JP2005318110A - Reproduction method and device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To safely store an authentication key used to cipher media data and to easily take it out without placing any burden on a user. <P>SOLUTION: Previously registered data on an operation procedure of equipment and the ciphered media data are stored and when the user performs an operation matching the stored data on the operation procedure of the equipment, the ciphered data are deciphered and output. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a reproduction method for decrypting and reproducing data to be concealed from a third party such as an authentication key to be concealed from an encrypted third party and data to be concealed from a third party. The present invention relates to a playback device.

  Conventionally, personal authentication methods include methods using personal property such as magnetic cards and IC cards, methods using personal knowledge and information such as passwords (hereinafter this method is called the password method for convenience), physical features and behaviors. There are methods using biometrics depending on characteristics. In the possession method, “spoofing” is misused due to counterfeiting, theft, and loss. In the biometrics method, “spoofing” is relatively difficult, but a dedicated input device is required, and technical improvement of the authentication rate and the misidentification rate is a problem.

  The password method is the most commonly used method because it can easily realize input devices (keyboard input and voice recognition) and has high convenience. However, in the personal authentication key using the password method, “spoofing” is misused due to leakage to a third party or theft.

In order to reduce misuse damage, an authentication key (= password) is created individually for each encrypted data, and the authentication key length is increased to frequently change the authentication key. However, in that case, the principal must memorize a plurality of authentication keys with several digits. As a result, the authentication key becomes more than the ability of the person to memorize, and the result is recorded in a memo or the like, resulting in a decrease in security. There is a need for means for storing data so as to be concealed from a third party such as a plurality of authentication keys without causing a decrease in security.
JP 2001-249731 A

  Japanese Patent Application Laid-Open No. 2004-228688 discloses that authentication is performed by measuring a time interval at which a key is pressed and determining whether the measured time interval is the same as that registered in advance. However, when this technique is used, it is necessary to faithfully reproduce the time interval when the key is pressed, and there is a disadvantage that the stored key cannot be taken out unless the time required for registration is required. Further, if this time is shortened, there is a disadvantage that the security is lowered. In addition, since this time length is limited by human ability, it has been difficult to save data to be concealed from a plurality of third parties.

  An object of the present invention is to encrypt and store data to be concealed from a third party so that it can be easily retrieved without burdening the user.

  The present invention stores pre-registered device operation procedure data and encrypted data to be concealed from a third party, and a user operation that matches the stored device operation procedure data is performed. In such a case, the data to be concealed from the encrypted third party is decrypted and reproduced.

  In this way, only when there is a user's device operation that matches the operation procedure of the registered device, the data that should be hidden from the encrypted third party can be decrypted, and the registered operation Only the user who remembers can play it.

  According to the present invention, only a user who remembers a registered operation can reproduce data that should be hidden from a third party, and the operation procedure of the device functions as an authentication key. The authentication key to be concealed and the data to be concealed from a third party can be safely stored, and can be easily retrieved without burdening the user.

  For this reason, for example, an authentication key that can be concealed from a third party by combining sounds and images associated with the user's lifestyle and memory, etc. Therefore, it is not necessary to store a combination of character strings as a personal authentication key using a password method.

  When the personal authentication key is a character string, it can be stored when a manual entry or a recorded memo is seen by a malicious third party. In the present invention, for example, a combination of sound and image is used. In this case, not only vision but also hearing is required, and the difficulty of stealing is increased, which effectively functions as a personal authentication key. For example, if a headset is used, information that outputs sound can be blocked from a third party, so even if the third party steals only the user's input operation, security is not lowered.

  In addition, multimedia data composed of sound information and video information is not limited to finite choices like characters, but by introducing the concept of a changing scene (address with information file), infinite choices Can be easily created by the user himself, so the security level is greatly improved. Even in still image media data that does not have the concept of “change”, the file name that is played back by the playback device itself is a combination of character strings and is not limited to a single alphanumeric character. The number can be increased to the number determined by the specifications of the equipment to which the invention is introduced (depending on the performance, in the order of 10 million or 1 million). Therefore, the security level is improved.

  In addition, if the user authentication key is a character string, if a memo is left, it is recorded in a unified manner, so that in the case of theft, it is possible to misuse it as it is. It is possible to record hint keywords that can be associated without centralized recording if a personal authentication key with a meaningful character string is used. However, since it is meaningful, it can be easily remembered and associated with a third party. . On the other hand, when using the processing of the present invention and writing a hint, unlike a word, it can be an individual scene of an individual's experience, and it is not possible to associate it with a third party. Nearly possible (for example, select a snow scene at a proposed location from a number of landscape photos. Select a number of songs that were played every day at elementary school lunch. From the commuting course video, only the entrance is shown. No one can know the habit of seeing the flowers in the flower bed of Mr. xx's garden and the place of interest in the view of the train window). As a result, security can be maintained even if the user himself uses a lot of hints that can be immediately associated.

  In addition, people's memories are revived by associations, and because people live through various experiences, memories associated with the reproduction of one image or sound, and when another image or sound is reproduced The memories associated with them are different. As a result, authentication keys to be hidden from multiple third parties and data to be hidden from third parties are stored in conjunction with separate storage, so that authentication keys can be hidden from multiple third parties. Even if a procedure for extracting data to be concealed from a third party is provided, a means for extracting an authentication key to be concealed from a third party and data to be concealed from the third party can be realized.

  In addition, by providing an application that directly inputs the personal authentication key extracted in the present invention with respect to an application that requests the personal authentication key regardless of the inside or outside of the apparatus, the user is completely aware of the existence of the character authentication key in the character string. It is possible to handle the authentication key to be concealed from a third party and the data to be concealed from the third party. As a result, it is possible to prevent an operation error caused by reading the character string and inputting it again, and there is an effect of improving security by not exposing the character string.

  Also, by storing some or all of the multimedia data to be played back (sound information, still image information, video information, etc.) and pre-registered device operation procedures in an external device or external storage element For example, even if only the playback device is passed to a third party, security is not affected. Further, by separately storing the multimedia data to be reproduced and the operation procedure of the registered device in a storage element that can be separated independently of each other, there is a further security improvement effect.

  Further, since the sound information, the still image information, the state of the moving image information multimedia data, and the like read when the user performs a predetermined operation are used as functions, the second operation from the operation determined by the first user is performed. No matter what operation the user performs before the operation specified by the first user, the user's purpose is to extract the authentication key to be hidden from the third party and the data to be hidden from the third party. The operation procedure is not affected. In other words, since the “scene” when the correct answer key is pressed is used as the personal authentication key, it is possible to register so as not to affect the fast forward and the frame advance in other intermediate scenes. It is also possible to register so that fast-forwarding and frame-forwarding are “user operation procedures for the purpose of extracting an authentication key to be hidden from a third party and data to be hidden from a third party”. Therefore, it is not necessary to use “time required for actually reproducing multimedia data” as a function. As a result, unlike conventional methods that improve the degree of security along with the “time required to actually play multimedia data”, a short time is maintained while maintaining the degree of security using multimedia data having a long playing time. Input is possible.

  Hereinafter, an embodiment of the present invention will be described with reference to the accompanying drawings. In the present embodiment, a specific scene in multimedia data that can be played back by the playback device, a “keyword”, an authentication key to be hidden from a third party, and data to be hidden from a third party are stored. It is related. FIG. 1 is a diagram showing the flow of encryption and decryption according to the present invention. The outline of encryption and decryption according to the present invention will be described with reference to FIG. 1. In the present invention, an encryption key is generated from the operation procedure of a device registered in advance (step S11). The encryption key generated at this time is a target encryption key for processing data in a playback control unit of a playback device to be described later and storing the data in a non-volatile memory as a storage unit.

  Then, using the generated and stored encryption key, the data (media data) designated by the user is encrypted by the playback control unit of the playback device (step S12). The media data to be encrypted is data stored in plain text (that is, in an unencrypted state) in, for example, a card-type memory device.

  The data encrypted in step S12 is stored in, for example, a nonvolatile memory. The non-volatile memory may be storage means in a terminal called a home server installed at home, for example.

  When decrypting the encrypted and stored media data, when the same operation procedure used for generating the encryption key stored in step S11 is input by the user, the playback device Decoding is executed by the reproduction control unit or the like (step S13).

  Specific examples of each process will be described below. The above-described “keyword” and “specific scene” are, for example, as follows.

  For example, if the multimedia data is voice media data of conversation recording, the specific scene is the bank where the name of the supermarket where the ATM of the bank you normally use appears in the flow of conversation in public conversation. It refers to something that the listener can identify with judgment based on their own experience and knowledge. The keyword in this case is, for example, “bank”.

  When the multimedia data is music media data playback, the scene may be a point in time when a phrase or melody that the listener likes is played back. In this case, it is possible to associate with no keyword, so no keyword is required.

  If the multimedia data is “still image media data playback”, it may be a scene in which an image of “a favorite teacup bowl that you always use when you return to your home” is open. It is.

  When the multimedia data is moving image media data, it may be a scene where a meal scene at a restaurant before going to the performance hall of the artist who was looking forward to is reproduced. The keyword in this case is, for example, “artist performance”.

  When the multimedia data is text media data such as a telop, for example, it may be a scene in which a subtitle of a favorite phrase appears in a movie or a scene in which favorite lyrics appear in karaoke. In this case, it is possible to associate with no keyword, so no keyword is required.

  In addition, when the multimedia data is a video playback media that includes audio, various clocks are shown in the watch shop scene, but they are not shown at that time, but they are used every day. It may be a scene where the same sound as the clock is heard. This example is an example in which the user makes a determination from the sound of an alarm clock even if image information not related to the determination of another clock is included. The keyword in this case is “morning”, for example.

  An example is moving image media data in which an alarm sound is generated at the same time as one clock is projected. In this case, it is assumed that the moving image media data is created so that various alarm sounds are produced even with the same clock. From this, it is not difficult for the person to distinguish the watch he / she usually uses and its tone from others. In this case, keywords can be associated without keywords, so keywords are not required.

  As in the above example, there are scenes that cannot be associated with a third party even if it is a scene that can be associated based on keywords without being carved into its own brain, such as its own knowledge, memory, and fantasy. The present invention makes use of this human nature from the authentication key and the third party so that the scene specified by the user based on the image and sound virtually created on the electronic device can be hidden from the third party. Data is associated with each other so as to be concealed, and the authentication key can be stored and retrieved so as to be concealed from a third party.

  Safety is maintained by embedding the above-mentioned scenes that cannot be associated with a third party in a combination of scenes that cannot be identified from the third party. In addition, to increase safety, not only use keywords that are difficult to associate, but use as many keywords as possible, and increase the number of “combinations of scenes that cannot be discerned by a third party”. That's fine. Specifically in the above example, for example, the following is performed.

  In the case of the voice media data example of the conversation recording, the conversation time of the public talk is lengthened, and the kinds of sounds emitted there are increased. The types of sounds to be generated are the number of words spoken by a person, background sounds, between conversations and conversations, and one unit that can be extracted in a series of flows is defined as one scene. The factors that increase security here are “time” and “number of scenes”.

  For example, in the case of a one-minute conversation, if only one phrase is generated and there is no discernible change in the background sound, the number of scenes is two. The probability that a correct answer can be extracted is ½. Therefore, it is not possible to obtain security in accordance with the spirit of the present invention. The probability in this case is applied when a third party tries to draw out a correct answer by focusing on sound information (even if the time is long, in the middle of a silent section in which a legitimate user cannot be distinguished, If the authentication key is hidden from the user or the data is hidden from the third party, the authentication key is hidden from the third party and the data is hidden from the third party. Can not be pulled out). On the other hand, the probability that a third party can extract one scene in which one's mother is competing for 0.5 seconds while being divided into 100 scenes in a one-minute conversation is the case of the example described later. Taking into account the guard band (= delay time from when the desired sound is emitted from the device until the sound is determined and the result of determination is input to the device) is 1.5 / 60 = 1/40 ( Assuming that the example of discrimination at the normal playback speed described later was carried out). This probability is applied when a third party tries to draw out a correct answer by using only time information without paying attention to sound information. (Even if there are many scenes, it is not possible to set a guard band shorter than the time during which a legitimate user can press the correct answer key operation).

  In this example, slow playback may be used to further reduce the probability. In that case, the probability is 1/100 based on the number of scenes (since it can be digitally processed so that the pitch of the sound does not change even with slow playback, it is easy to determine). Although the number of scenes referred to here is 100 for convenience, in fact, it can be divided into 100 scenes for legitimate users, but it can be more than 100 scenes for third parties. Is. For example, in a situation where 10 people with similar voices continue to talk for 1 minute each, a legitimate user may be able to extract 100 words spoken by his mother but may not be distinguished by a third party .

  In the case of reproducing music media data, for example, the number of songs is increased, and a full chorus is made instead of a short time like an intro. Again, the factors that increase security are “time” and “number of scenes”.

  “In the case of still image media data playback examples, various others 'homes, various others' gardens, various unrelated stations, several home living rooms, various dishes, etc. The factor that increases security here is the “number of scenes”.

  In the case of the moving image media data example, it is to increase the “number of scenes” such as a scene of listening to a CD at home or an unrelated artist performance. In the case of moving image media, it is possible to discriminate with the resolution of each frame corresponding to one still image by using slow playback or frame advance playback (however, such as the moment when the ball hits the bat) It is assumed that the image is such that a legitimate user can be identified). For example, the probability that a third party can extract 1 frame (= 1 scene) from 1 minute of 30 fps image by frame advance is 1 / (30 * 60) = 1/1800 (in this case, the guard band is not exist). In the case of reproducing as a moving image, the guard band may be equivalent to that of audio media, in which case the probability is equivalent to that of the audio media described above.

  Also in the case of a moving image playback media example including audio, “time” and “number of scenes” are security improvement factors.

  When characters are used, there are 62 types including 52 upper case letters and 10 lower case letters and 10 types of numbers, and it is possible to realize a value close to the normal speed playback of the above-mentioned conversation recording and moving image media data. However, it is difficult to memorize when uppercase letters and lowercase letters are combined so as not to make sense. On the other hand, if it makes sense, the risk of guessing by a third party increases. By using a combination of the above specific scenes, it corresponds to a key length that could not be realized with a conventional character combination personal authentication key, and could not be realized with a conventional character combination personal authentication key. It is possible to realize a large number of identity authentication keys while minimizing the burden on the user.

Although the probability is lower than that of the conventional method, it cannot be denied that a third party can accidentally find out the personal authentication key by repeating the scene identification over and over again. For this,
1) One identity authentication key is obtained by answering a plurality of keywords.
2) If there are multiple operation mistakes, no operation is accepted for a certain period of time.
Can be realized as usual.

  It is to be noted that providing an application that uses the personal authentication method of the present invention as it is without using a conventional password type personal authentication key provides a high security effect. However, for that purpose, it is necessary to change the application of each device using the conventional password method personal authentication key to the application of the device of this example. As a result, it is necessary to construct an infrastructure for this purpose. Therefore, instead of using the personal authentication method of the present invention as it is, the “password type personal authentication key” is encrypted with an encryption key (S11 in FIG. 1) generated in the apparatus using the personal authentication method of the present invention. This problem can be solved by decrypting the “password-based authentication key” with the encryption key (S11 in FIG. 1) stored in the device and using the authentication method of the present invention. In other words, the password authentication key that has many exposure opportunities and is easy to be seen by a third party is changed frequently, while the security is changed to keep the security, but the authentication key of the present invention that is hard to be seen by a third party is changed. There is no need to do.

  In the personal authentication of the present invention, “audio media data and image media data reproduced by a playback device”, “pre-registered device operation procedure” and an authentication key to be concealed from a third party or concealed from a third party. By storing a part or all of the encrypted data in the external device or the external storage element as much as possible, even if only the device including the playback device passes to a third party, the security is not affected. Furthermore, by separately storing “sound information, still image information, video information” played by the playback device and “pre-registered device operation procedure” in a “memory element that can be separated independently” , There is a security improvement effect.

  Next, the configuration of a playback apparatus that actually executes the processing described so far and the details of the processing executed by the configuration will be described with reference to the drawings from FIG. FIG. 2 is a block diagram showing an example of the configuration of the multimedia playback apparatus according to the present embodiment. Here, a user input unit 151 is provided, a sound is emitted from the speaker 106 (or a headset), and a moving image or a still image is reproduced on the screen of the display unit 110. As an example, a case where the text is scroll-displayed will be described.

  In FIG. 2, a recording medium 101 is a memory for storing multimedia data to be reproduced. This memory is composed of, for example, a nonvolatile memory. This memory is 1) a memory device that stores data after receiving data via communication means such as LAN, IRDA, USB, BLUETOOTH (trademark) (hereinafter, these are simply referred to as communication means), and 2) It includes a memory device that can be attached to and detached from the playback device, and 3) any or all of the devices built in the playback device.

Further, it may be a volatile memory in which data is deleted when the playback device is turned off.
The work memory 153 is for temporarily storing intermediate work data shown in the registration sequence, for example, and is composed of a volatile memory, for example. Since the signal line between the working memory 153 and the playback control unit 111 has a plaintext signal exchange described later, it is usually provided with an appropriate tamper resistance so that the plaintext signal does not leak to the outside. Is preferred.

  The non-volatile memory 152 stores the encrypted “pre-registered device operation procedure” data, the authentication key to be hidden from the encrypted third party, and the data to be hidden from the third party. All in the same device. Alternatively, some or all of them may be detachable.

  Alternatively, the recording medium 101 may be on the external memory via the same or different communication means.

  Note that these procedures and data are encrypted by the reproduction control unit 111 for the purpose of maintaining security and are transmitted and written in the memory. When using the encrypted data, it is read out from the non-volatile memory 152 in an encrypted form, is plainly read by the reproduction control unit 111, and is placed in the work memory 153 as temporary data for processing.

  The multiplexed data separation unit 102 performs a format check of the multiplexed data input from the recording medium 101 or a judgment as to whether or not playback is possible. In addition, audio, video, and text media data are separated in units of samples and output to the audio media buffer unit 103, the video media buffer unit 106, and the text media buffer unit 108 together with the reproduction start time. At this time, the data is output while checking the empty information of the media buffer. Basically, it is a stuffing type that does not make room in the buffer. Each reproduction start time of the output audio media data, video media data, and text media data is sent to the reproduction control unit 111 as information during reproduction. That is, it is possible to read the reproduction start time information (= scene information) of the multimedia data currently read from the buffer. However, each media buffer unit 103, 106, 108 may send similar information to the playback control unit 111. Although the playback start time is used here, it may be information that can be correlated with the information being played back, such as unique address information and frame information possessed by files constituting the multimedia data.

  The user input unit 151 is a user interface such as a key, jog dial, or voice recognition input. In the case of voice recognition input, for example, when the user speaks “play”, the play key is pressed, when the “stop” is spoken, the stop key is pressed, when “next” is spoken, the fast forward operation is performed, and when “return” is spoken, the rewind operation is performed. For example, a series of operations can be instructed by voice.

  In response to an instruction from the user input unit 151, the playback control unit 111 receives a multiplexed data separation unit 102, an audio media buffer unit 103, an audio decoding unit 104, a video media buffer unit 106, a video decoding unit 107, and a text media buffer unit 108. The text decoding unit 109 is controlled to start reproduction, pause, seek (including fast forward, rewind, frame advance, frame reverse, pause, etc.). In addition, in the video sample, a signal for controlling the display of each video frame, which is one decoded image, may be sent from the video media buffer unit 106 to the video decoding unit 107 separately from the decoding of the data. . Further, control processing, encryption / decryption of the present invention, which will be described in detail later, is also performed.

  The audio media buffer unit 103 compares the reference time of the system notified from the reference timer 112 with the reproduction start time stored in the buffer, and outputs sample data to the audio decoding unit 104 at a desired timing. Further, under the control of the reproduction control unit 111, operations such as data output start, data output stop, or buffer data clear are performed. However, the multiplexed data separation unit 102 may perform the same control. The voice decoding unit 104 immediately decodes the input sample data, outputs it to the speaker or the headset 105, and plays a sound.

  The video media buffer unit 106 and the video decoding unit 107 perform the same processing as the audio media buffer unit 103 and the audio decoding unit 104 on the video media, and output the video data to the monitor 110. In the case of a still image, sample data is immediately output to the decoding unit regardless of the playback start time.

  The text media buffer unit 108 and the text decoding unit 109 perform the same processing on the text media as the audio media buffer unit 103 and the audio decoding unit 104, and output text data to the monitor 110.

  Next, refer to FIG. 3 for the internal configuration of the audio media buffer unit 103 and the audio decoding unit 104, the internal configuration of the video media buffer unit 106 and the video decoding unit 107, and the internal configuration of the text media buffer unit 108 and the text decoding unit 109. To explain.

  In FIG. 3, the address control unit 201 controls the address of the buffer 202 to store the input reproduction start time and audio, video, or text media sample in the buffer 202 so as to be in a table data format.

  The buffer 202 stores the media data output from the address control unit 201 and outputs it at the timing obtained from the output synchronization unit 203. Since the reference time of the system is notified from the reference timer 112, the output synchronization unit 203 compares the reproduction start time in the table data stored in the buffer 202 with the reference time, and decodes the media data if they match. Output to the section.

  The time measuring unit 204 obtains the difference between the reproduction start time of the media data to be output this time and the reproduction start time of the media data to be output next time from the table data stored in the buffer 202, and outputs the difference as the reproduction continuation time to the decoding unit 205. Output. This utilizes the fact that the reproduction start time and sample data table data are always stored in the buffer 202 a plurality of times. However, in streaming playback or the like, data to be output next time may not yet arrive, and in this case, there are not a plurality of such data.

  In that case, since media data that has not reached cannot be used, only media data that has already reached continues to be reproduced. In general, video media data requiring the widest bandwidth is insufficient first, followed by audio media data, and finally text media data. If the next media data is not input even after the playback duration, error processing such as a data transmission request, issuance of an error message, retention of the currently output image data, and audio mute to prevent noise is performed.

  The decoding unit 205 immediately decodes the input media data and outputs it to the buffer 207. The buffer 207 outputs the media sample output from the decoding unit 205 to the speaker or headset 105 if it is audio media data, and outputs it to the monitor 110 if it is video media data or text media data.

  Next, the operation of the media buffer units 103, 106, and 108 will be described using the flowchart of FIG. The time measuring unit 204 calculates the reproduction duration time of the media data output this time from the table data stored in the buffer 202 (step S21). The output synchronization unit 203 obtains the reference time of the system from the reference timer 112 (step S22), compares the reproduction start time and the reference time in the table data stored in the buffer 202, and determines whether or not the reproduction timing is reached. (Step S23). If the playback start time and the reference time match, the media data and the playback duration time obtained above are output to the decoding unit 205 (step S24). In the case of media data whose playback duration is fixed, a predetermined value may be used without calculating the playback duration.

  Next, the correct answer scene registration process will be described with reference to the flowchart of FIG. By the operation with respect to the user input unit 151, the playback device transits to the correct answer scene registration mode. Here, the device waits for an index keyword to be input to the user input unit 151 (step S31). An index keyword is an authentication key to be concealed from a plurality of stored third parties or data to be concealed from third parties. This is for the user to identify whether to decode data as much as possible, and a word such as “bank PIN” or “mail PIN” is input. When the index word is input, the input content (text character or voice) is recorded in the work memory 153 which is a temporary storage area (step S32). Here, 1 is first set as the number m corresponding to the number of digits of the password (step S33).

  Next, it enters a keyword input waiting state for the first scene (step S34). This keyword is for the purpose of allowing the user to associate the scene. As described above, when setting a scene that the user can easily associate without using the keyword, enter the keyword for the purpose of improving security. You may enter a blank. When a keyword for the first scene is input, the input content (text character or voice) is recorded in the work memory 153, which is a temporary storage area (step S35).

  Next, multimedia data including a scene to be associated with an authentication key to be hidden from a third party and data to be hidden from a third party is read into the recording medium 101 (step S36). Note that data previously written in the recording medium 101 may be used. Next, the multimedia data is reproduced. Note that any function of the corresponding device such as rewind, fast forward, and top feed may be used until the scene is reached to be associated with the authentication key in the multimedia data during reproduction of the multimedia data. Further, it is also possible to jump to immediately before the scene and start playback from there without starting playback (step S37).

  Then, the name of the multimedia data file being reproduced and the scene information of the multimedia file when the correct answer key is pressed are captured. This time is the correct answer range start time (steps S38 to S40). Next, the scene information of the multimedia file at the time when the correct answer key is pressed is captured. This time is the correct answer range end time (steps S41 to S42). Note that “capture” here means storing in the work memory 153, and “information storage” means encrypting and storing in the information storage memory 152.

  Any scene included from the start point of the correct answer range to the end point of the correct answer range is regarded as a correct answer. The user may set this range during normal speed playback, or may set this range during slow playback or top playback. Alternatively, this range may be set during pause playback. If it is set during pause playback, only that one frame is considered a correct answer. Still images are handled in the same way as pause playback, and are stored as scenes having only the file name of still image media data without the concept of time. Further, in this example, the setting example is made while the correct answer key is continuously pressed. However, it goes without saying that this restriction does not occur if it is divided into key operations of two presses from here to here. Further, in this example, a dedicated key called a correct answer key is used, but a stop key, a pause key, or the like may be used as long as there is a restriction on keys that should not be used during media file playback. However, in that case, the original function does not operate while being pressed, and is used for the storage purpose of the present invention. When the pressing is stopped, it is used for the storage purpose of the present invention and the original function is also operated.

  Next, the user determines whether to enable the guard band. The guard band is a “delay time until the user visually confirms a desired scene and presses the correct answer key” in stream media having the concept of time (this delay time is illustrated in FIGS. 8 will be described later). Therefore, it is unnecessary for still image data that does not have a concept of time, and it is better to disable it for the purpose of improving the security level even when a scene of a very short section is set by pause or frame advance. belongs to. In addition, the guard band time may be set by the user so as to be appropriate for each scene without being described (step S44). At this point, playback stops (step S45), and a wait state is entered as to whether or not to register the second scene (step S46). When registering, m = 2 and the same sequence as described above is taken (step S47).

  In the case of completion, first, the number M of scenes is stored (step S48), and then an authentication key to be concealed from a third party to be associated with these scenes and data input to be concealed from the third party are accepted ( In step S49), an authentication key to be hidden from a third party and data information to be hidden from a third party are captured (step S50). Here, as an authentication key to be hidden from a third party and a data input method to be hidden from a third party, not only through the user input unit 151 but also a communication path connected to the nonvolatile memory 152 is used. For example, the user may directly specify the file name of the data to be hidden without inputting the authentication key to be hidden from the third party or the data to be hidden from the third party. Finally, the data recorded in the working memory 153 which is a temporary storage area is sequentially read out, and after the DES encryption, for example, is performed by the reproduction control unit 111, the data is written in the nonvolatile memory 152 (step S51).

  In the above example, “any scene included from the start point of the correct answer range to the end point of the correct answer range is regarded as a correct answer”, but “included from the start point of the correct answer range to the end point of the correct answer range”. If the correct answer key is pressed so as to include all scenes, it is considered as a correct answer "(that is, the correct answer key is kept pressed in the correct answer section, or the correct answer key is pressed once and pressed again at the completion time).

  Next, the correct answer scene reading sequence will be described with reference to the flowchart of FIG. By the operation on the user input unit 151, the device (playback apparatus) transitions to the correct answer scene reading mode. Here, the present device waits for an index keyword to be input to the user input unit 151. The selectable keywords may be displayed as a menu on the display unit 110 (step S61).

  When the index keyword is determined, the data corresponding to the index keyword n (the data stored in step S51) is read into the reproduction control unit 111, decrypted by the reproduction control unit 111, and then the work in the temporary storage area Is recorded in the memory 153 (step S62). Here, 1 is first set as the number m corresponding to the number of digits of the password (step S63). Then, the keyword for the first scene is output from the speaker or headset 105 or displayed on the display unit 110 (step S64).

  Here, the user starts data reproduction and waits until the correct answer scene is reached (step S65). In the middle of file playback, rewind, fast forward, top feed, etc. until reaching the scene to be associated with the authentication key to be hidden from the third party in the multimedia file or data to be hidden from the third party Any function of the corresponding device may be used. Further, it is also possible to jump to immediately before the scene and start playback from there without starting playback (steps S65 to S66). If the correct answer key is pressed before reaching the correct answer scene, the process ends with an error (step S72). An example of correct answer / wrong answer discrimination processing will be described later. If it is determined that the answer is incorrect, the process ends in error. If it is determined that the answer is correct (step S68), it is determined whether the number of scenes M is satisfied. If not satisfied, m = 2 and the same sequence as described above is taken (steps S70 to S71). If satisfied, the authentication key can be extracted to be hidden from the associated third party, and the data can be extracted to be hidden from the third party. The authentication key to be concealed from the third party extracted here and the data to be concealed from the third party may be displayed on the speaker or headset 105 or the monitor 110, or may be displayed on the recording medium 101. You may send directly to an external device via the same or another communication means.

  Next, an example of processing for determining a correct answer during the reading sequence will be described. First, the case of stream data will be described with reference to the flowchart of FIG. 7. When a correct answer scene is started during the reproduction of stream data, for example, a timer 2 for counting for 1 second is started (step S81), it is determined whether or not the correct answer key has been pressed (step S82). Here, when it is determined that the correct answer key has been pressed, it is assumed that the answer is correct.

  When it is determined that the correct answer key has not been pressed, it is determined whether or not the timer 2 has timed out (step S83). If not timed out, the process returns to step S82. If it is determined that a time-out has occurred, it is determined whether or not the correct answer scene has ended (step S84). If the correct answer scene has not ended, the process returns to the determination in step S82. If it is determined that the correct answer scene has been completed, for example, the timer 3 that counts for 0.5 seconds is started (step S85), and it is determined whether or not the timer 3 has timed out (step S86). If not timed out, the process returns to step S82. If it is determined that a time-out has occurred, it is determined to be an incorrect answer (ie, it is determined that there is no correct answer input).

  8A and 8B are diagrams showing the relationship between the detection period of pressing the correct answer key and the timers 2 and 3. FIG. When inputting the correct answer, a delay time is required until the desired scene is visually confirmed and the correct answer key is pressed. Here, even when the time from the start to the end of the correct answer scene is short, the time until the user responds and presses the key is set as “interval (guard band)”. Also, a “interval (guard band)” of 0.5 seconds is set so that even if the correct answer scene is about to end, the correct answer is recognized even if the correct answer key is pressed.

  If the time from the start to the end of the correct answer scene is short (shorter than the count period of timer 2), as shown in FIG. Count period "+" Timer 3 count period ". When the time from the start to the end of the correct answer scene is longer than the count period of the timer 2, as shown in FIG. 8B, the detection period of pressing the correct answer key is “correct answer scene period” + “timer 3 count periods ”.

  Next, an example of processing for determining a correct answer in the case of non-stream data in the middle of a read sequence will be described with reference to the flowchart of FIG. 9. When reproduction of a correct answer image (such as a still image) starts, for example, The timer 2 for counting for 3 seconds is started (step S91), and it is determined whether or not the correct answer key has been pressed (step S92). Here, when it is determined that the correct answer key has been pressed, it is assumed that the answer is correct.

  When it is determined that the correct answer key has not been pressed, it is determined whether or not the timer 2 has timed out (step S93). If not timed out, the process returns to step S92. If it is determined that a time-out has occurred, it is determined to be an incorrect answer (ie, it is determined that there is no correct answer input).

  By making such a determination, if the correct answer key is pressed within 3 seconds from the start of the reproduction of the correct answer image until the timer 2 times out, the correct answer is processed.

  In the above-described embodiment, an example in which encryption and decryption are performed using the playback device configured exclusively for media data playback having the configuration illustrated in FIGS. 1 and 2 has been described. A program (application) for executing the processing of the present invention may be installed in various data processing devices such as devices to perform the same processing.

It is explanatory drawing which showed the flow of the encryption by the embodiment of this invention, and a decoding. It is a block diagram which shows the structural example of the reproducing | regenerating apparatus by one embodiment of this invention. It is a block diagram which shows the decoding part by one embodiment of this invention, and its peripheral structure example. It is a flowchart which shows the operation example of the media buffer part by one embodiment of this invention. It is a flowchart which shows the example of the registration sequence by one embodiment of this invention. It is a flowchart which shows the example of the read-out sequence by one embodiment of this invention. It is the block diagram which showed the example of the key release process (in the case of stream type data) by one embodiment of this invention. It is explanatory drawing which shows the example of a correct answer detection by one embodiment of this invention. It is the block diagram which showed the example of the key release process (in the case of non-stream system data) by one embodiment of this invention.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 101 ... Recording medium, 102 ... Multiplexed data demultiplexing unit, 103 ... Audio media buffer, 104 ... Audio decoding unit, 105 ... Speaker, 106 ... Video media buffer, 107 ... Video decoding unit, 108 ... Text media buffer, 109 ... Decoding 110, display unit, 111 ... playback control unit, 112 ... reference timer, 151 ... user input unit, 152 ... non-volatile memory, 153 ... working memory, 154 ... communication medium, 201 ... address control unit, 202 ... buffer, 203 ... Output synchronization unit, 204 ... Time measurement unit, 205 ... Decoding unit, 207 ... Buffer

Claims (10)

Store pre-registered device operation procedure data and data that should be hidden from encrypted third parties,
A reproduction method for decrypting and reproducing the data to be concealed from the encrypted third party when there is a user operation that matches the stored operation procedure data of the device. The reproduction method according to claim 1,
The operation method of the device is an operation procedure of a reproduction position of a specific medium. The reproduction method according to claim 2, wherein
The reproduction position operation procedure is an operation procedure for instructing a plurality of reproduction positions. The reproduction method according to claim 1,
The data to be hidden from the third party is an authentication key to be hidden from the third party or data to be hidden from the third party. The reproduction method according to claim 1,
A reproduction method for encrypting and storing operation procedure data at the reproduction position. Storage means for storing pre-registered device operation procedure data and data to be hidden from an encrypted third party;
Decoding means for decoding data to be concealed from a third party stored in the storage means;
An input means for receiving operation inputs;
A playback apparatus comprising: a control unit configured to execute decoding by the decoding unit when the operation input by the input unit and the operation procedure stored in the storage unit are compared and regarded as coincident. The playback device according to claim 6.
The operation input by the input unit and compared by the control unit is an operation related to a reproduction position of a specific medium. The playback device according to claim 7, wherein
The data relating to the operation of the reproduction position stored in the storage means is data indicating a plurality of reproduction positions, and when all of the plurality of reproduction positions are input by the input means, the control means is the decoding means A playback device that performs decoding on the computer. The playback device according to claim 6.
The data to be hidden from a third party stored in the storage means is an authentication key to be hidden from a third party or data to be hidden from a third party. The playback device according to claim 6.
A reproducing apparatus for encrypting and storing operation procedure data at a reproduction position stored in the storage means.

Images