CN101444096A - Encryption device, decryption device, license issuing device, and content data generation method - Google Patents
Encryption device, decryption device, license issuing device, and content data generation method Download PDFInfo
- Publication number
- CN101444096A CN101444096A CNA2007800174980A CN200780017498A CN101444096A CN 101444096 A CN101444096 A CN 101444096A CN A2007800174980 A CNA2007800174980 A CN A2007800174980A CN 200780017498 A CN200780017498 A CN 200780017498A CN 101444096 A CN101444096 A CN 101444096A
- Authority
- CN
- China
- Prior art keywords
- data
- packet
- unit
- licence
- initialization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
A plurality of resources such as an image, audio, and data broadcast contained in a content are separately stream-encrypted. A reception side separates the encrypted streams for each of resources and acquires an initialization packet in the encrypted streams. According to the initialization packet, a decryption algorithm is initialized and a decryption key is acquired for decrypting the respective resources.
Description
Technical field
The present invention relates to encryption device, decryption device, license issuing device and content data generation method.
The application advocates that the spy that the spy is willing to 2006-137002 number and on May 16th, 2006 proposed who proposed on May 16th, 2006 is willing to 2006-137004 number priority, quotes its content here.
Background technology
In the past, for example in patent documentation 1, put down in writing the service provider system that utilizes broadcast wave and communication line.In the conventional art of in patent documentation 1, putting down in writing, send content by broadcast wave, and, make the broadcasting decoder device validation signal that plays a role effectively at the built-in broadcasting decoder device of receiver side terminal by the communication line transmission, thus, at receiver side, according to the broadcasting decoder device validation signal that receives by communication line, the broadcasting decoder device becomes effectively, receives (audiovisual) content based on broadcast wave.
; in above-mentioned conventional art; even when the content that is made of a plurality of resources (image, voice, data etc.) is provided with broadcast wave, also only the broadcasting decoder device of receiver side is become effectively, so various method of service can't be provided with a broadcasting decoder device validation signal.
And as the conventional art about portable terminal, in recent years, towards the digital broadcasting practicability of portable terminal.The cipher mode of the program data as towards the digital broadcasting of portable terminal the time, if consider the disposal ability of portable terminal, just think and compare that it is desirable handling the light traffic encryption mode of load with the general encryption of blocks of data mode of using in the content distribution of internet etc.In the traffic encryption mode, the state consistency of the both sides' of encryption device and decryption device traffic encryption algorithm is indispensable to normal deciphering.
, in digital broadcasting, because the transmission mistake of broadcast data etc., if the loss of the transmission package of traffic encryption data has taken place to preserve, it is inconsistent that the state of the both sides' of encryption device and decryption device traffic encryption algorithm just becomes, and decryption error takes place.
Patent documentation 1: TOHKEMY 2005-159457 communique
Patent documentation 2: No. 3030341 communique of Japan Patent
Patent documentation 3: No. 3455748 communique of Japan Patent
Summary of the invention
The present invention considers that above-mentioned situation finishes, and its purpose is, provides when providing the content that is made of a plurality of resources with broadcast wave, and encryption device, decryption device, the license issuing device of various method of service can be provided the user.
The present invention also aims to, provide and to strengthen at the encryption device of the traffic encryption mode of the patience of the loss that transmits the wrong transmission data that cause and decryption device, content data generation method.
In order to solve described problem, the present invention for example has following each side.
The encryption device that the present invention's 1 relates to, preferred, be the encryption device that the content that is made of a plurality of resources is provided with broadcast wave, comprising: ciphering unit, with each encryption key described each resource of cryptographic object is encrypted; The packet generation unit, the packet of the enciphered data or the non-encrypted data of described each resource is preserved in generation respectively; Transmitting element sends described packet.
The license issuing device that the present invention's 2 relates to, preferably following license issuing device: for the content that constitutes by a plurality of resources, with each encryption key described each resource of cryptographic object is being carried out under the state of encrypting, be provided for the licence that the encrypt asset when utilizing broadcast wave to provide is decrypted by communication line, comprise: memory cell, store described licence; Transmitting element sends the licence in the described memory cell; Described licence is constituted by license identifier and decruption key; Described license identifier represents that this licence becomes effective broadcasting area; Each of described decruption key and cryptographic object resource is corresponding and be set up.
The decryption device that the present invention's 3 relates to, preferably following decryption device: for the content that constitutes by a plurality of resources, by each encryption key described each resource of cryptographic object is being carried out under the state of encrypting, utilize broadcast wave to provide, comprise: the broadcast reception unit receives packet with broadcast wave; The allocation of packets unit, it distributes the packet with enciphered data according to the described packet that has received by the resource difference of cryptographic object; The licence receiving element receives licence by communication line; Decrypting device is decrypted the enciphered data in the packet that distributes by the resource difference of cryptographic object with each decruption key in the described licence that has received.
The decryption device that the present invention's 4 relates to is described decryption device, preferably the licence holding unit that also has store licenses.
The decryption device that the present invention's 5 relates to is described decryption device, preferably also has the deciphering control unit, and should decipher control unit according to the license identifier in the licence, controls the deciphering that this licence becomes effective broadcasting area.
The decryption device that the present invention's 6 relates to is described decryption device, preferably also has accumulative element, and this accumulative element accumulates the content that receives with broadcast wave.
The decryption device that the present invention's 7 relates to is described decryption device, preferably also have licence and obtain the unit, and this licence is obtained the unit and is obtained the effective licence of broadcasting area in receiving by communication line.
The decryption device that the present invention's 8 relates to is described decryption device, preferably also has: display unit, and in display frame, express and utilize broadcast wave receiving or the predetermined content that receives; Designating unit specifies in the content of expressing in the described display frame; Licence is obtained the unit, obtains and the corresponding licence of content based on the appointment of described designating unit by communication line.
The decryption device that the present invention's 9 relates to is described decryption device, preferably also has: display unit, in display frame, express the content that accumulates in the interior perhaps described accumulative element that utilizes broadcast wave receiving or be scheduled to receive; Designating unit specifies in the content of expressing in the described display frame; Licence is obtained the unit, obtains and the corresponding licence of content based on the appointment of described designating unit by communication line.
The decryption device that the present invention's 10 relates to is described decryption device, and is preferred, and described display unit is being expressed having or not of the licence corresponding with the content expressed in the described display frame in the display frame.
According to above-mentioned various aspects of the present invention, when utilizing broadcast wave that the content that is made of a plurality of resources is provided, can provide various service pattern to the user.
In addition, in order to solve above-mentioned problem, the present invention for example also has following each side.
The encryption device that the present invention's 11 relates to preferably includes: the initialization package generation unit with the initialization interval of traffic encryption algorithm, generates the initialization package that is kept at the initial value that uses in the initialization of traffic encryption algorithm; Ciphering unit uses the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, carries out traffic encryption; The encrypted packets generation unit generates the encrypted packets of preserving these traffic encryption data; Transmitting element sends described initialization package and described encrypted packets.
