2, the IEEE of MD deck 2
The 1394 interface 35 transmits its authentication information to the IEEE1394
The data is transmitted to the set-top box 3 via the bus 1. This authentication information is received by the IEEE1394 interface of the set-top box 3 in step S12.

Next, similarly, in step S 13, the IEEE 1394 interface of the set-top box 3 transmits its own authentication information to the MD deck 2 via the IEEE 1394 bus 1. This authentication information is received by the IEEE1394 interface 35 of the MD deck 2 in step S3.

Thereafter, the IEEE13 of the set top box 3
In the 94 interface, in step S14, a common key used to encrypt the isochronous packet of the audio data is generated. On the other hand, IEEE of MD deck 2
Even in the 1394 interface 35, in step S4,
A common key to be used when decrypting the encrypted isochronous packet is generated. After the end of the authentication process, the reception of the isochronous packet of the audio data is actually started.

By the way, the above-described authentication processing is started,
It takes several seconds to several tens of seconds to be completed, but before the authentication processing is completed, that is, while the authentication processing is being performed, for example, the user of the MD deck 2 receives a signal from the set-top box 3. When the reception of audio data is instructed, if the currently executing authentication processing is not immediately stopped, the MD deck 2 and the set-top box 3 perform processing corresponding to the newly input instruction for several seconds to several tens of seconds. Can not be executed.

Therefore, in the present embodiment, in order to solve such a problem, interrupt processing is executed in parallel with the above-described authentication processing in the IEEE1394 interface of the MD deck 2 and the set-top box 3. . The interrupt processing will be described with reference to the flowchart in FIG.

The following description is based on the IEEE standard for the MD deck 2.
Although the operation of the 1394 interface 35 has been described, it is assumed that the IEEE 1394 interface of the set-top box 3 also performs the same operation.

In step S21, the IE of the MD deck 2
The EE1394 interface 35 determines whether or not the authentication processing has been completed. If it is determined that the authentication processing has not been completed, the process proceeds to step S22. In step S22,
The IEEE1394 interface 35 determines whether or not an authentication processing stop request has been received from the authentication partner (in this case, the IEEE1394 interface of the set-top box 3). If it is determined that the authentication processing stop request has not been received, Proceed to step S23. In step S23,
The IEEE1394 interface 35 determines whether or not a command or the like for canceling the authentication process is input from the user. If it is determined that a command or the like for canceling the authentication process is input, the process proceeds to step S24. In step S24,
The IEEE1394 interface 35 transmits an authentication processing stop request to the IEEE1394 interface of the set-top box 3 that is the authentication partner.

In step S25, the IEEE1394 interface 35 immediately stops the authentication processing.

If it is determined in step S21 that the authentication processing has been completed, this interrupt processing is also completed.

If it is determined in step S22 that the authentication processing stop request has been received, the process proceeds to step S22.
Proceeding to step 25, the authentication process is immediately stopped.

If it is determined in step S23 that a command or the like for canceling the authentication process has not been input, the process returns to step S21, and the subsequent processes are repeated.

The input of a command or the like for canceling the authentication processing in step S23 means that a reproduction stop button, a recording stop button, an eject button, a power button, or the like is pressed on the MD deck 2. I have.

As described above, by executing the interrupt processing in parallel with the authentication processing, if the situation where the authentication processing becomes unnecessary occurs, the authentication processing is immediately stopped.
A new command or the like can be processed without waiting for the normal end of the authentication processing.

Next, a description will be given of a recovery process executed when a bus reset occurs in the bus network system. Each electronic device that composes the bus network system has a node ID dynamically assigned to it.
Are used to identify other electronic devices. Therefore, during data communication between electronic devices on the bus network, for example, a new electronic device is additionally connected to the bus network system, and thus a bus reset (node ID assigned to each electronic device) is performed. Is reset once,
Again, a new node ID is assigned to each electronic device)
Occurs, the node ID of the communication partner is changed, which is inconvenient.

Therefore, in the present embodiment, the communication partner is determined by the communication target device determination processing shown in FIG. 5, and then, during data communication, the recovery processing shown in FIG. Even if the node ID is changed due to the occurrence, no problem occurs in the data communication being executed.

In the MD deck 2, for example, the communication target device determination processing and the recovery processing are mainly based on a communication target device determination processing program stored in the program ROM 38 or a recovery processing program. System controller 21 is IEEE1394 interface 3
5 is controlled.

In step S31, the IEEE 1394 interface 35 acquires the node IDs of all the electronic devices connected to the IEEE 1394 bus 1. In step S32, when the user of the MD deck 2 selects an electronic device with which to communicate (hereinafter, referred to as a communication target device), in step S33, the IEEE1394 interface 35
From the communication target device selected in step S32, for example, unique information (hereinafter, referred to as unique information) that can specify the communication target device, such as a node unique ID, is acquired. In step S34, the IEEE1394 interface 35 stores the node ID in the unique information of the communication target device.
And a predetermined storage medium (for example, the work RAM 3
9 etc.).

As described above, after the communication target device is determined and its unique information is stored in association with the node ID,
Data communication is started using the node ID as information for specifying the communication destination, and in parallel with this, the recovery processing shown in FIG. 6 is executed.

In step S41, the IEEE1394 interface 35 determines whether or not a bus reset has occurred, and waits until it determines that a bus reset has occurred.
If it is determined that a bus reset has occurred, step S4
Proceed to 2. In step S42, the IEEE 1394 interface 35 determines in step S34 of the communication target device determination process.
Read out the unique information (for example, node unique ID) stored in. In step S43, the IEEE 1394 interface 35 acquires the unique information of each electronic device connected to the IEEE 1394 bus 1.

In step S44, the IEEE1394 interface 35 determines whether or not the unique information of each electronic device acquired in step S43 matches the unique information read in step S42 (the communication partner until immediately before the bus reset). It is determined whether or not there is an electronic device that has been determined as above), and if it is determined that a matching device exists, the process proceeds to step S45.

In step S45, following the state before the bus reset, the IEEE1394 interface 35 sets the node ID of the electronic device having the unique information that matches the stored unique information as the communication partner, and obtains the node ID of the electronic device. Resume communication. Then, returning to step S41,
Subsequent processing is repeated.

In step S44, the unique information of each electronic device obtained in step S43 is added to step S44.
If it is determined that there is no device that matches the unique information read in 42 (there is no electronic device that was the communication partner until immediately before the bus reset), the process proceeds to step S46. In step S46, the IEEE 1394 interface 35 notifies the system controller 21 that there is no electronic device with which the communication was performed immediately before the bus reset, and in response to this notification, the system controller 21
The user is prompted to select a new communication target device. In response to the prompt, the user selects a new communication target device.

In step S47, the IEEE1394 interface 35 acquires and stores the unique information and the node ID of the communication target device newly selected in step S46, and starts data communication using the node ID.

If the restoration process is executed when the power of the electronic device is turned on (at the time of startup),
The electronic device that was the communication partner when the power was last turned off can be automatically set as the communication target device without executing the communication target device determination process of FIG. In order to execute the recovery process at the time of starting, the medium for recording the unique information needs to keep the recording even while the power of the electronic device is turned off.

Furthermore, if various parameters relating to the communication target device are stored together with the unique information of the communication partner, data communication is actually started by using the information after the bus reset or the start-up. It is possible to shorten the time required for the operation.

Next, copyright information (copying permission / prohibition information) set for content data such as audio data received via the IEEE1394 bus 1 included in the MD deck 2 to the personal computer 4 according to the present embodiment. The following describes a function of notifying the user of such information (hereinafter referred to as a copyright information notification function). Here, the copyright information described in the isochronous packet of the content data such as the audio data will be described.

FIG. 7 shows the data structure of an isochronous packet such as audio data transmitted on the IEEE1394 bus 1. One quadlet (32 bits) on the MSB side of the packet is a packet header, and includes a data length (Data Length), a tag (Tag), a channel (Channel),
It consists of a transaction code (Tcode) and a synchronization code (Sy).

The data length describes the number of bytes of data transmitted as an isochronous packet.
A label related to the format of the isochronous packet is set in the tag. The transaction code describes a packet type and a transaction code. In the synchronization code, application-specific information is described.

One quadlet following the packet header has an error detection code (Header CRC) in the packet header.
Is described. Subsequently, a data field (Data Field) which is a main body of the audio data and the like, and an error detection code (Data CRC) of the audio data and the like are described.

As the copyright information for the content information such as audio data, the copyright management information (EMI (Encryption
Mode Information)) is described in the data field.
SCMS (Serial Copy Management System) information is described.

More specifically, as shown in FIG. 8A, two bits on the MSB side of the synchronization code have four types of status (Copy Freq.)
e, Write Once, No More Copy, Never Copy).

“Copy Free”, which is one of the four types of status regarding whether or not copying is possible, indicates that copying is permitted without setting a limited number of times for the content data. “Write Once” indicates that copying of the content is permitted only for one generation (one time). “No More Copy” indicates that this is the first copy of the content data whose content data is “Write Once”, and that copying of the content is not permitted. “Never Copy” indicates that copying of the content is not permitted.

In the case where the content data is encrypted on the transmitting side by one bit following the copyright management information,
An ODD / EVEN flag indicating the attribute of the encryption key used for the encryption is described (details will be described later).

The data field is shown in FIG.
As shown in (B), 192 sixth bits from the MSB side of each quadlet of real-time data following the CIP (Common Isochronous) header of one quadlet constituting the data field are arranged, and the third bit from the top is arranged. A flag (SCMS information) indicating whether copying is possible is described.
When 1 is described in this flag, it indicates that copying is permitted for the content data. When 0 is described in the flag, copying is prohibited for the content data. It is shown that.

FIG. 9 shows an example of the configuration of a portion related to the copyright information notification function of the IEEE1394 interface 35 of the MD deck 2. In this configuration example, the physical layer (PHY) unit 51 receives an isochronous packet from the IEEE1394 bus 1 and supplies it to a link (Link) unit 52. The link layer unit 52 records the flag indicating that the isochronous packet has been supplied from the physical layer unit 51 in a predetermined register containing the flag. The link layer unit 52 also reads the copyright management information indicated by the upper two bits of the synchronization code of the packet header from the isochronous packet, and determines whether copying of the content data is permitted (copyright management). The information is "Copy Fre
e) or “Write Once”), and records the content data in a predetermined register containing a flag indicating whether copying of the content data is permitted.
The link layer unit 52 further outputs the isochronous packet to the digital receiver 53 in Biphase.

The digital receiver 53 determines whether the phases of the isochronous packets input from the link layer unit 52 are synchronized, and records the result in a predetermined register containing a flag indicating the result. Digital receiver 5
Reference numeral 3 also reads the above-mentioned SCMS information from the isochronous packet, determines whether or not copying of the content data is permitted, and incorporates a flag indicating whether or not copying of the content data is permitted. Record in a predetermined register.

Next, the operation will be described with reference to the flowchart of FIG. This copyright information display process is performed, for example, when the MD deck 2 is
When the reception of the isochronous packet of the audio data via the IEEE1394 bus 1 is started, the program ROM 3
8 based on the copyright information display processing program stored in
It is started by controlling the interface 35.

In step S51, the system controller 21 determines whether or not the end of the content data has been instructed by the user. If it is determined that the end of the reception has not been instructed, the system controller 21 proceeds to step S52. In step S52, the system controller 21
By referring to a predetermined register built in the link layer unit 52 of the 1394 interface 35, it is determined whether or not the isochronous packet has been input to the IEEE1394 interface 35. Proceed to S53.

In step S53, the system controller 21 refers to a predetermined register built in the digital receiver 53 of the IEEE1394 interface 35 to determine whether the phases of the isochronous packets input from the link layer unit 52 are synchronized. It is determined whether or not they are synchronized, and if it is determined that they are synchronized, the process proceeds to step S54.

In step S54, the system controller 21 determines whether or not copying of the content data is permitted by referring to a predetermined register built in the link layer unit 52 of the IEEE1394 interface 35. If it is determined that copying is not permitted, the process proceeds to step S55.

In step S55, the system controller 21 determines whether or not copying of the content data is permitted by referring to a predetermined register built in the digital receiver 53 of the IEEE1394 interface 35. If it is determined that copying is not permitted, the process proceeds to step S56.

In step S56, the system controller 21 displays "Can't Copy" on the display unit 34 as shown in FIG. 11B, and the content data being received by the user cannot be copied. Notify that there is.

Thereafter, in step S51, the subsequent processing is repeated until it is determined that the reception end has been instructed.

If it is determined in step S52 that the isochronous packet has not been input to the IEEE1394 interface 35,
If it is determined in 53 that the phases of the isochronous packets are not synchronized, the process proceeds to step S57. In step S57, the system controller 21
As shown in FIG. 11A, “No Steram” is displayed on the display unit 34 to notify the user that the content data has not been received.

If it is determined in step S54 that copying is permitted, or if it is determined in step S5
If it is determined in 5 that copying is permitted,
Returning to step S51, the subsequent processing is repeated.

According to the copyright information display processing as described above, the user can easily recognize whether or not the content data being received can be copied.

In the copyright information display processing, if copying of the content data is not permitted, the fact is displayed. However, if copying is permitted, the fact is displayed. It may be. Further, words indicating four types of statuses indicated by the copyright management information set for the content data, ie, “Copy Freq”
e "," Write Once "," No More Copy ", or" Nev
er Copy "may be displayed.

In the copyright information display process, if no isochronous packet exists or the phases are not synchronized, "No Stream" is displayed to indicate that the content data is not correctly received. However, for example, even when the authentication process (FIG. 3) as the pre-processing for receiving the content data is not normally completed (for example, when the authentication is not performed),
“No Stream” may be displayed to notify the user that the content data cannot be received.

Next, in the bus network system according to the present embodiment, a series of processes for encrypting the isochronous packet of the content data on the transmitting side and decrypting the encrypted isochronous packet on the receiving side are described in, for example, the MD deck. 2-1 via the IEEE1394 bus 1 to the MD deck 2-1 to store content data (ATRAC (Adapti
An example is described in which an isochronous packet of ve transform Acoustic Coding (data) is encrypted and transmitted.

FIG. 12 shows an example of the configuration of a part of the MD decks 2-1 and 2-2 relating to a series of processes for encrypting and transmitting the above-described isochronous packet and decrypting it on the receiving side.

The control unit 61 of the MD deck 2-1 on the transmitting side
Controls the time variable generator 62 and the IEEE1394 interface 35-1. The time variable generation unit 62 includes the control unit 6
Based on the control from 1, a time variable that is incremented by one every 30 seconds, for example, is generated and supplied to the encryption unit 63 as an encryption key.

The encryption unit 63 encrypts ATRAC data read from the mini disk 11 by the reproduction system of the MD deck 2-1 using the encryption key supplied from the time variable generation unit 62, and obtains the obtained encryption. A flag indicating the attribute (ODD or EVEN) of the used encryption key (ODD / EVEN flag of the third bit of the synchronization code shown in FIG. 8) is added to the data, and the IEEE1394 interface (I / F) 35
Output to -1. The IEEE1394 interface 35-1 is
The encrypted data (with the ODD / EVEN flag) input from the encryption unit 63 is recorded in a built-in FIFO buffer, and sequentially
The packet is converted into an isochronous packet and output to the IEEE1394 bus 1.

The IEEE1394 interface 35-1
Is the IE of another electronic device connected to the IEEE1394 bus 1.
EE1394 interface (in this case, MD deck 2-2
In response to a request from the IEEE1394 interface 35-2), the encryption key (for example, the attribute is
The encryption key next to ODD (in this case, the attribute is E
A seed (in this case, the seed is for generating a decryption key with an attribute of EVEN) which is information for generating a decryption key for decrypting content data encrypted with the VEN encryption key. However, the encryption key used at the time when the seed is transmitted has the attribute OD
D, the attribute of the seed is also ODD), and is supplied to the electronic device (MD deck 2-2) via the IEEE1394 bus 1 as an asynchronous packet.

The control unit 71 of the MD deck 2-2 on the receiving side
Is input from the IEEE1394 interface 35-2.
The key generation unit 72 and the decryption unit 73 are controlled according to the ODD / EVEN flag of the isochronous packet of the encrypted content data. IEEE1394 interface 35-2
Is the encrypted AT distributed on IEEE1394 bus 1.
An isochronous packet of RAC data (hereinafter, referred to as encrypted data) is received and output to the control unit 71 and the decryption unit 73. The IEEE1394 interface 35-2 also receives, via the IEEE1394 bus 1, an asynchronous packet of a seed used when generating a decryption key, and outputs the packet to the control unit 71. This seed is supplied from the control unit 71 to the key generation unit 72.

The key generation unit 72 corresponds to the attribute of the seed supplied from the control unit 71. The decryption key whose attribute is ODD (hereinafter referred to as ODD key) or the decryption key whose attribute is EVEN. (Hereinafter referred to as EVEN key) alternately,
This is supplied to the decoding unit 73. Specifically, a seed (for example, a seed whose attribute is ODD) supplied from the control unit 71,
By performing a predetermined operation on the common key obtained by the authentication process (described above) and the decryption key (in this case,
An EVEN key is generated and supplied to the decryption unit 73. The details of the key generation process of the key generation unit 72 will be described later with reference to the flowchart in FIG.

The decryption unit 73 is a part of the IEEE 1394 interface 3 of the ODD key and the EVEN key supplied from the key generation unit 72.
The encrypted data is decrypted using the data corresponding to the ODD / EVEN flag of the encrypted data input from 5-2, and the obtained content data (ATRAC data) is output to the subsequent stage.

FIG. 13 shows a detailed configuration example of the decoding unit 73 of FIG. As shown in the figure, in the decryption unit 73, the ODD key supplied from the key generation unit 72 is written in the ODD register 81, and the EVEN key is written in the EVEN register 82. The decoder 84 is connected to the IEEE1394 interface 35
The ODD / EVEN flag of the encrypted data input from step -2 is read, and the switch 83 is switched according to the read ODD / EVEN flag. Further, the decoder 84 reads an encryption key (ODD key or EVEN key) from the ODD register 81 or the EVEN register 82, and decrypts the encrypted data using the encryption key.

Here, a delay when the encrypted content data is transmitted as an isochronous packet and a delay when a seed used for generating a decryption key is transmitted as an asynchronous packet will be described.

First, the delay when the encrypted content data is transmitted as an isochronous packet will be described with reference to FIG. On the transmitting side, for example, when the time variable generation unit 62 sequentially updates the time variables (encryption keys) to K0, K1, and K2 at the timing shown in FIG. 14A, the encryption output from the encryption unit 63 The ODD / EVEN flag added to the data, as shown in FIG.
It changes at the same timing as the time variable. On the contrary,
On the receiving side, the timing at which the encrypted data is received by the IEEE 1394 interface 35-2 of the MD deck 2-2 via the IEEE 1394 bus 1 and supplied to the decryption unit 73 is, for example, when the communication band of the IEEE 1394 bus 1 is congested. Due to the situation, etc., as shown in FIG.
Delay by d.

Next, the delay when the seed used for generating the decryption key is transmitted as an asynchronous packet will be described with reference to FIG. On the transmitting side, in response to a request from the receiving side, the attribute of the encryption key currently used for encrypting the content data (ODD or EVE).
N) At the receiving end, at the timing ts when a seed having an attribute equal to N) is returned as an asynchronous packet, the receiving side uses the ODD key for decryption or EVEN based on the seed.
Timing tr at which a key is generated and supplied to the decryption unit 73
For example, due to the processing in the IEEE 1394 interface 35-2 and the key generation unit 72, the congestion state of the communication band of the IEEE 1394 bus 1, and the like, the two states shown in FIGS. Delay as shown in either.

State 1 shown in FIG. 15D is a state in which the attribute (ODD) of the content data received as an isochronous packet matches the attribute (ODD) of the seed received as an asynchronous packet. FIG.
State 2 shown in FIG. 5 (E) is a state in which the attribute (EVEN) of the content data received as an isochronous packet and the attribute (ODD) of the seed received as an asynchronous packet are different.

By the way, in the case of state 1 shown in FIG. 15D, if a decryption key having an attribute of EVEN is generated using a seed having an attribute of ODD, the encryption key K2 received thereafter is generated.
(Attribute is EVEN), and the content data encrypted by this can be decrypted. On the other hand, in the case of state 2 shown in FIG. 15E, if a decryption key having an attribute of EVEN is generated using a seed having an attribute of ODD, an encryption key K3 received thereafter is generated. (Attribute is ODD), the encrypted content data cannot be decrypted.

In order to prevent such a problem from occurring, when the attribute of the seed and the attribute of the encrypted data are different, a key generation process that operates so as not to generate a decryption key using the seed is described in FIG. This will be described with reference to a flowchart. This key generation process is performed on the MD deck 2
-2, starts when encrypted data is received via the IEEE1394 bus 1.

In step S71, the control unit 71
It is determined whether the reception of the encrypted data has been completed. If it is determined that the reception has not been completed, the process proceeds to step S72. In step S72, the step control unit 71
Reads the ODD / EVEN flag of the encrypted data input from the IEEE1394 interface 35-2.

In step S73, the IEEE1394 interface 35-2 transmits the IEEE1394 of the MD deck 2-1 via the IEEE1394 bus 1 under the control of the control unit 71.
It requests the interface 35-1 to transmit the seed. In response to this request, the IEEE1394 interface 35-1 of the MD deck 2-1 returns a seed having an attribute equal to the attribute of the encryption key currently used for encrypting the content data as an asynchronous packet.

The asynchronous packet of the seed is
In step S74, the data is received by the IEEE1394 interface 35-2 of the MD deck 2-2 and supplied to the control unit 71. In step S75, the control unit 71 determines whether or not the attribute of the ODD / EVEN flag of the encrypted data read in step S72 matches the attribute of the seed supplied in step S74. If it is determined, the process proceeds to step S76.

In step S76, the key generation unit 72
Performs a predetermined operation on the seed supplied from the control unit 71 and the common key obtained by the authentication processing (described above), thereby generating a decryption key having an attribute different from the seed attribute. 73. In step S77, the decryption unit 73 records the decryption key supplied from the key generation unit 72 in the ODD register 81 or the EVEN register 82 corresponding to the attribute.

If it is determined in step S75 that the attribute of the ODD / EVEN flag of the encrypted data read in step S72 does not match the attribute of the seed supplied in step S74, the process returns to step S71. .
Therefore, at this time, the next decryption key is not generated.

However, the subsequent processing is periodically repeated until it is determined in step S71 that the reception is completed. Therefore, in the next and subsequent steps S75, the ODD / EVEN flag of the encrypted data read out in step S72 Is determined to match the attribute of the seed supplied in step S74, and a decryption key is sequentially generated.

As described above, by comparing the attribute of the seed with the attribute of the encrypted data and generating a decryption key corresponding to the result, it is possible to decrypt the encrypted data normally. .

As described above, in the present embodiment, the case where the present invention is mainly applied to the MD deck 2 has been described as an example. However, the present invention is applicable to the case where The present invention can be applied to an electronic device having an interface.

Incidentally, the series of processes described above can be executed by hardware, but can also be executed by software. When a series of processing is executed by software, a program constituting the software is executed by a computer (corresponding to the system controller 21 in FIG. 2) incorporated in the MD deck 2 as dedicated hardware, By installing this program, it is installed in, for example, a general-purpose personal computer that can execute various functions.

Next, referring to FIG. 17, regarding a medium used to install a program for executing the above-described series of processing in a computer and to make the computer executable, the computer is a general-purpose personal computer. The following is an example of the case.

The program is, as shown in FIG.
Hard disk 302 or semiconductor memory 303 as a recording medium built in personal computer 301
(Corresponding to the program RAM 38 shown in FIG. 2).

Alternatively, the program may be arranged as shown in FIG.
As shown in the figure, floppy disk 311 and CD-ROM (Com
pact Disc-Read Only Memory) 312, MO (Magneto Op)
tical) Disc 313, DVD (Digital Versatile Disc)
314, a magnetic disk 315, a semiconductor memory 316, or other such storage media, which can be temporarily or permanently stored and provided as package software.

Further, as shown in FIG. 17C, the program is transmitted from the download site 321 to the satellite 3 by radio.
22 or via a network 331, such as a local area network or the Internet, by wire or wirelessly to the personal computer 301.
02 or the like.

[0110] The medium in this specification means a broad concept including all these media.

As shown in FIG. 18, for example, the personal computer 301 has a CPU (Central Processing
it) 341. An input / output interface 345 is connected to the CPU 341 via a bus 341. The CPU 342 receives a command from an input unit 347 including a keyboard, a mouse, and the like via the input / output interface 345. Correspondingly, a ROM (Read Only) corresponding to the semiconductor memory 303 of FIG.
Memory) The program stored in 343, sanitation 32
2 or the communication unit 3
48, and the program installed on the hard disk 302 or the floppy disk 311, CD-ROM 312, M
The program read from the O disk 313, the DVD 314, or the magnetic disk 315 and installed on the hard disk 302 is stored in a RAM (Random Access Memory).
y) Load to 344 and execute. Further, the CPU 342
Sends the processing result to, for example, the input / output interface 3
An output is provided to a display unit 346 such as an LCD (Liquid Crystal Display) via the LCD 45 as necessary.

In this specification, the steps of describing a program provided by a medium may be performed in a chronological order according to the described order. This also includes processes executed individually.

In this specification, the system is
It represents the entire device composed of a plurality of devices.

[0114]

As described above, according to the receiving device of the first aspect, the receiving method of the third aspect, and the program of the medium of the fourth aspect, the attribute of the additional information and the basic information If it is determined that the attributes match, a decryption key of an attribute different from the attribute of the basic information is generated using the basic information,
By storing the decryption keys of the number of attribute types of the generated additional information, and using the one corresponding to the attribute of the identified additional information,
Since the encrypted data is decrypted, it is possible to reliably decrypt the encrypted data.

[Brief description of the drawings]

FIG. 1 is a block diagram illustrating a configuration example of a bus network system including electronic devices to which the present invention has been applied.

FIG. 2 is a block diagram illustrating a configuration example of an MD deck 2 to which the present invention has been applied.

FIG. 3 is a flowchart illustrating an authentication process.

FIG. 4 is a flowchart illustrating an interrupt process.

FIG. 5 is a flowchart illustrating a communication target device determination process.

FIG. 6 is a flowchart illustrating a recovery process.

FIG. 7 is a diagram showing a data structure of an isochronous packet.

FIG. 8 is a diagram for explaining a position where copyright information is described.

FIG. 9 is a block diagram showing a configuration example of a part related to copyright information display processing of the IEEE1394 interface 35.

FIG. 10 is a flowchart illustrating copyright information display processing.

FIG. 11 is a diagram showing a display example of copyright information.

12 is a block diagram illustrating a configuration example of a portion related to encryption and decryption of an isochronous packet of the MD deck 2. FIG.

13 is a block diagram illustrating a configuration example of a decoding unit 73 in FIG.

FIG. 14 is a diagram for explaining a reception delay of content data communicated as an isochronous packet.

FIG. 15 is a diagram for explaining a reception delay of a seed communicated as an asynchronous packet.

FIG. 16 is a flowchart illustrating a key generation process.

FIG. 17 is a diagram showing a program stored in a personal computer 301.
FIG. 4 is a diagram for describing a medium used to install the program into an executable state.

FIG. 18 is a diagram for describing a personal computer 301.

[Explanation of symbols]

1 IEEE1394 bus, 2 MD deck, 3 set-top box, 4 personal computer, 21
System controller, 34 display, 35 IEEE
1394 interface, 38 program RAM, 51
Physical layer section, 52 link layer section, 53 digital receiver, 71 control section, 72 key generation section,
73 Decoding unit

 ──────────────────────────────────────────────────続 き Continued on the front page F term (reference) 5B017 AA06 BA04 BA07 BB02 BB10 CA09 CA15 CA16 5D044 BC06 CC04 DE17 DE49 GK17 HL11 5J104 AA01 AA07 AA16 EA26 KA01 KA02 KA04 NA02 PA07 5K032 AA08 DB15 DB19

Claims (4)

[Claims] 1. A receiving apparatus for receiving encrypted data encrypted with a periodically updated encryption key, comprising: first receiving means for receiving the encrypted data; Requesting means for requesting transmission of basic information serving as a basis for generating a decryption key corresponding to a key; second receiving means for receiving the basic information transmitted in response to the request of the requesting means; Identification means for identifying an attribute of additional information added to the encrypted data received by the first receiving means; detecting means for detecting an attribute of the basic information received by the second receiving means; Determining means for determining whether the attribute of the additional information identified by the means matches the attribute of the basic information detected by the detecting means; and determining that the attribute of the additional information matches the attribute of the basic information. If it is In this case, using the basic information, generating means for generating a decryption key having an attribute different from the attribute of the basic information, and storing the decryption keys of the number of attribute types of the additional information generated by the generating means Storage means, of the decryption keys of the number of attribute types of the additional information stored in the storage means, the one corresponding to the attribute of the additional information identified by the identification means, A decrypting means for decrypting the encrypted data received by the receiving means. 2. The method according to claim 1, wherein the generating unit does not generate the decryption key when the determining unit determines that the attribute of the additional information does not match the attribute of the basic information. The receiving device according to the above. 3. A receiving method of a receiving apparatus for receiving encrypted data encrypted by a periodically updated encryption key, comprising: a first receiving step of receiving the encrypted data; Requesting transmission of basic information serving as a basis for generating a decryption key corresponding to the encryption key, and a second reception of receiving the basic information transmitted in response to a request for processing of the request step An identification step for identifying an attribute of additional information added to the encrypted data received in the processing of the first receiving step; and an attribute of the basic information received in the processing of the second receiving step A detecting step of detecting the attribute of the additional information identified in the processing of the identifying step and an attribute of the basic information detected in the processing of the detecting step. And if the attribute of the additional information and the attribute of the basic information match in the processing of the determining step, generate a decryption key having an attribute different from the attribute of the basic information using the basic information. A storage step of storing the number of types of attribute of the additional information generated in the processing of the generation step, and a number of types of attribute of the additional information stored in the processing of the storage step A decryption step of decrypting the encrypted data received in the first receiving step using a decryption key corresponding to the attribute of the additional information identified in the identifying step. A receiving method comprising: 4. A receiving program for receiving encrypted data encrypted with a periodically updated encryption key, comprising: a first receiving step of receiving the encrypted data; A requesting step for requesting transmission of basic information serving as a basis for generating a decryption key corresponding to the encryption key, and a second step of receiving the basic information transmitted in response to a request for processing in the requesting step. A receiving step, an identification step of identifying an attribute of additional information added to the encrypted data received in the processing of the first receiving step, and an identification step of the basic information received in the processing of the second receiving step. A detecting step of detecting an attribute; determining that an attribute of the additional information identified in the processing of the identifying step matches an attribute of the basic information detected in the processing of the detecting step; And if the attribute of the additional information and the attribute of the basic information match in the processing of the determining step, generate a decryption key having an attribute different from the attribute of the basic information using the basic information. A storage step of storing the number of types of attribute of the additional information generated in the processing of the generation step, and a number of types of attribute of the additional information stored in the processing of the storage step A decryption step of decrypting the encrypted data received in the first receiving step using a decryption key corresponding to the attribute of the additional information identified in the identifying step. A medium which causes a computer to execute a program characterized by including: