JP4237131B2 - Encrypted data communication device - Google Patents

Description

  The present invention relates to an encrypted data communication device such as a transmission terminal device that transmits encrypted data and a reception terminal device that receives encrypted data, and more particularly to a technique for communicating effective encrypted data.

Advances in network transmission technology have made it possible to monitor video data shot by a shooting device such as a WEB camera in real time through a network. On the other hand, ensuring the security of a third party who tries to steal or tamper with packet data flowing on the network has become an important issue. Therefore, encryption technology for avoiding attacks from third parties has become an essential technology for network transmission, and research is ongoing.
Usually, since the bandwidth is limited in transmission using a network, the captured video data is compressed using a compression algorithm such as MPEG-4 or JPEG, and this compressed stream is divided into IP packets compliant with the RFC standard. Is transmitting. Existing technologies for ensuring security include IPsec that encrypts / authenticates IP packets at the network layer and SSL that authenticates and encrypts sessions at the application layer, but IPsec has a heavy load on the client side, SSL is an application There are some issues such as depending on

  In particular, in a remote monitoring system using a Web camera, the system setting is simple, the construction / operation can be made flexible such as the degree of freedom of the installation location of the photographing apparatus, the running cost can be suppressed, and the application It is required to ensure high safety without depending on it. For this reason, in a remote monitoring system using a Web camera, it is important to ensure security against attacks such as snooping and tampering by a third party. For example, the development of products that encrypt the content data itself at the application layer and improve the security without affecting the existing network devices is being promoted, and the method of encrypting the content itself is becoming mainstream.

Cryptographic algorithms used in the product include block encryption methods such as 3DES (3 Data Encryption Standard) and AES (Advanced Encryption Standard) approved by NIST (National Institute of Standards and Technology), and high-speed and large-capacity communication. There are streaming encryption schemes such as MUGI (Multi Giga cipher) and MULTI-S01 suitable for encryption processing.
In the conventional example and the examples described later, as an example, MUGI, which is one of the streaming encryption methods recommended by the electronic government, will be described.

FIG. 6 shows an example of an internal functional block of the encryption processing unit in MUGI.
The MUGI encryption processing unit generates a random number sequence 51 that generates a random number sequence that is uniquely determined when a 128-bit secret key and a 128-bit initial vector are input, and a random number sequence generated by the pseudo-random number generator 51 and an input The operation unit 52 outputs an encrypted stream obtained by exclusive ORing the plaintext stream.
When the secret key and the initial vector are input, the pseudo random number generator 51 generates a random number sequence while repeating the state transition after initializing the internal state, and performs exclusive OR operation on the random number sequence and the input plaintext stream for each bit. The resulting encrypted stream is output from the computing unit 52.

FIG. 7 shows an example of an internal functional block of a decoding processing unit in MUGI.
Similarly to the encryption processing unit, the decryption processing unit is also generated by a pseudo-random number generator 61 that generates a random number sequence that is uniquely determined when a 128-bit secret key and a 128-bit initial vector are input. The arithmetic unit 62 outputs the plaintext stream before encryption by exclusively ORing the random number sequence and the input encrypted stream.
That is, the system always returns to the original plaintext stream by executing the exclusive OR twice during encryption and decryption. Therefore, in operation, it is assumed that the random number sequences generated from the pseudo random number generators 51 and 61 of the transmission / reception terminal device match (synchronize).

  Usually, in transmission using a network, IP packet loss occurs due to congestion or the like. For this reason, the IP packet that should have arrived is lost, and in the case of the streaming encryption method using MUGI, the synchronization between the pseudorandom number generator 51 on the transmission side and the pseudorandom number generator 61 on the reception side occurs. . Once the synchronization is lost, the subsequent encryption stream cannot be decrypted into a correct plaintext stream by the decryption processing unit, which causes a problem in system operation.

Conventionally, in order to cope with such a problem, the secret key or initial vector of the pseudo random number generators 51 and 61 is periodically updated or reset, and the random number sequence generated by the pseudo random number generators 51 and 61 is periodically updated. Thus, measures have been taken to avoid the random number sequences from being mismatched by combining them at the transmission / reception terminal device or inserting dummy data corresponding to the loss at the decryption processing unit at the time of packet loss.
For example, there is a conventional example in which a key for decryption is transmitted at a predetermined transmission interval (see, for example, Patent Document 1).
In particular, when encrypting a data stream such as MPEG-4, the user and data assigned in advance as a stream syntax according to the standard are used to describe keys and initial vectors and update them periodically. A method is adopted in which the random number sequences generated by the pseudo-random number generators 51 and 61 are matched.

FIG. 8 shows the MPEG-4 stream syntax.
The syntax of the MPEG-4 stream is defined by ISO / IEC14496. In general, it can be classified into a Stream_Header part and an Application_Data part.
The Stream_Header part is a codec-dependent header part, which mainly describes information related to the stream configuration, and is composed of four unique headers composed of bit patterns that are prohibited from appearing in the Application_Data part, that is, VS. (Visual_object_sequence_start_code) header, VO (visual_object_start_code) header, VO (video_object_start_code) header, VOL (video_object_layer_start) header, te (including video_object_layer_start), and VOL (video_object_start_code) header.

The Application_Data portion starts from a GOV (group_vop_start_codes) header, and after a user_data area that can be used by the user according to the application, a unique VOP (vop_start_code) header and MB (Macro_Block) data corresponding to a frame are alternately followed. It has a configuration. A frame is composed of a set of VOP and MB, and MB (I-VOP) is used in the first frame.
Note that the unique VOP header is guaranteed by the MPEG standard so that the value determined as the header does not appear in a data portion such as a macroblock (MB). However, if a macro block (MB) or the like is encrypted, there is a possibility that the same value as the unique header value is generated by chance.

Here, the refresh timing at which the Stream_Header portion appears again after the Application_Data portion is not determined by the standard, and the cycle varies depending on the setting of the size of the image to be compressed and the bit rate.
For this reason, it is very difficult for the decryption processing unit on the receiving side to identify which bit string of the encrypted stream corresponds to the key or the initial vector. Therefore, in the conventional encryption technology, the Stream_Header part depending on the codec is not encrypted for use as a synchronization marker on the encrypted stream, and only the MB of the Application_Data part of the MPEG-4 stream is encrypted.
As described above, conventionally, when encryption is applied to a compressed stream such as MPEG-4 due to the problem of synchronization detection of the encrypted stream received on the receiving side, the Stream_Header part describing the stream information is not encrypted. .

JP 2003-174441 A

As described above, in the conventional encryption method, since the Stream_Header part describing the compressed stream information is not encrypted, for example, by collecting periodically exchanged packets, a third party collects the application data The stream information including the type and the added initial vector is estimated, which may lead to a decrease in confidentiality.
In addition, there is a possibility that the unique code of the Stream_Header part used as a synchronization marker may appear by accident in the encrypted MB part. In the conventional method using the unique code of the Stream_Header part as a synchronization marker, erroneous recognition A process for avoiding this was necessary, and the circuit scale was large.

Specifically, in order to perform processing for avoiding erroneous recognition of the synchronous marker, for example, a circuit scale for preparing a memory and comparing data is increased. As an example, in order to avoid misrecognition, a determination is made so as to recognize the data before and after the synchronization marker, and it is determined whether it is the original synchronization marker or the same value as the synchronization marker that appears by accident. So that they can be distinguished.
The macroblock (MB) before encryption is guaranteed by the standard so that the same value as the unique code does not appear. However, when the macroblock (MB) is encrypted, it is encrypted. As a result, a non-standard value, that is, a unique code may appear.

Also, since the amount of MB data corresponding to an MPEG stream frame increases or decreases depending on the input image, for example, when an MB with a large amount of data continues, the load of encryption processing increases, and the entire apparatus becomes large. It led to a drop in performance. In particular, when stream data corresponding to megapixels is encrypted / decrypted, there is a significant problem that fluctuations in processing load lead to performance degradation.
Thus, the conventional encryption method has mainly three problems.

The present invention has been made to solve such a conventional problem, and an object thereof is to provide an encrypted data communication apparatus capable of communicating effective encrypted data.
Specifically, in the present invention, for example, a transmitting terminal device for transmitting encrypted data, which can improve confidentiality, reduce the circuit scale, and improve device performance, An object of the present invention is to provide a receiving terminal device that receives digitized data.

In order to achieve the above object, the encrypted data communication apparatus according to the present invention communicates encrypted data with the following configuration.
That is, the data processing means is an encryption method that encrypts all or part of a fixed-length bit stream corresponding to the header (Header) and user data (user_data) included in the compressed stream of data to be communicated. Perform the corresponding process. Data communication means communicates the encrypted data processed by the data processing means.

For example, in the transmission terminal device, compression processing means for compressing data to be communicated to obtain a compressed stream, and all of the fixed-length bit stream corresponding to the header and user data included in the obtained compressed stream Alternatively, an encryption processing unit (data processing unit) for encrypting a part and a transmission unit (data communication unit) for transmitting the encrypted data (encrypted data) are provided.
In the receiving terminal device, the receiving means (data communication means) for receiving the encrypted data, the decryption processing means (data processing means) for decrypting the encrypted part of the received encrypted data, and the decryption processing means are obtained by the decryption. Decompression processing means for decompressing the compressed stream.

Therefore, for example, the confidentiality of the data can be improved by encrypting the header included in the compressed stream, and the data to be encrypted because the portion to be encrypted has a fixed length. Since the fluctuation of the amount can be suppressed, the performance of the apparatus can be improved, and thus effective encrypted data can be communicated.
Here, as data to be communicated, various data such as text data, video (image) data, audio data, and the like may be used.
Various methods may be used as the compression method.
Various methods may be used as an encryption method.
Further, the entire fixed length bit stream corresponding to the header and user data included in the compressed stream may be encrypted, or a part thereof may be encrypted. Other parts are not encrypted.

The encrypted data communication apparatus according to the present invention has the following configuration as one configuration example.
That is, the data processing means inserts a predetermined code into a non-encrypted part in the application data (Application_Data) part included in the compressed stream and uses the code as all or part of a synchronization code (synchronization marker). The process corresponding to the method is executed.

For example, in the transmission terminal device, the encryption processing means (the data processing means) inserts a predetermined code into a non-encrypted part in the application data part included in the compressed stream.
In the receiving terminal device, the decryption processing means (the data processing means) decrypts the encrypted portion in the encrypted data using only the code or a combination of the code and another data portion as a synchronization code. In addition, the code is deleted.

Therefore, for example, by inserting a predetermined code and using it as a synchronization code, it is possible to reduce the circuit scale by omitting a circuit for avoiding erroneous recognition of the synchronization code, and in the non-encrypted part. By inserting a predetermined code, it is possible to improve the confidentiality of data, and it is possible to communicate effective encrypted data.
Here, various codes may be used as the predetermined code.
Further, the entire synchronization code may be composed of a predetermined code, or a part of the synchronization code may be composed of a predetermined code.
Various positions may be used as the position where the predetermined code is inserted.

The encrypted data communication apparatus according to the present invention has the following configuration as one configuration example.
That is, the compressed stream is a data in which data is compressed by the MPEG method.
The data processing means executes processing corresponding to a method of inserting the predetermined code into the MB of a predetermined frame.
For example, in the transmission terminal device, the encryption processing means (the data processing means) inserts the predetermined code into the MB of a predetermined frame when encrypting a compressed stream by the MPEG method.
Therefore, effective encrypted data can be communicated when communicating a compressed stream by the MPEG system.
Here, various frames may be used as the predetermined frame.

The present invention can also be provided as a method, a program, or a recording medium storing the program for performing various processes as described above.
For example, it is possible to provide a program that is executed by a computer that constitutes the apparatus according to the present invention and that realizes the functions for performing the various processes described above by the computer.
Further, the present invention is a recording medium that stores a program to be executed by a computer constituting the apparatus according to the present invention so as to be readable by an input unit of the computer, and the program causes the computer to execute various processes as described above. It is possible to provide a recording medium characterized by the above.

As described above, according to the encrypted data communication apparatus of the present invention, all of the fixed-length bit stream corresponding to the header (Header) and user data (user_data) included in the compressed stream of data to be communicated. Alternatively, since a part of the data is encrypted, effective encryption can be realized.
Further, according to the encrypted data communication apparatus of the present invention, a predetermined code is inserted into a non-encrypted part in the application data (Application_Data) part included in the compressed stream, and the code is replaced with a synchronization code (synchronization marker). Since all or part of the data is used, effective encrypted data communication can be realized.

An embodiment according to the present invention will be described with reference to the drawings.
FIG. 1 shows a configuration example of an encrypted data communication system according to an embodiment of the present invention.
The encrypted data communication system of this example is configured by connecting a transmission terminal device 1 and a reception terminal device 2 via a network 3.
The transmission terminal device 1 includes an input unit 11, a compression unit 12, an encryption processing unit 13, and a LAN (Local Area Network) interface unit 14 as internal function blocks.
The receiving terminal device 2 includes a LAN interface unit 21, a decoding processing unit 22, a decompressing unit 23, and an output unit 24 as internal function blocks.

An example of a schematic operation performed by the transmission terminal device 1 is shown.
The input unit 1 converts an analog video signal input from, for example, a camera (not shown) into a digital video signal and outputs the digital video signal to the compression unit 12.
The compression unit 12 compresses the video of the digital video signal input from the input unit 11 using a compression algorithm such as JPEG or MPEG, and outputs a compressed stream obtained by the compression to the encryption processing unit 13.
The encryption processing unit 13 performs a predetermined encryption process on the compressed stream input from the compression unit 12, converts the compressed stream into an encrypted stream, and outputs the encrypted stream to the LAN interface unit 14.
The LAN interface unit 14 divides the encrypted stream input from the encryption processing unit 13 into packets, adds a packet header compliant with the RFC standard, for example, and then sends the packet to the network 3 as an IP packet.
The network 3 transmits the IP packet output from the transmission terminal device 1 to the reception terminal device 2.

An example of a schematic operation performed by the receiving terminal device 2 is shown.
For the IP packet received via the network 3, the LAN interface unit 21 separates the header part and the payload part of the IP packet, returns the encrypted payload part to the encrypted stream, and sends it to the decryption processing part 22. Output.
The decryption processing unit 22 performs decryption processing on the encrypted stream input from the LAN interface unit 21, converts the encrypted stream into a plaintext compressed stream, and outputs the plaintext compressed stream to the decompression unit 23.
The decompression unit 23 performs decompression processing on the compressed stream input from the decoding processing unit 22, decompresses the compressed stream into an uncompressed digital signal, and outputs the decompressed digital signal to the output unit 24.
The output unit 24 converts the uncompressed digital signal input from the decompression unit 23 into a format suitable for a player (not shown) and outputs the converted signal to the player.
Note that the compression processing method performed by the transmission-side compression unit 12 and the decompression processing method performed by the reception-side decompression unit 23 correspond to each other, and the encryption processing performed by the transmission-side encryption processing unit 13 is performed. This method corresponds to the method of decoding processing performed by the decoding processing unit 22 on the receiving side.

Next, operations performed by the encryption processing unit 13 on the transmission side and operations performed by the decryption processing unit 22 on the reception side will be described in detail.
In this example, it is assumed that the compression algorithm used in the compression unit 12 on the transmission side is MPEG-4, and the encryption algorithm used in the encryption processing unit 13 on the transmission side and the decryption processing unit 22 on the reception side is MUGI. explain.
In this example, the case of handling video is shown, but the processing target is not limited to video, and for example, it is possible to deal with all of various applications having a unique stream header.

FIG. 2 shows an example of internal functional blocks of the encryption processing unit 13 on the transmission side in this example.
The encryption processing unit 13 of this example includes a pseudo random number generator 31, a calculation unit 32, a header detection unit 33, and a redundant code insertion unit 34.
FIG. 3 shows an example of internal function blocks of the decoding processing unit 22 on the receiving side in this example.
The decryption processing unit 22 of this example includes a pseudo-random number generator 41, a calculation unit 42, a redundant code detection unit 43, and a redundant code deletion unit 44.

FIG. 4 shows the syntax of the MPEG-4 compressed stream and the portion to be encrypted in this example. This compressed stream corresponds to a signal output from the compression unit 12 and is encrypted by the encryption processing unit 13.
In this example, all of the fixed length stream header part (Stream_Header part) and the variable length application data part (Application_Data part) from the GOV to the user data (user_data) are encrypted, and immediately after the user_data. No encryption processing is applied to the Application_Data portion from the VOP header to the refresh timing when the VS header appears next.

  Here, as another configuration example, in order to increase the encryption strength, it is also possible to encrypt the VOP header that is a unique code included in the Application_Data portion. Since the size of each macroblock (MB) is not fixed, when encrypting the VOP header, processing for adding information such as the data size of each MB to the stream in order to grasp the area of each MB I do.

In this example, a part of the Application_Data part is not encrypted (decrypted), but since the Application_Data part itself is a compressed stream, even if the stream is stolen on the network, it corresponds to the compression algorithm for playback. This non-encryption reduces the encryption strength because it is necessary to perform the decompression process, and even if the stream is tampered with, it is unlikely to be displayed correctly due to the frame correlation peculiar to MPEG-4. Not connected.
Note that the decompression process corresponding to the compression algorithm is necessary for reproduction, which means that decompression is not possible even if there is an MPEG-4 decoder, and the information in the Stream_Header part is necessary for decompression. In this example, instead of using the macroblock (MB) as non-encrypted data, the Stream_Header portion necessary for the decompression is encrypted, so that the encryption strength does not deteriorate.

Here, a specific example of what information in the Stream_Header part is information necessary for decompression will be described. Note that the present invention is not necessarily limited to this specific example.
For example, a VS header, a VO header, a VOH header, and a VOL header are 4-byte unique codes, and are necessary as synchronization markers for identifying the head of the stream when decompressing. Further, for example, the information of vop_time_increment_resolution is 16-bit information indicating the number of sub-intervals that divide one modulo time base into equal intervals, and without this information, frames cannot be reproduced and displayed normally. .

  Also, in this example, in order to specify the bit string encrypted on the receiving side, a unique code that is prohibited from appearing in the Application_Data part according to the standard at the predetermined position of the Application_Data part that is not encrypted is specified on the transmitting side. Insert a sync marker. On the receiving side, the bit string of the encrypted part is specified based on the synchronization marker, and decryption processing is performed. The value used as the synchronization marker is set in advance on the decoder side (reception side) together with the encoder side (transmission side), for example. Further, for example, the position of the bit string of the encrypted portion is specified based on the synchronization marker, such as “a period from the synchronization marker (in this example, VOP + VS) to 102 bytes before is a bit string of the encrypted portion”. The possible information is set in advance on the decoder side.

FIG. 5 shows an example of the format of the position where a unique redundant code is inserted into the encrypted stream.
In this example, a unique 4-byte bit string (hereinafter referred to as a VS header) that matches the bit string of the VS header is inserted immediately after the VOP header following user_data in the Application_Data section. In this case, since the 4-byte VOP header and the 4-byte VS header are continuous, 8 bytes are allocated to the synchronization marker.
Furthermore, according to the standard, an intra-coded MB (I-VOP) is to come immediately after the VOP header following user_data, so that a unique redundant code is inserted into the I-VOP and thereafter. Subsequent MBs refer to I-VOPs containing redundant codes. That is, even if the stream structure can be inferred from the VOP header, a redundant code is inserted into the reference frame, so that the frames after the frame correlation cannot be reproduced correctly. Here, in intra coding, in general, coding is performed using only information of its own picture without using information of other pictures.

In this example, a unique 4 bytes matching the VS header is inserted immediately after the 4-byte VOP header, and 8 bytes are allocated as a synchronization marker. It may be a position. The number of unique information bits (number of bytes) is not limited to 4 bytes, and various information amounts may be used.
In this example, information that matches the VS header is used as unique information. However, as other configuration examples, other information such as a VO header, a VOH header, a VOL header, a GOV header, and a VOP header can be used. It is also possible to use information that matches the unique code.

Here, in this example, in order to specify the encrypted position, a unique code is put in the MB as a synchronization marker. As a result of putting extra data in the MB, the third party The effect of not being able to reproduce correctly is also obtained.
In general, the VOP header of the I-VOP and the VOP header of the P-VOP are different from each other, and the VOP header of the P-VOP is common. For this reason, when only one I-VOP is included in a series of Application_Data sections, the VOP header of the I-VOP can be used as a synchronization marker. Generally, however, two or more I-VOPs are used. A VOP may be included in the Application_Data part. The P-VOP is generally predictively encoded with reference to past pictures. A B-VOP that is bi-directional predictive coded with reference to past and future pictures is also conceivable.

An example of the operation performed by the encryption processing unit 13 shown in FIG.
The input to the encryption processing unit 13 is a compressed stream as shown in FIG. 4 and is the one before encryption.
The header detection unit 33 receives the compressed stream, detects a unique code included in the compressed stream, and based on this, extracts a bit string to be encrypted up to the User_Data part in the Stream_Header part and the Application_Data part.
For example, when the header detection unit 33 finds a VS header (00 00 01 B0h) that is a 4-byte unique code in the MPEG-4 standard, 102 bytes (Bytes) from the VS header to the end of the User_Data portion of the Application_Data portion are detected. ) During the period corresponding to), the signal level is set to High, while the other periods are output identification information for setting the signal level to Low. The number of bits (number of bytes) of 102 bytes is an example, and other values may be used. In general, the standard from the VS header to the GOV header is determined, but the number of bits (number of bytes) in the user_data area is various.
As another example, when the VOH header (00 00 01 01h) is found, the signal level in a period corresponding to 92 bytes (Bytes) from the VOH header to the end of the User_Data portion of the Application_Data portion is set to high. On the other hand, identification information that makes the signal level low may be output during other periods.

The pseudo random number generator 31 receives the secret key and the initial vector, generates a random number sequence, and outputs the random number sequence to the calculation unit 32.
The arithmetic unit 32 performs exclusive logic between the random number sequence generated by the pseudo random number generator 31 and the input compressed stream during a period in which the signal level is high according to the identification information output from the header detection unit 33. Control is performed so as to execute the sum, the encrypted stream is partially encrypted, and the resulting encrypted stream is output to the redundant code insertion unit 34.
The redundant code insertion unit 34 switches the signal level of the identification information output from the header detection unit 33 from high to low, and a predetermined time (in this example, a time corresponding to the VOP header). ) Elapses, a unique redundant code (in this example, a code that matches the VS header) is forcibly inserted into the encrypted stream input from the arithmetic unit 32, and the resultant is shown in FIG. Such an encrypted stream is sent to the LAN interface unit 14 at the subsequent stage.

An example of the operation performed by the decoding processing unit 22 shown in FIG. 3 will be shown.
The input to the decryption processing unit 22 is an encrypted stream obtained by extracting and concatenating only the payload portion from the IP packet in the previous LAN interface unit 21.
The redundant code detection unit 43 scans the input encrypted stream to detect a unique redundant code (in this example, that matches the VS header) that is forcibly inserted by the transmission terminal device 1, and Outputs detection result information (detection information). In this example, since the unique redundant code originally prohibited by the transmitting terminal device 1 is inserted into the Application_Data part, the receiving terminal device 2 can detect the inserted redundant code without erroneous detection. It is possible to specify an encrypted bit string at a position away from the redundant code by a predetermined byte. In this example, when this unique 4-byte redundant code is detected, a bit string of 8 bytes is inspected together with the VOP header arranged immediately before the redundant code.

The pseudo random number generator 41 receives the secret key and the initial vector, generates a random number sequence, and outputs the random number sequence to the calculation unit 42.
Based on the detection information output from the redundant code detector 43, the arithmetic unit 42 performs an exclusive OR of the random number sequence generated by the pseudo random number generator 41 and the encrypted bit sequence included in the encrypted stream. Thus, the compressed stream returned to the plain text is output to the redundant code deletion unit 44.
Based on the detection information output from the redundant code detection unit 43, the redundant code deletion unit 44 deletes the redundant code inserted by the transmission terminal device 1 from the compressed stream input from the calculation unit 42, and obtains the code. The compressed stream is output to the decompression unit 23.

As described above, in the encrypted data communication system of this example, when content data is encrypted and transmitted using the network 3, the header included in the compressed stream of the content data and the fixed length corresponding to the predetermined user data Encryption is performed on the data bitstream.
Further, in the encrypted data communication system of this example, when content data is encrypted and transmitted using the network 3, a unique redundant code is embedded in application data included in the compressed stream of content data. In particular, when the content data is MPEG data, a unique redundancy code is inserted into the MB of the I-VOP to improve confidentiality.

Specifically, in the encrypted data communication system of this example, the following processing is performed when a compressed stream of content data is encrypted.
That is, the encryption processing unit 13 on the transmission side encrypts only the fixed-length data bit string up to the Stream_Header part and the subsequent user_data, and transmits the subsequent part in the Application_Data part without encryption. Also, a unique redundant code for identifying the area of the encrypted data bit string is embedded in a predetermined position of the non-encrypted part in the Application_Data part, and this is used as a synchronization marker (in this example, a part of the synchronization marker) use.
In addition, the decryption processing unit 22 on the receiving side detects the position of the stream_header portion of the received encrypted stream and the subsequent fixed-length data bit string up to user_data based on the synchronization marker embedded in the encryption processing unit 13. Then, the decoding process is performed. At the same time, the redundant code inserted by the encryption processing unit 13 is deleted.

  Therefore, in the encrypted data communication system of this example, it is possible to suppress the decrease in the confidentiality of the encrypted stream, to reduce the circuit scale, and to reduce the encryption processing load and fluctuations depending on the input image. Thus, it is possible to realize a reduction in performance and to realize efficient encryption processing and decryption processing. Further, for example, it is possible to cope with encryption processing and decryption processing of a data stream corresponding to megapixels.

  Specifically, in the encrypted data communication system of this example, since the Stream_Header part describing the stream information is encrypted, it is added even if packets exchanged periodically by a third party are collected. It is difficult to guess the initial vector, which leads to enhanced confidentiality.

Further, in the encrypted data communication system of this example, since the unique redundant code whose appearance in the Application_Data part is prohibited by the standard is used as the synchronization marker of the encrypted stream, the receiving terminal device 2 erroneously recognizes the synchronization marker. For this reason, the process for avoiding erroneous recognition of a synchronization marker, which has been conventionally required, is unnecessary, and the circuit scale can be reduced.
Although there is a possibility that a bit string that matches a unique redundant code used as a synchronization marker appears in the encrypted Stream_Header part, the unique code (4 bytes) and “0” of the Stream_Header part are 32 bits ( (Equivalent to 4 bytes of unique code) This is a case where exclusive OR with a continuous random number sequence is taken, and the probability is {1 / (2 to the 32nd power)}. In addition, the probability is further reduced if the total synchronization code is 8 bytes.

Further, if the unique code constituting the synchronization marker to be inserted into the MB is set to a longer value, the possibility that the corresponding unique code appears in the encrypted header portion is reduced. In the conventional method for encrypting MBs, since any unique header is used as a synchronization marker, the data length of the synchronization marker cannot be increased.
Also, since the data length of the header and the predetermined user data (encrypted portion in this example) is usually shorter than the data length of the MB (conventional encrypted portion), the bit string that matches the unique code is accidentally The probability of appearing in is low.
In this example, the combination of the VOP header and the inserted code (in this example, the code that matches the VS header) is used as the synchronization marker. However, for example, only the inserted code may be used as the synchronization marker. Is possible.

In addition, in the encrypted data communication system of this example, the size of the bit string to be encrypted can be fixed at all times, and periodic processing is performed according to the refresh timing of the stream, thus reducing the load caused by the encryption processing. It is possible to suppress the load fluctuation of the encryption processing that has been affected by the input image, and to avoid performance degradation.
In addition, in order to encrypt a fixed-length stream (in this example, the Stream_Header section and the user_data area), for example, even in an imaging device that supports megapixels, the processing amount of encryption processing and decryption processing is the same as the conventional processing It can be suppressed to a degree. In other words, in the megapixel image, the amount of MB data increases, but when the MB is encrypted, the processing load increases. On the other hand, in this example, the MB is not encrypted, and instead, the Stream_Header section and the user_data Since the area is encrypted, the amount of encryption processing can be suppressed.

In addition, the block encryption method that is considered to be unsuitable for streaming due to heavy processing can be similarly handled.
In this example, the case where the present invention is applied to MPEG-4 is shown. However, the present invention is not limited to this, and the present invention can also be applied to other image compression methods such as MPEG-2 and JPEG. The present invention is not limited to (image), and can be applied to sound and the like.

  In this example, the encryption processing unit 13 on the transmission side encrypts 102 bytes after detecting the VS header included in the compressed stream. That is, from the beginning of all of the Stream_Header part and the Application_Data part. Although all the configuration up to user_data is encrypted, it is also possible to provide a portion excluding encryption in the bit string that is encrypted in this example. In other words, not all of the Stream_Header part to the user_data part is encrypted, but a part of the area such as the user_data area may not be encrypted. For example, the configuration is such that 5 bytes after the first 30 bytes after detecting the VS header are not encrypted and the subsequent 40 bytes are encrypted, or any predetermined 3 bytes are encrypted. It is also possible to use a configuration such as not.

In this example, the unique code is inserted into the MB of the I-VOP. However, the VOP into which the unique code is inserted is not limited to the I-VOP and may be a P-VOP. However, when a unique code is inserted into the P-VOP, for example, “the period from the synchronization marker (in this example, VOP + VS) to the predetermined byte is the bit string of the encrypted part” can be simply described. I can't say that. Taking FIG. 5 as an example, in this example, a unique code is inserted into the MB of the I-VOP of frame 1 (frame 1). Instead, a unique code is inserted into the MB of the P-VOP of frame 2 (frame 2). In this case, in order to specify the position of the bit string of the encrypted part, it is necessary to grasp the MB size of the I-VOP of the immediately preceding frame 1. This is because the size of the MB is not a fixed length, and the other portions are fixed length, and the size can be grasped in advance. Therefore, for example, in a case where a unique code is inserted into the P-VOP MB of frame 2, a mechanism for transmitting the size of the MB of the I-VOP of frame 1 to the reception side in advance is provided. As this mechanism, for example, an additional bit is provided and information on the size of the I-VOP is inserted therein. By doing in this way, the receiving side can identify the position of the bit string of the encrypted part with reference to the MB size of the I-VOP of frame 1 transmitted from the transmitting side. As another configuration example, the size from the VOP code of frame 1 to the VOP code of frame 2 can be changed on the receiving side without providing a mechanism for transmitting the MB size of the I-VOP of frame 1 from the transmitting side to the receiving side. It is also possible to adopt a configuration in which the size of the MB of the I-VOP of frame 1 can be grasped by checking.
In MPEG-4, the expression VOP is used, but the present invention can also be applied to cases where other expressions are used, such as an I picture and a P picture used in MPEG-2.

In the transmission terminal device 1 of this example, a compression processing unit is configured by the function of the compression unit 12, and an encryption processing unit (data processing unit) is configured by the function of the encryption processing unit 13. The function of the interface unit 14 constitutes a transmission means (data communication means).
Further, in the receiving terminal device 2 of this example, receiving means (data communication means) is configured by the function of the LAN interface unit 21, and decoding processing means (data processing means) is configured by the function of the decoding processing unit 22. The expansion processing means is configured by the function of the expansion unit 23.

Here, the configurations of the transmission terminal device, the reception terminal device, the communication system, and the like according to the present invention are not necessarily limited to those described above, and various configurations may be used. The present invention can also be provided as, for example, a method or method for executing the processing according to the present invention, a program for realizing such a method or method, or a recording medium for recording the program. It is also possible to provide various devices and systems.
The application field of the present invention is not necessarily limited to the above-described fields, and the present invention can be applied to various fields.
In addition, as various processes performed in the transmission terminal apparatus, the reception terminal apparatus, the communication system, and the like according to the present invention, for example, the processor is stored in a ROM (Read Only Memory) in hardware resources including a processor and a memory. A configuration controlled by executing the control program may be used, and for example, each functional unit for executing the processing may be configured as an independent hardware circuit.
Further, the present invention can be grasped as a computer-readable recording medium such as a floppy (registered trademark) disk or a CD (Compact Disc) -ROM storing the control program, or the program (itself). The processing according to the present invention can be performed by inputting the program from the recording medium to the computer and causing the processor to execute the program.

It is a figure which shows the structural example of the encryption data communication system which concerns on one Example of this invention. It is a figure which shows the structural example of an encryption process part. It is a figure which shows the structural example of a decoding process part. It is a figure which shows an example of the format of the stream part to encrypt. It is a figure which shows an example of the format of the position which inserts a redundant code. It is a figure which shows the structural example of the encryption process part in MUGI. It is a figure which shows the structural example of the decoding process part in MUGI. It is a figure which shows an example of the format of the compression stream of MPEG-4.

Explanation of symbols

  1 .... Sending terminal device, 2 .... Receiving terminal device, 3 .... Network, 11 .... Input unit, 12 .... Compression unit, 13 .... Encryption processing unit, 14, 21 ... LAN interface unit, 22. Decoding processing unit 23.. Decompression unit 24.. Output unit 31, 41, 51, 61.. Pseudo random number generator 32, 42, 52, 62. 34 .. Redundant code insertion part, 43 .. Redundant code detection part, 44 .. Redundant code deletion part,

Claims (3)

In an encrypted data communication device for communicating encrypted data,
Processing corresponding to an encryption method for encrypting all or part of a fixed-length bit stream corresponding to a header and user data part included in a compressed stream of data to be communicated , and application data included in the compressed stream Data processing means for executing processing corresponding to a method of inserting a predetermined code into a non-encrypted part in the unit and using the code as all or part of the synchronization code ;
Data communication means for communicating encrypted data processed by the data processing means;
An encrypted data communication device comprising: The encrypted data communication device according to claim 1 , wherein
The compressed stream is obtained by compressing data by the MPEG method.
The data processing means executes processing corresponding to a method of inserting the predetermined code into an MB of a predetermined frame;
An encrypted data communication device. The encrypted data communication device according to claim 2,
  The data processing means inserts the predetermined code immediately after the VOP header following the user data included in the application data portion,
  As the synchronization code, a combination of the VOP header and the predetermined code is used.
  An encrypted data communication device.

Images