The encryption device that the present invention's 12 relates to is described encryption device, and is preferred, and described initialization package generation unit uses the corresponding initialization interval of medium kind with encrypted data.
The encryption device that the present invention's 13 relates to is described encryption device, and is preferred, and a plurality of described ciphering units are set; Described initialization package generation unit is kept at each initial value of described ciphering unit in the initialization package.
The encryption device that the present invention's 14 relates to is described encryption device, and preferred, described initialization package and described encrypted packets all are transmission package, its kind difference.
The decryption device that the present invention's 15 relates to preferably includes: receiving element receives initialization package and encrypted packets; Decrypting device is used the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, and the traffic encryption data of preserving in the described encrypted packets are decrypted.
The decryption device that the present invention's 16 relates to is described decryption device, and a plurality of described decrypting device preferably are set; Described decrypting device is used the described initial value of appointment, and the described traffic encryption data of appointment are decrypted.
The decryption device that the present invention's 17 relates to is described decryption device, preferably also has the counting unit that the loss number of described encrypted packets is counted; Described decrypting device is carried out the idle running of the described deciphering corresponding with described loss number.
The decryption device that the present invention's 18 relates to is described decryption device, and is preferably also corresponding with described each decrypting device, and the counting unit that the loss number of described encrypted packets is counted is set; Described decrypting device is carried out the idle running of the described deciphering corresponding with described loss number.
The decryption device that the present invention's 19 relates to is described decryption device, and is preferred, and described decrypting device is prevented the idle running of described deciphering under the situation of the count range that surpasses described counting unit.
The decryption device that the present invention's 20 relates to is described decryption device, and preferred, described initialization package and described encrypted packets all are transmission package, its kind difference.
The encryption device that the present invention's 21 relates to, comprise: initialization package is inserted the unit, in the packet string of preserving the data stream contents data, by the processing unit of each data stream contents data, insert the initialization package of having preserved the initial value that in the initialization of traffic encryption algorithm, uses; Ciphering unit uses the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, carries out the traffic encryption of described data stream contents data; Transmitting element sends the encrypted packets and the described initialization package of preserving these encrypted data stream contents data.
The encryption device that the present invention's 22 relates to is described encryption device, and preferred described initialization package is inserted the unit and inserted described initialization package before the packet of next-door neighbour's preservation reference map picture frame.
The encryption device that the present invention's 23 relates to is described encryption device, and preferred described reference map picture frame is I image or IDR image.
The encryption device that the present invention's 24 relates to is described encryption device, and preferred described initialization package is inserted the unit and inserted described initialization package before the packet of next-door neighbour's preservation speech frame.
The encryption device that the present invention's 25 relates to is described encryption device, and is preferred, and described initialization package is inserted the unit, inserts described initialization package before the packet of next-door neighbour's preservation ADTS head.
The encryption device that the present invention's 26 relates to is described encryption device, and preferred described initialization package is inserted the unit, in the packet string of preserving the data broadcast content data, by the data unit of each repeated broadcast, inserts described initialization package.
The content data generation method that the present invention's 27 relates to, preferably following content data generation method: use the initial value of preserving in the initialization package, to the initialization of data stream cipher algorithm, the data stream contents data are carried out traffic encryption, in the packet string of preserving the data stream contents data, by the processing unit of each data stream contents data, insert the initialization package of having preserved the initial value that in the initialization of traffic encryption algorithm, uses.
The content data generation method that the present invention's 28 relates to is described content data generation method, and is preferred, inserts described initialization package preserved the packet of reference map picture frame the next-door neighbour before.
The content data generation method that the present invention's 29 relates to is described content data generation method, and preferred, described reference map picture frame is I image or IDR image.
The content data generation method that the present invention's 30 relates to is described content data generation method, and is preferred, inserts described initialization package preserved the packet of speech frame the next-door neighbour before.
The content data generation method that the present invention's 31 relates to is described content data generation method, and is preferred, inserts described initialization package preserved the packet of ADTS head the next-door neighbour before.
The content data generation method that the present invention's 32 relates to is described content data generation method, and is preferred, in the packet string of having preserved the data broadcast content data, by the data unit of each repeated broadcast, inserts described initialization package.
According to above-mentioned each side of the present invention, can be to data stream encryption mode, strengthen patience at the loss that transmits the transmission data that mistake etc. causes.
In addition, in order to solve above-mentioned problem, the present invention for example also has following each side.
The encryption device that the present invention's 33 relates to is described encryption device, and preferred, described ciphering unit for the content that is made of a plurality of resources, is encrypted described each resource of cryptographic object with each encryption key; Described encrypted packets generation unit, the packet of the enciphered data or the non-encrypted data of described each resource is preserved in generation respectively; Described transmitting element sends the described packet that described encrypted packets generation unit generates.
The encryption device that the present invention's 34 relates to, it is described encryption device, preferably also have the initialization package generation unit, and this initialization package generation unit generates the initialization package of the initial value that uses in the initialization of preserving the traffic encryption algorithm with the initialization interval of traffic encryption algorithm; Described ciphering unit uses the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, carries out traffic encryption.
The encryption device that the present invention's 35 relates to is described encryption device, and is preferred, and described initialization package generation unit uses the corresponding initialization interval of medium kind with encrypted data.
The encryption device that the present invention's 36 relates to is described encryption device, and is preferred, and a plurality of described ciphering units are set; Described initialization package generation unit is saved in each initial value of described ciphering unit in the initialization package.
The encryption device that the present invention's 37 relates to is described encryption device, and preferred, described initialization package and described encrypted packet all are transmission package, its kind difference.
The present invention's 38 is a kind of broadcast systems, and it utilizes broadcast wave that content is provided, and is preferred, comprise: add compact part, with each encryption key each content that is made of a plurality of resources is encrypted, generate the packet of the enciphered data or the non-encrypted data of preserving described each resource respectively, and send; The licence distribution unit sends the licence that is used for described enciphered data is decrypted by communication line; Decryption part receives described packet, and the packet with described enciphered data is distributed by the resource difference of cryptographic object, uses the described licence that receives by described communication line, and described enciphered data is decrypted; Described licence have license identifier that this licence of expression becomes effective broadcasting area and with the combination of each corresponding decruption key of the described resource of cryptographic object; Described decryption part is decrypted the described enciphered data in the described packet that distributes by the described resource difference of cryptographic object with each the described decruption key in the described licence that receives.
Description of drawings
Fig. 1 is the block diagram of the formation of the broadcast system that relates to of expression one embodiment of the present invention.
Fig. 2 is the block diagram of the formation of expression encryption device 100 shown in Figure 1.
Fig. 3 is the figure of the configuration example of the transmission package (TS packet) that relates to of expression one embodiment of the present invention.
Fig. 4 is the figure of the configuration example of the licence 200 that provides of expression license issuing device 2 shown in Figure 1.
Fig. 5 is the block diagram of the formation of expression decryption device 300 shown in Figure 1.
Fig. 6 is the figure of configuration example of the display frame 30 of expression terminal installation 3 shown in Figure 1.
Fig. 7 is the data configuration figure of broadcast singal of configuration example of identifier that is used to illustrate the combination of ciphering process that one embodiment of the present invention relates to and decrypting process.
Fig. 8 is the data configuration figure of descriptor example of configuration example of identifier that is used to illustrate the combination of ciphering process that one embodiment of the present invention relates to and decrypting process.
Fig. 9 is the block diagram of the formation of the decryption device that relates to of expression the present invention other execution modes.
Figure 10 is the block diagram of formation of the encryption device 1100 of the traffic encryption mode that relates to of expression embodiment of the present invention 2.
Figure 11 is the figure of the configuration example of the initialization package (IV packet) that relates to execution mode of expression.
Figure 12 is the block diagram of formation of the decryption device 1200 of the traffic encryption mode that relates to of expression embodiment of the present invention 2.
Figure 13 is the block diagram of formation of the decryption device 1220 of the traffic encryption mode that relates to of expression embodiment of the present invention 3.
Figure 14 is the block diagram of formation of the decryption device 1240 of the traffic encryption mode that relates to of expression embodiment of the present invention 4.
Figure 15 is the block diagram of formation of the encryption device 1120 of the traffic encryption mode that relates to of expression embodiment of the present invention 5.
Figure 16 is the key diagram of the IV packet insert action that is used to illustrate that embodiment of the present invention 5 relates to.
Figure 17 is the key diagram of the IV packet insert action that is used to illustrate that embodiment of the present invention 5 relates to.
The explanation of symbol:
1-broadcasting station; 2-license issuing device; 3-terminal installation; 4-communication network; 30-display frame; 31-image frame; 32-data broadcasting picture; 100-encryption device; 110-add compact part; 111-ciphering process; 120-packet generating unit; 130-sending part; 200-licence; 300-decryption device; 310-broadcast reception portion; 320-allocation of packets portion; 330-decryption part; 331-decrypting process; 340-licence acceptance division; 350-licence maintaining part; 360-license management portion; 370-licence is obtained control part; 600-accumulation portion; 1100-encryption device; 1120-encryption device; A 1101-transformation component; 1102-IV packet insertion section; 1103-add compact part; 1104-sending part; 1121-data analysis portion; 1200-decryption device; 1220-decryption device; 1240-decryption device; 1201-acceptance division; 1202-allocation of packets portion; 1203-IV packet reads in portion; 1204-decryption part; 1221-counting check portion; Verification of 1241-counting and decryption part; 1102a-IV packet insertion section; 1130-I image; 1140-IV packet; 1150-ADTS head; 1300-regenerating unit; 1301-image regeneration portion; 1302-speech regeneration portion; 1303-data broadcasting display part.
Embodiment
Below, with reference to accompanying drawing, one embodiment of the present invention is described.
Fig. 1 is the block diagram of the formation of the broadcast system that relates to of expression one embodiment of the present invention.In Fig. 1, broadcasting station 1 has encryption device 100.Encryption device 100 is provided by the content that provides with broadcast wave.License issuing device 2 is being used for the licence that 1 encrypted content that provides with broadcast wave from the broadcasting station is decrypted is provided by communication line.Terminal installation 3 has decryption device 300.Decryption device 300 uses the licence that provides from license issuing device 2 to 1 encrypted content that provides with broadcast wave is decrypted from the broadcasting station.
Fig. 2 is the block diagram of the formation of expression encryption device 100 shown in Figure 1.In Fig. 2, content is made of a plurality of resources.As the kind of resource, for example enumerate image, voice, data etc.Resource in the content can all be a cryptographic object, perhaps also can have the resource that is not cryptographic object.In the example of Fig. 2, content is made of N resource _ #1~#N, and resource _ #1, #2 are cryptographic objects, thus encrypted, but resource _ #N is not a cryptographic object, so do not encrypt.If enumerate concrete example, for the content that constitutes by image resource, voice resource and data resource, can consider image resource, voice resource are encrypted, the data resource is not encrypted.
In addition, when being the cryptographic object resource, the ciphering process 111 that this resource is encrypted in the value of transport_scrambling_control field " 01 ", " 10 " and " 11 " identification.Therefore, according to value " 01 ", " 10 " and " 11 " of transport_scrambling_control field, can discern 3 ciphering process 111.Here, the decrypting process of ciphering process and decryption device side is paired, but utilizes the value " 01 " of transport_scrambling_control field, the decrypting process that " 10 " and " 11 " specify the decryption device side.In addition, under the situation of using the transport_scrambling_control field, the combination of ciphering process and decrypting process can have 3, but the back description is used for the extended method corresponding with the combination of greater number.
Sending part 130 sends the TS packet string that receives from packet generating unit 120.
Fig. 4 is the figure of the configuration example of the licence 200 that provides of expression license issuing device 2 shown in Figure 1.In Fig. 4, licence 200 is constituted by license identifier (licence ID) and decruption key.Licence ID represents that this licence becomes effective broadcasting area.As broadcasting area, for example by regulations such as airtime, broadcasting channel, content, resources.If enumerate concrete example, just one or more specific resources of the specific content of the specific broadcasting channel of specific airtime or specific broadcasting channel or specific content etc. are considered as broadcasting area.
In licence 200, will be corresponding and be provided with each of the decruption key of licence ID combination and cryptographic object resource.For example in the example of Fig. 2, cryptographic object resource _ #1, #2 are encrypted by decruption key _ #1, #2 respectively.At this moment, corresponding with each of cryptographic object resource _ #1, #2, and decruption key _ #1, #2 are set.
In addition, license issuing device 2 can perhaps be made of computer systems such as server computers dedicated hardware implementation, is used to realize each functional programs of license issuing device 2 by execution, carries out its function.
Fig. 5 is the block diagram of the formation of expression decryption device 300 shown in Figure 1.In Fig. 5, broadcast reception portion 310 usefulness broadcast waves receive the TS packet.At this moment, broadcast reception portion 310 carries out being operated by the user reception of the broadcasting channel of appointment.
Allocation of packets portion 320 distributes the TS packet with enciphered data according to the TS packet of this reception by the resource difference of cryptographic object.For example, under the situation of TS packet that is Fig. 3, the value of transport_scrambling_control field is that the TS packet of " 01 ", " 10 " and " 11 " is preserved the enciphered data that the resource of cryptographic object is encrypted, but, specify the decrypting process that this enciphered data is decrypted according to value " 01 ", " 10 " and " 11 " of transport_scrambling_control field.
Decryption part 330 can have a plurality of decrypting processes 331.For each decrypting process 331, the identifier with its each difference is set.In each decrypting process 331, according to this identifier, input is by the enciphered data of the cryptographic object resource of allocation of packets portion 320 distribution.Each decrypting process 331 usefulness is decrypted enciphered data respectively from each decruption key that license management portion 360 provides.Each data decryption is regenerated on terminal installation 3.In addition, the regeneration on terminal installation 3 of remaining untouched of non-encrypted data in the TS packet of non-encrypted object resource will be kept at.
In addition,,, need not be provided with corresponding with licence 200 all, can only have and the corresponding decrypting process 331 of available service for the decrypting process 331 of decryption device 300 according to the machine form of terminal installation 3.
Licence is obtained control part 370 and is obtained licence 200 by communication network 4.For example licence is obtained the license server on control part 370 access the Internet, obtains the signatory of licence 200.In addition, also the license server function can be set in license issuing device 2.Being received by licence acceptance division 340 can be by the signatory licence of obtaining 200 of this licence.About obtaining of licence 200, below enumerate 2 examples (situation 1,2), describe.
(situation 1)
(situation 2)
Be arranged on to express in the display frame of terminal installation 3 and receiving or the display unit of the predetermined content that receives with broadcast wave.For example, have in content under the situation of image resource and data resource, in the display frame 30 of the illustrative terminal installation 3 of Fig. 6, show image resource on image frame 31, video data resource on data broadcasting picture 32.At this moment, for example the bottom in image frame 31 shows that expression is receiving with broadcast wave or the mark of the predetermined content that receives, and can express corresponding content.In addition, can be according to the content information in the broadcast singal of non-encrypted object, for example the multiplexed program related information or the identifier of content etc. are known with broadcast wave and are being received or the predetermined content that receives in broadcast wave.
In addition, the corresponding licence 200 of the content that also can express in the display frame of expressing in the display frame with terminal installation 3 of display unit has or not.For example, the bottom in the image frame 31 of Fig. 6 shows the mark that has or not of expression licence 200, thus, can express having or not of corresponding licence 200.Can judge having or not of licence 200 by in the search licence maintaining part 350.
In addition, be provided for specifying in the designating unit of the content of expressing in the display frame of terminal installation 3.
For example, be chosen in the mark that shows in the display frame, can specify corresponding content thus with the operation keys of terminal installation 3.
Licence is obtained control part 370 and is attempted obtaining of the licence 200 corresponding with the content of this appointment.In view of the above, the user can obtain licence 200 when thinking audiovisual, the desirable content of audiovisual.
As mentioned above, according to present embodiment, under the situation that the content that is made of a plurality of resources (image, voice, data etc.) is provided with broadcast wave, the broadcasting station can be that unit sets encryption or non-encrypted with the resource.In view of the above, can be that unit provides selectable service with the resource, can provide various method of service to the user.
In addition, can set the formation of the decruption key that comprises in the licence neatly, so can realize various audiovisual form of content.For example in the movie contents that constitutes by 1 image resource, 2 voice resources (for example japanese voice and English Phonetics), setting comprises the licence of each decruption key corresponding with an image resource and a side's voice resource (for example japanese voice) and comprises licence with corresponding each decruption key of image resource and the opposing party's voice resource (for example English Phonetics), thereby the licence of various patterns is set for a content, thus, can provide various audiovisual form to the user.
In addition, encryption device 100 and decryption device 300 that present embodiment relates to can be by dedicated hardware implementation, perhaps, carry out the functional programs that is used to realize each device with CPU, thereby realize this function by memory and CPU formations such as (central calculation processing apparatus).
Below, the method for number of the combination (below be called " process group ") of expansion ciphering process and decrypting process is described.
In the method for value identifying group, can be set to 3 to the process group with the transport_scrambling_control field in the head of above-mentioned TS packet shown in Figure 3.And,, for example enumerate the method for the data of utilizing PMT shown in Figure 7 and composition (component) descriptor shown in Figure 8 as the method for the number of expansion process group.Each data configuration of Fig. 7 and Fig. 8 is by standard specification " STD-B10 " regulation of ARIB (Association of Radio Industries andBusiness).
Can preserve composition descriptor shown in Figure 8 among the descriptor region 2_500 in the data of PMT shown in Figure 7.And, in this composition descriptor undefined regional 510 in preserve identifier.This zone 510 has 4, so can 16 identifiers be set maximum, if 1 is the unencrypted identifier of expression, can discern 15 process groups with 15 remaining identifier maximums.
In addition, the composition descriptor is the descriptor that has existed, but also can define new descriptor and use.At this moment, the identifier of number arbitrarily can be set, can further expand the number of process group.
More than, with reference to accompanying drawing, describe embodiments of the present invention 1 in detail, but concrete formation is not limited to present embodiment, also comprises the design alteration of the scope that does not break away from aim of the present invention etc.
For example, also can the accumulative element of accumulation with the content of broadcast wave reception be set at decryption device.Fig. 9 represents the configuration example of this decryption device.In Fig. 9, in decryption device shown in Figure 5 300, also be provided with accumulation portion 600.In Fig. 9, the TS packet that 600 storages of accumulation portion and accumulation are received by broadcast reception portion 310.The TS packet is read from accumulation portion 600 by allocation of packets portion 320, and the TS packet with enciphered data is distributed by the resource difference of cryptographic object.In view of the above, in real time during the content of audiovisual broadcast, can accumulate the content that has received, be decrypted and regenerate, carry out audiovisual in time arbitrarily the user.
In addition, in the decryption device of Fig. 9, also can, the display unit and the designating unit of above-mentioned situation 2 are set, obtain the licence corresponding 200 with the content of user's appointment.At this moment, display unit express in the display frame of terminal installation 3 with broadcast wave receiving or predetermined receive interior perhaps in accumulation portion 600 content of accumulation get final product.
In addition, the present invention can use in various broadcast systems.For example, can in the digit broadcasting system of portable terminal, use.In view of the above, when providing the content that constitutes by a plurality of resources, can provide the various method of service corresponding to the user with the feature of portable terminal with digital broadcasting.
In addition, as the cipher mode of present embodiment, can be the traffic encryption mode, perhaps also can be the encryption of blocks of data mode.
[execution mode 2]
Figure 10 is the block diagram of formation of encryption device 1100 of the traffic encryption mode of expression embodiment of the present invention 2.
In Figure 10, a transformation component 1101 carries out a conversion of transmission package (TS packet).The TS packet is according to ISO/IEC13818-1 (MPEG-2 system standard).Transformation component 1101 is rewritten the value of the transport_scrambling_control field in the head of TS packets.The value of transport_scrambling_control field " 01 ", " 10 " and " 11 " expression are encrypted.The value of transport_scrambling_control field " 00 " expression is not encrypted.
IV packet insertion section 1102 initialization interval with the traffic encryption algorithm generate initialization package (IV packet), and this initialization package (IV packet) is preserved the initial value (IV) that uses in the initialization of traffic encryption algorithm.In addition, key ID is preserved in IV packet insertion section 1102 in the IV packet.Key ID has " Current " and " Next " 2 kinds.Key ID " Current " is the identifier of the key in the current use.Key ID " Next " is to follow the identifier of the key that uses.The IV packet that has generated is inserted in IV packet insertion section 1102 in the TS packet string of from the beginning transformation component 1101 outputs.
Figure 11 represents the configuration example of the IV packet of present embodiment.In the present embodiment, constitute the IV packet as a kind of of TS packet.In Figure 11, it is the value " 0x889 (16 system) " of IV packet that the PID field in head is preserved expression.In addition, the value of ransport_scrambling_control field is " 00 ".Promptly the IV packet is not encrypted.In addition, in this example, the adaptation_field_control field is fixed on " 01 ", establishes adaptation_field for not having.
In addition, in Figure 11, the data_byte field preserve IV (iv), key ID " Current " (id_current) and " Next " (id_next).In addition, can preserve a plurality of IV (iv[n]; N is the integer more than 0).Preserving under the situation of a plurality of IV, form iv_tsc_flag[n] and iv[n] group.Each iv[n] in each corresponding data flow ciphering process, in the initialization of traffic encryption algorithm, use.
In addition, can be to each iv[n], the change initialization interval.At this moment, only as initialization iv[n constantly] be kept at the IV packet.With each iv[n] corresponding initialization interval is corresponding with each corresponding data flow ciphering process respectively.For example, use the initialization interval corresponding with the medium kind of ciphered data.As medium kind, for example enumerate voice, image, data etc.
In addition, in the example of Figure 11, with the not use zone in " 0xff (16 system) " filling data_byte field.In addition, " the CyclicRedundancy Check:CRC " that the preservation error detection is used in the data_byte field (CRC_32).In addition, at the receiver side of IV packet,, when detecting mistake, abandon this IV packet in result as CRC check.
The traffic encryption that adds the TS packet string after compact part 1103 carries out inserting at the IV packet.What become this cryptographic object is the TS packet of the value of transport_scrambling_control field for " 01 ", " 10 " and " 11 ".In addition, about the head of TS packet, do not encrypt.In addition, for the IV packet, the value of transport_scrambling_control field is " 00 ", so do not encrypt.
In this traffic encryption is handled, add compact part 1103 if in TS packet string, found IV packet (the PID field value is " 0x889 (16 system) "), just read IV from the IV packet of this discovery.Then, use this IV that reads, the data stream cipher algorithm is carried out initialization.After promptly initialization is carried out to the data stream cipher algorithm in the position of the IV packet in TS packet string, carry out traffic encryption at the TS packet of the later cryptographic object of this IV packet.
In the initialization of this traffic encryption algorithm, from the IV packet read key ID " Current " (id_current) and " Next " (id_next), prepare the key in traffic encryption, use.
In addition, add compact part 1103 and can have a plurality of traffic encryption processes [n].Each traffic encryption process [n] is used corresponding IV (iv[n]) respectively, carries out the initialization of traffic encryption algorithm.In addition, each traffic encryption process [n] is according to the value of PID field, the TS packet that differentiation will be encrypted.
Adding compact part 1103 exports with the order when IV packet insertion section 1102 is obtained the TS packet string of the TS packets that comprise the IV packet and encrypted to sending part 1104.
Sending part 1104 sends from adding the TS packet string that compact part 1103 is obtained.
The decryption device of the traffic encryption mode of execution mode 2 then, is described.
Figure 12 is the block diagram of formation of decryption device 1200 of the traffic encryption mode of expression embodiment of the present invention 2.
In Figure 12, acceptance division 1201 receives the TS packet that sends from encryption device 1100.Acceptance division 1201 carries out correcting processing at the error detection and the mistake of the TS packet that has received.
At this moment, about detect wrong IV packet by CRC check, abandon.
Allocation of packets portion 1202, the TS packet about after acceptance division 1201 outputs according to the PID field value in the head, distributes to each destination.Here, IV packet (the PID field value is " 0x889 (16 system) ") is read in portion's 1203 outputs to the IV packet.In addition, encrypted TS packet (value of transport_scrambling_control field " 01 ", " 10 " and " 11 ") is exported to the decryption part corresponding with this PID field value 1204.In addition, with not encrypted other TS packets, remain untouched from decryption device 1200 outputs.
The IV packet read in portion 1203 from the IV packet read IV and key ID " Current " (id_current) and " Next " (id_next).According to this key ID of reading " Current " (id_current) and " Next " (id_next) prepare the key that uses in the deciphering of data flow password.Then, this key prepared and IV are exported to decryption part 1204.In addition, under the situation of in the IV packet, having preserved a plurality of IV (iv[n]), each iv[n] to decryption part 1204 outputs with each corresponding data flow decrypting process [n].
In the decryption processing of this data flow password, decryption part 1204 if reading in portion 1203 from the IV packet obtains IV and key, just uses this IV that the data stream cipher algorithm is carried out initialization.Then,, read in the key that portion 1203 obtains from the IV packet, the decryption processing of beginning data flow password with regard to using if finished this initialization.The i.e. position of the IV packet in the TS packet string that is received, the data stream cipher algorithm carried out initialization after, carry out deciphering at the data flow password of the later encrypted TS packet of this IV packet.
The TS packet that decryption part 1204 has been deciphered to regenerating unit 1300 outputs.
In regenerating unit 1300, carry out the regeneration of decrypted TS packet.In the example of Figure 12, regenerating unit 1300 has image regeneration portion 1301, speech regeneration portion 1302 and data broadcasting display part 1303.In decryption device 1200, be provided with and image regeneration portion 1301, speech regeneration portion 1302, the corresponding decryption part 1204 of data broadcasting display part 1303 difference.In image regeneration portion 1301, speech regeneration portion 1302, data broadcasting display part 1303, carry out respectively from the regeneration of the TS packet of decryption part 1204 outputs of correspondence.In addition, the formation of regenerating unit 1300 shown in Figure 12 is examples, and the change medium kind can suit.
According to above-mentioned execution mode 2,, can make the state consistency of the traffic encryption algorithm of the state of traffic encryption algorithm of ciphering process and decrypting process by the IV packet.Therefore, even owing to transmit mistake etc., encrypted TS loss of packets, the state of temporary encryption process and decrypting process both sides' traffic encryption algorithm becomes inconsistent, when the reception of next IV packet, the state of ciphering process and decrypting process both sides' traffic encryption algorithm also can be consistent, can restart normal deciphering.In view of the above, in the traffic encryption mode, can strengthen patience at the loss that transmits the transmission data that mistake etc. causes.
[execution mode 3]
Figure 13 is the block diagram of formation of decryption device 1220 of the traffic encryption mode of expression embodiment of the present invention 3.In Figure 13,, omit explanation to giving identical symbol with each of Figure 12 corresponding part.In addition, encryption device is identical with execution mode 2, so omit explanation.
In execution mode 3, as shown in figure 13, counting check portion 1221 is set.The part of having only this counting check portion 1221 to relate to is the variation point of comparing with the decryption device 1200 of Figure 12.The loss number of 1221 pairs of encrypted TS packets of counting check portion is counted.
In the head of TS packet, insert continuity_counter (continuity index).By detecting this continuity_counter, can count the loss number of TS packet.The idle running of the deciphering that 1204 indications of 1221 pairs of decryption parts of counting check portion are corresponding with this loss number.Counting check portion 1221 is indicated the counting of loss number and the idle running of deciphering respectively to each decryption part 1204.
In view of the above, by with the corresponding quantity of loss number of encrypted TS packet, the state of transferring data stream cipher algorithm.Its result, even lose encrypted TS packet, it is inconsistent that the state of ciphering process and decrypting process both sides' traffic encryption algorithm can not become yet, the state of ciphering process and decrypting process both sides' traffic encryption algorithm can continue to be consistent.In view of the above, in the traffic encryption mode, can strengthen patience at the loss that transmits the transmission data that mistake etc. causes.
In addition, counting check portion 1221 is being lost under the situation of number above the count range of tally function the indication of the idle running that is not decrypted.This is because the loss number surpasses under the situation of count range, can't carry out the idle running of correct deciphering.Counting check portion 1221 when loss that can be more than certain intervals continues, is judged as the count range that the loss number surpasses tally function for example according to time information.
In addition, same with execution mode 2 under the situation of loss number above the count range of tally function, can utilize the IV packet, make the state consistency of ciphering process and decrypting process both sides' traffic encryption algorithm.
[execution mode 4]
Figure 14 is the block diagram of formation of decryption device 1240 of the traffic encryption mode of expression embodiment of the present invention 4.In this Figure 14, give same-sign to the part corresponding with each one of Figure 12, omit explanation.In addition, encryption device is identical with execution mode 2, omits its explanation.
In execution mode 4, as shown in figure 14, the decryption part 1204 of Figure 12 is changed to counting verification and decryption part 1241.The part of having only this counting verification and decryption part 1241 to relate to is the variation point of comparing with the decryption device 1200 of Figure 12.In addition, be with the difference of execution mode 3, the function decentralized configuration of the counting check portion 1221 of Figure 13 to each decryption part.
The loss number of counting verification and 1241 pairs of encrypted TS packets of decryption part is counted, and carries out the idle running of the deciphering corresponding with this loss number.In this idle running, under the state of the enciphered data that will not decipher, carry out decryption processing with the corresponding quantity of loss number.In addition, surpassed under the situation of count range of tally function the indication of the idle running that is not decrypted in the loss number.For example according to time information, when can the loss more than certain intervals continuing, be judged as the count range that the loss number has surpassed tally function.
In view of the above, same with execution mode 3, even lose encrypted TS packet, it is inconsistent that the state of ciphering process and decrypting process both sides' traffic encryption algorithm can not become yet, and the state of ciphering process and decrypting process both sides' traffic encryption algorithm can continue to be consistent.In view of the above, in the traffic encryption mode, can strengthen patience at the loss that transmits the transmission data that mistake etc. causes.
In addition, surpassed under the situation of count range of tally function in the loss number, identical with execution mode 2, can utilize the IV packet, make the state consistency of ciphering process and decrypting process both sides' traffic encryption algorithm.
[execution mode 5]
Figure 15 is the block diagram of formation of encryption device 1120 of the traffic encryption mode of expression embodiment of the present invention 5.In this Figure 15,, omit its explanation to giving identical symbol with each of Figure 10 corresponding part.In addition, decryption device also can use the decryption device of above-mentioned execution mode arbitrarily, omits its explanation.
In execution mode 5, as shown in figure 15, data analysis portion 1121 is set.The part of having only this data analysis portion 1121 to relate to is the variation point of comparing with the encryption device 1100 of Figure 10.Data analysis portion 1121 analyzes the data stream contents data of preserving in the TS packet.Data analysis portion 1121 analyzes by this, holds the processing unit of data stream contents data.The 1121 indication IV packet insertion section 1102a of data analysis portion are so that its processing unit by each data stream contents data inserts the IV packet.IV packet insertion section 1102a carries out the insertion of IV packet by the moment of data analysis portion 1121 indications.In view of the above, the processing unit by each data stream contents data inserts the IV packet.
Below, the kind difference of pressing data stream contents describes the IV packet insert action of present embodiment in detail.In addition,,, enumerate picture material, voice content and data broadcast content here as the example of data stream contents.
(picture material)
Under the situation that is picture material, insert the IV packet preserved the TS packet of reference map picture frame the next-door neighbour before.For example, in image encoding modes such as MPEG-1/2/4, generate 3 kinds of images that are called I image (Intra-Picture), P image (Predictive-Picture), B Picture (Bi-directional Predictive-Picture).Wherein, the I image is the reference map picture frame, is the frame of the benchmark when becoming the image deciphering.Therefore, in order to carry out normal image deciphering, it is important normally transmitting the I image.Therefore, as shown in figure 16, insert IV packet 1140 preserved the TS packet of I image 1130 the next-door neighbour before.In view of the above, the encryption and decryption of I image are being carried out beginning under the initialized state to the data stream cipher algorithm, so can stablize the deciphering of the enciphered data of carrying out the I image.In view of the above, can the realization of stable picture material regeneration be contributed.
In addition, H.264 waiting in the image encoding mode,, also generating the reference map picture frame that is called IDR (Instantaneous Decoder Refresh) image except above-mentioned 3 kinds of images.At this moment, also can before next-door neighbour IDR frame, insert the IV packet.
(voice content)
Under the situation that is voice content, insert the IV packet preserved the TS packet of speech frame the next-door neighbour before.For example, in digital broadcasting etc., in frame, transmit vocoded data with the head that is called ADTS (Audio DataTransport Stream).Begin speech frame from this ADTS head, so the benchmark when the ADTS head becomes the deciphering of vocoded data.Therefore, as shown in figure 17, insert IV packet 1140 preserve the TS packet of ADTS 1150 the next-door neighbour before.In view of the above, before next-door neighbour's speech frame, carry out the initialization of traffic encryption algorithm, in the encryption and decryption of the data stream cipher algorithm having been carried out beginning speech frame under the initialized state, so can stablize the deciphering of the enciphered data of carrying out speech frame.In view of the above, can the realization of stable voice content regeneration be contributed.
(data broadcast content)
Under the situation that is data broadcast content, insert the IV packet by the data unit (loop-around data) of each repeated broadcast.In view of the above, before next-door neighbour's loop-around data, carry out the initialization of traffic encryption algorithm, in the encryption and decryption of the data stream cipher algorithm having been carried out beginning loop-around data under the initialized state, so can stablize the deciphering of the enciphered data of carrying out loop-around data.In view of the above, can the realization of stable data broadcasted content regeneration be contributed.
More than, with reference to accompanying drawing, embodiments of the present invention are described, but concrete formation is not limited to present embodiment, also comprises the design alteration of the scope that does not break away from aim of the present invention etc.
For example, above-mentioned execution mode can used in the digit broadcasting system of portable terminal.In this case, in digital broadcasting, even because the transmission mistake of broadcast data etc., preserve the TS loss of packets of traffic encryption data, the state of the both sides' that broadcasting station side and portable terminal are distolateral traffic encryption algorithm becomes inconsistent, the accepting state that temporarily becomes digital broadcasting becomes instability, utilize IV packet after this, can make the state consistency of the distolateral both sides' of broadcasting station side and portable terminal traffic encryption algorithm, and make the accepting state of digital broadcasting return to good state.In view of the above, can help towards the quality raising of the digital broadcasting of portable terminal.
In addition, the present invention can use in various broadcast systems and communication system.
Industrial utilizability
According to the present invention, utilizing broadcast wave to provide in the situation of the content that is consisted of by a plurality of resources, Can provide various method of service to the user. In addition, according to the present invention, in traffic encryption side In the formula, can strengthen the patience for the loss that transmits the transmission data that mistake etc. causes.
Claims (38)
1. an encryption device provides the content that is made of a plurality of resources with broadcast wave, comprising:
Ciphering unit is encrypted described each resource of cryptographic object with each encryption key;
The packet generation unit, the packet of the enciphered data or the non-encrypted data of described each resource is preserved in generation respectively;
Transmitting element sends described packet.
2. license issuing device, for the content that constitutes by a plurality of resources, with each encryption key described each resource of cryptographic object is being carried out under the state of encrypting, is being provided for the licence that the encrypt asset when utilizing broadcast wave to provide is decrypted, comprising by communication line:
Memory cell is stored described licence;
Transmitting element sends the licence in the described memory cell;
Described licence is constituted by license identifier and decruption key;
Described license identifier represents that this licence becomes effective broadcasting area;
Each of described decruption key and cryptographic object resource is corresponding and be set up.
3. a decryption device for the content that is made of a plurality of resources, is being carried out utilizing broadcast wave to provide under the state of encrypting to described each resource of cryptographic object by each encryption key, comprising:
The broadcast reception unit receives packet with broadcast wave;
The allocation of packets unit, it distributes the packet with enciphered data according to the described packet that has received by the resource difference of cryptographic object;
The licence receiving element receives licence by communication line;
Decrypting device is decrypted the enciphered data in the packet that distributes by the resource difference of cryptographic object with each decruption key in the described licence that has received.
4. decryption device according to claim 3,
The licence holding unit that also has store licenses.
5. decryption device according to claim 3,
Also have the deciphering control unit, and should decipher control unit, control the deciphering that this licence becomes effective broadcasting area according to the license identifier in the licence.
6. decryption device according to claim 3,
Also have accumulative element, and this accumulative element accumulates the content that receives with broadcast wave.
7. decryption device according to claim 3,
Also have licence and obtain the unit, and this licence is obtained the unit and obtained the effective licence of broadcasting area in receiving by communication line.
8. decryption device according to claim 3,
Also have: display unit, in display frame, express and utilize broadcast wave receiving or the predetermined content that receives;
Designating unit specifies in the content of expressing in the described display frame;
Licence is obtained the unit, obtains and the corresponding licence of content based on the appointment of described designating unit by communication line.
9. decryption device according to claim 6,
Also have: display unit, in display frame, express the content that accumulates in the interior perhaps described accumulative element that utilizes broadcast wave receiving or be scheduled to receive;
Designating unit specifies in the content of expressing in the described display frame;
Licence is obtained the unit, obtains and the corresponding licence of content based on the appointment of described designating unit by communication line.
10. decryption device according to claim 8,
Described display unit is being expressed having or not of the licence corresponding with the content expressed in the described display frame in the display frame.
11. an encryption device comprises:
The initialization package generation unit with the initialization interval of traffic encryption algorithm, generates the initialization package that is kept at the initial value that uses in the initialization of traffic encryption algorithm;
Ciphering unit uses the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, carries out traffic encryption;
The encrypted packets generation unit generates the encrypted packets of preserving these traffic encryption data; Transmitting element sends described initialization package and described encrypted packets.
12. encryption device according to claim 11,
Described initialization package generation unit uses the corresponding initialization interval of medium kind with encrypted data.
13. encryption device according to claim 11,
A plurality of described ciphering units are set;
Described initialization package generation unit is kept at each initial value of described ciphering unit in the initialization package.
14. encryption device according to claim 11,
Described initialization package and described encrypted packets all are transmission package, its kind difference.
15. a decryption device comprises:
Receiving element receives initialization package and encrypted packets;
Decrypting device is used the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, and the traffic encryption data of preserving in the described encrypted packets are decrypted.
16. decryption device according to claim 15,
A plurality of described decrypting device are set;
Described decrypting device is used the described initial value of appointment, and the described traffic encryption data of appointment are decrypted.
17. decryption device according to claim 15,
Also has the counting unit that the loss number of described encrypted packets is counted;
Described decrypting device is carried out the idle running of the described deciphering corresponding with described loss number.
18. decryption device according to claim 16,
Also corresponding with described each decrypting device, the counting unit that the loss number of described encrypted packets is counted is set;
Described decrypting device is carried out the idle running of the described deciphering corresponding with described loss number.
19. decryption device according to claim 17,
Described decrypting device is prevented the idle running of described deciphering under the situation of the count range that surpasses described counting unit.
20. decryption device according to claim 15,
Described initialization package and described encrypted packet all are transmission package, its kind difference.
21. encryption device, comprise: initialization package is inserted the unit, in the packet string of preserving the data stream contents data,, insert the initialization package of having preserved the initial value that in the initialization of traffic encryption algorithm, uses by the processing unit of each data stream contents data;
Ciphering unit uses the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, carries out the traffic encryption of described data stream contents data;
Transmitting element sends the encrypted packets and the described initialization package of preserving these encrypted data stream contents data.
22. encryption device according to claim 21,
Described initialization package is inserted the unit and inserted described initialization package before the packet of next-door neighbour's preservation reference map picture frame.
23. encryption device according to claim 22,
Described reference map picture frame is I image or IDR image.
24. encryption device according to claim 21,
Described initialization package is inserted the unit and inserted described initialization package before the packet of next-door neighbour's preservation speech frame.
25. encryption device according to claim 24,
Described initialization package is inserted the unit, inserts described initialization package before the packet of next-door neighbour's preservation ADTS head.
26. encryption device according to claim 21,
Described initialization package is inserted the unit, in the packet string of preserving the data broadcast content data, by the data unit of each repeated broadcast, inserts described initialization package.
27. a content data generation method uses the initial value of preserving in the initialization package, to the initialization of data stream cipher algorithm, the data stream contents data is carried out traffic encryption,
In the packet string of preserving the data stream contents data,, insert the initialization package of having preserved the initial value that in the initialization of traffic encryption algorithm, uses by the processing unit of each data stream contents data.
28. content data generation method according to claim 27,
Inserted described initialization package preserved the packet of reference map picture frame the next-door neighbour before.
29. content data generation method according to claim 28,
Described reference map picture frame is I image or IDR image.
30. content data generation method according to claim 27,
Inserted described initialization package preserved the packet of speech frame the next-door neighbour before.
31. content data generation method according to claim 30,
Inserted described initialization package preserved the packet of ADTS head the next-door neighbour before.
32. content data generation method according to claim 27,
In the packet string of having preserved the data broadcast content data,, insert described initialization package by the data unit of each repeated broadcast.
33. encryption device according to claim 11,
Described ciphering unit for the content that is made of a plurality of resources, is encrypted described each resource of cryptographic object with each encryption key;
Described encrypted packets generation unit, the packet of the enciphered data or the non-encrypted data of described each resource is preserved in generation respectively;
Described transmitting element sends the described packet that described encrypted packets generation unit generates.
34. encryption device according to claim 1,
Described encryption device also has the initialization package generation unit, and this initialization package generation unit generates the initialization package of the initial value that uses in the initialization of preserving the traffic encryption algorithm with the initialization interval of traffic encryption algorithm;
Described ciphering unit uses the initial value of preserving in the described initialization package, and the data stream cipher algorithm is carried out initialization, carries out traffic encryption.
35. according to claim 33,34 described encryption devices,
Described initialization package generation unit uses the corresponding initialization interval of medium kind with encrypted data.
36. according to claim 33,34 described encryption devices,
A plurality of described ciphering units are set;
Described initialization package generation unit is saved in each initial value of described ciphering unit in the initialization package.
37. according to claim 33,34 described encryption devices,
Described initialization package and described encrypted packet all are transmission package, its kind difference.
38. a broadcast system utilizes broadcast wave that content is provided, and comprising:
Add compact part, each content that is made of a plurality of resources is encrypted, generate the packet of the enciphered data or the non-encrypted data of preserving described each resource respectively, and send with each encryption key;
The licence distribution unit sends the licence that is used for described enciphered data is decrypted by communication line;
Decryption part receives described packet, and the packet with described enciphered data is distributed by the resource difference of cryptographic object, uses the described licence that receives by described communication line, and described enciphered data is decrypted;
Described licence have license identifier that this licence of expression becomes effective broadcasting area and with the combination of each corresponding decruption key of the described resource of cryptographic object;
Described decryption part is decrypted the described enciphered data in the described packet that distributes by the described resource difference of cryptographic object with each the described decruption key in the described licence that receives.
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP137004/2006 | 2006-05-16 | ||
| JP2006137002A JP5042524B2 (en) | 2006-05-16 | 2006-05-16 | ENCRYPTION DEVICE, DECRYPTION DEVICE, CONTENT DATA GENERATION METHOD |
| JP2006137004A JP5698425B2 (en) | 2006-05-16 | 2006-05-16 | Decoding device |
| JP137002/2006 | 2006-05-16 | ||
| PCT/JP2007/060060 WO2007132895A1 (en) | 2006-05-16 | 2007-05-16 | Encryption device, decryption device, license issuing device, and content data generation method |
Related Child Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010529724.7A Division CN102035829B (en) | 2006-05-16 | 2007-05-16 | Encryption apparatus, decryption apparatus, licensing apparatus and content data generation method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101444096A true CN101444096A (en) | 2009-05-27 |
| CN101444096B CN101444096B (en) | 2013-06-05 |
Family
ID=38844415
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007800174980A Expired - Fee Related CN101444096B (en) | 2006-05-16 | 2007-05-16 | Encryption device, decryption device, license issuing device, and content data generation method |
Country Status (2)
| Country | Link |
|---|---|
| JP (1) | JP5042524B2 (en) |
| CN (1) | CN101444096B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102582536A (en) * | 2010-12-17 | 2012-07-18 | Nxp股份有限公司 | Pairing of angle sensor and electronic control unit |
| CN104717059A (en) * | 2013-12-16 | 2015-06-17 | 国际商业机器公司 | Multiband encryption engine and a self testing method thereof |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH11346214A (en) * | 1998-06-02 | 1999-12-14 | Nec Corp | Multi-address distribution system |
| KR100610523B1 (en) * | 1998-07-13 | 2006-08-09 | 소니 가부시끼 가이샤 | Program distribution system, program transmission method and conditional access system |
| US6865555B2 (en) * | 2001-11-21 | 2005-03-08 | Digeo, Inc. | System and method for providing conditional access to digital content |
| JP2003333032A (en) * | 2002-05-15 | 2003-11-21 | Oki Electric Ind Co Ltd | Encryption processing method and encryption processor |
| JP2005318041A (en) * | 2004-04-27 | 2005-11-10 | Victor Co Of Japan Ltd | Stream data transmission apparatus, stream data reception apparatus, and stream data transmission/reception system |
-
2006
- 2006-05-16 JP JP2006137002A patent/JP5042524B2/en not_active Expired - Fee Related
-
2007
- 2007-05-16 CN CN2007800174980A patent/CN101444096B/en not_active Expired - Fee Related
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102582536A (en) * | 2010-12-17 | 2012-07-18 | Nxp股份有限公司 | Pairing of angle sensor and electronic control unit |
| US8966289B2 (en) | 2010-12-17 | 2015-02-24 | Nxp B.V. | Pairing of angle sensor and electronic control unit |
| CN104717059A (en) * | 2013-12-16 | 2015-06-17 | 国际商业机器公司 | Multiband encryption engine and a self testing method thereof |
| CN104717059B (en) * | 2013-12-16 | 2018-01-26 | 国际商业机器公司 | Method and system for self-test encryption/decryption rounds |
| US10157282B2 (en) | 2013-12-16 | 2018-12-18 | International Business Machines Corporation | Multiband encryption engine and a self testing method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101444096B (en) | 2013-06-05 |
| JP5042524B2 (en) | 2012-10-03 |
| JP2007311939A (en) | 2007-11-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11102553B2 (en) | Systems and methods for secure playback of encrypted elementary bitstreams | |
| US11552786B2 (en) | System and method for authenticating data while minimizing bandwidth | |
| US9553725B2 (en) | System and method for authenticating data | |
| CN102035829B (en) | Encryption apparatus, decryption apparatus, licensing apparatus and content data generation method | |
| KR101364462B1 (en) | Method and device for authorising conditional access | |
| US9479825B2 (en) | Terminal based on conditional access technology | |
| US20070189525A1 (en) | Method and system providing scrambled content | |
| CN105409234A (en) | Systems and methods for performing transport I/O | |
| CN100592787C (en) | Method and condition access system for contents protection | |
| EP2772062B1 (en) | Constructing a transport stream | |
| US20080298580A1 (en) | Content delivery server and content delivery system | |
| US20110113443A1 (en) | IP TV With DRM | |
| CN101505400B (en) | Bi-directional set-top box authentication method, system and related equipment | |
| CN101444096B (en) | Encryption device, decryption device, license issuing device, and content data generation method | |
| CN103595540B (en) | Security processing and system and information household appliances equipment | |
| US9294788B2 (en) | Method, cryptographic system and security module for descrambling content packets of a digital transport stream | |
| CN102595197B (en) | Transfer system protection method and device | |
| RU2339182C2 (en) | Method of storage and protection of data generated by protection module | |
| CN105306975A (en) | Control word safe transmission method and system without binding smart card with set top box | |
| JP5698425B2 (en) | Decoding device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130605 Termination date: 20180516 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |