JP2006295987A - Decoding method and apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To properly decode cryptogram information encrypted by an encryption method, with which security is further improved, as compared to those of prior art. <P>SOLUTION: A cryptograph key is generated by a cryptograph-key generator 27 by using a plurality of information. Input information is unitized by a unitizer 23, while cryptography control information that specifies a plurality of information, on which the cryptograph key is based is added thereafter by a cryptography control information storage unit 24, and is encrypted by an encryptor 25. In decoding the unitized cryptogram information, the information on which the cryptograph key of each unit is based is specified by using the cryptography control information maintained in each unit, the cryptograph key is generated from the information on which the cryptographic key of each unit is based, and the decoding is executed by using the cryptographic key. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a decryption method and apparatus, and more particularly to a decryption method and apparatus corresponding to an encryption method that performs encryption using an encryption key created using a plurality of pieces of information.

  With the development of encryption technology, a digital content distribution management method and a digital content reproduction method disclosed in Japanese Patent Laid-Open No. 10-269289 are useful methods for distributing audio and video digital data using a network. Are known. In this method, the digital content distribution side encrypts and compresses the digital content, processes the processed digital content, the encrypted content key, and transmits the encrypted billing information to the communication partner. The usage fee collected based on the content usage information transmitted from the other party is distributed to the right holder. On the other hand, on the digital content playback side, the processed digital content is decrypted with the content key, decompressed and played back, and at the same time, the billing information reduction and content usage information are sent to the distribution side according to the content usage. To do. This makes it possible to carry the recorded content.

  Japanese Patent Laid-Open No. 10-283268 discloses an encryption in which encrypted information encrypted on an information recording medium and key information for decrypting the encrypted information into original information are encrypted. In the case where the key information is recorded, condition information for decrypting the encrypted information is additionally recorded in the encrypted key information in an unencrypted state. That is, by including device information and area information in the control information of the encryption key information, the information encrypted on the user side is copied as it is to the HDD or the optical disk to prevent unauthorized use.

Japanese Patent Application Laid-Open No. 7-140896 discloses that a plaintext file is divided into plaintext units having the smallest data size that can exchange data between a data area on a memory used by an application program and a disk buffer. The plaintext unit is separately encrypted with a user key to generate a ciphertext block, and then the generated n ciphertext units are concatenated to obtain a ciphertext file. According to this method, since the application program encrypts the plain text file for each smallest data size that allows partial operations such as overwriting on the file, any operation can be performed in the application program. Both can be correctly restored to the original plaintext file at any time.
JP-A-10-269289 Japanese Patent Laid-Open No. 10-283268 JP-A-7-140896

  However, in the conventional methods disclosed in the above Japanese Patent Laid-Open Nos. 10-269289 and 10-283268, reproduction is restricted to prevent unauthorized use. However, the restriction information can be easily changed. It may be possible to prevent the reproduction under an illegal condition.

  Further, according to the method disclosed in Japanese Patent Laid-Open No. 7-140896, encryption can be performed by decomposing into predetermined units and partial editing can be performed later. However, there is room for improvement in order to further improve security. was there.

  The present invention has been made paying attention to the above-described points, and provides a decryption method and apparatus for accurately decrypting information encrypted by an encryption method capable of improving security as compared with the prior art. For the purpose.

In order to achieve the above object, the invention described in claim 1
A decryption method for decrypting ciphertext information into plaintext information,
Plain text information unitized for each predetermined packet unit conforming to a predetermined number of MPEGs is encrypted in units using an encryption key generated using a plurality of pieces of information specified for each unit. Using the cipher control information for identifying the plurality of pieces of information used as the encryption key used for encrypting the unit, added to each unit of the unitized ciphertext information, An encryption key generating step of identifying the plurality of information that is the basis of the encryption key used for encrypting a unit, and generating an encryption key from the specified plurality of information;
A decryption step of decrypting the ciphertext information of the unit into plaintext information using the encryption key generated by the encryption key generation step;
It is characterized by providing.

The invention described in claim 2
A decryption device that decrypts ciphertext information into plaintext information,
Plain text information unitized for each predetermined packet unit conforming to a predetermined number of MPEGs is encrypted in units using an encryption key generated using a plurality of pieces of information specified for each unit. Using the cipher control information for identifying the plurality of pieces of information used as the encryption key used for encrypting the unit, added to each unit of the unitized ciphertext information, An encryption key generating means for specifying the plurality of pieces of information used as the basis of the encryption key used for encrypting a unit, and generating an encryption key from the specified pieces of information;
Decryption means for decrypting the ciphertext information of the unit into plaintext information using the encryption key generated by the encryption key generation means;
It is characterized by providing.

  Cryptographic control for specifying multiple pieces of information that are the basis of the encryption key used for encryption of each unit of ciphertext information unitized for each predetermined number of packets conforming to MPEG The invention according to claim 1 or 2, wherein ciphertext information encrypted by an encryption method capable of easily changing an encryption key in units of units by adding information and improving security is provided. According to this, it is possible to properly decode.

  That is, according to the first or second aspect of the invention, the cipher control information for identifying a plurality of pieces of information that is the basis of the cipher key added to each unit of ciphertext information that is unitized is provided. To identify the information that is the basis of the encryption key of the unit, create the encryption key of the unit from the information that is the basis of the specified encryption key, and convert the encrypted ciphertext information to plaintext information. Since decryption is possible, it is possible to easily cope with changes in the encryption key in units, and correct decryption can be performed.

Embodiments of the present invention will be described below with reference to the drawings.
FIG. 1 is a block diagram showing a configuration of an information recording / reproducing apparatus according to an embodiment of the present invention. This apparatus includes an MPEG encoder 22 that converts an analog input image signal and an audio signal into a digital signal conforming to MPEG (Motion Picture Expert Group), and a unitizer 23 that unitizes the digital signal output from the MPEG encoder 22. The encryption control information recorder 24 for adding the encryption control information to the unitized digital information, the encryption key generator 27 for generating the encryption key for encryption, and the encryption key generated by the encryption key generator 27 And an encryption unit 25 that encrypts information input from the encryption control information recorder 24, a recording controller 26 that performs control at the time of recording, a user interface 21 to which a user operation is input, and a recording Library information management that sometimes formats library information such as program title, recording start date and time into a predetermined structure 20, a library information reader / writer 19 that reads and writes library information, a content information reader / writer 11 that writes content information to the recording medium 1 and reads out the written content information, and cryptographic control based on the read information Using the encryption key generated by the encryption control information regenerator 12 for extracting information and the like, the encryption key generator 13 for generating a decryption encryption key, and the encryption key generated by the encryption key generator 13, the read information is decrypted. An encryption / decryption unit 14 for performing the processing, a de-unitizing unit 15 for returning the unitized data, a reproduction controller 16 for controlling the content information reader / writer 11 during reproduction, and an analog of the reproduced digital signal. An MPEG decoder 17 that converts the image signal into an analog audio signal and outputs it to the monitor 18 is provided.

Next, an outline of the operation during reproduction of the apparatus shown in FIG. 1 will be described.
When an instruction to view detailed information of a predetermined program is input from the user interface 21, the control CPU (not shown) records the library information in which the content attributes and description are structured and recorded by the content information reader / writer 11 as a recording medium. Read from 1. The library information is SIDE. The file name is ifo, which is described in the structure shown in FIGS. Details of this structure will be described later. In the library information, information on a program unit and information on a unit (index) obtained by dividing the program every predetermined time interval are recorded. Each of them describes at least content description information corresponding to the data. The library information manager 20 analyzes the library information, inserts a library information screen into a predetermined program information display format that is easy for the user to understand, and lays out and transmits the image data to the monitor 18.

  When the user obtains the detailed information of the program by the monitor 18, the user decides the program to be viewed on the user interface 21, inputs the number of the program to be viewed with a remote controller or the like, and presses the playback start button. When the playback start button is pressed, the control CPU transmits a playback start signal to the playback controller 16 as a control signal. The reproduction controller 16 transmits a reproduction start signal to the content information reader / writer 11. The content information reader / writer 11 reads audio and video information corresponding to the program from the recording medium 1 and transmits the information to the encryption control information player 12. The encryption control information regenerator 12 detects a unit reset identifier as shown in FIG. The encryption key generator 13 specifies information that is the basis of the encryption key, generates an encryption key based on the information, and transmits the generated encryption key to the encryption / decryption device 14. The encryption / decryption device 14 decrypts the content information based on the input encryption key and the encrypted content information, and transmits the decrypted content information to the MPEG decoder 17 via the reproduction controller 16. Audio or video information data is recorded on the recording medium 1 in the structure shown in FIG. The audio and image signals decoded by the MPEG decoder 17 are converted into a predetermined display format and transmitted to the monitor 18. The monitor 18 outputs the program sound and displays an image. On the other hand, for the signal output from the MPEG decoder 17, the playback controller 16 manages the number of frames from the start of the program of the image currently being played back, and the playback controller 16 ends playback when observing the end point. The control signal is transmitted to the content information reader / writer 11 to complete the data reading.

Next, the outline of the recording operation of the apparatus shown in FIG. 1 will be described.
The user gives an instruction to record an input image from, for example, a broadcast on the user interface 21 by pressing a recording start button. When the recording start button is pressed, a control CPU (not shown) transmits a control signal to the recording controller 26. On the other hand, information such as the title of the recorded content program is input from the user interface 21, and the information is transmitted to the library information manager 20. The library information manager 20 formats information such as a program title and recording start date and time into the structures shown in Tables 1, 2, and 3 described later, and transmits the formatted information to the library information reader / writer 19. To do. The library information reader / writer 19 records these pieces of information on the recording medium 1 with the structure shown in FIGS. 2, 3, and 4 to be described later.

  On the other hand, the input signal is encoded by the MPEG encoder 22 in response to the recording start signal from the recording controller 26 and transmitted to the unitizer 23. As shown in FIG. 5, the unitizer 23 unitizes MPEG transport stream packets into a predetermined number and secures a TS unit header area at the head of the head packet, and an encryption key as shown in FIG. The encryption control information for specifying the information that is the basis of the above is recorded and transmitted to the encryptor 25.

  The user sets, for example, a content security level in the user interface 21. A control CPU (not shown) transmits the information to the encryption key generator 27 as encryption control information. In the encryption key generator 27, based on the encryption control information, information that becomes the basis of the encryption key is specified by a method described later, and an encryption key is generated. This encryption key is transmitted to the encryptor 25. At the same time, the encryption control information is transmitted to the encryption control information recorder 24. The encryptor 25 encrypts the part other than the TS unit header using the encryption key input from the encryption key generator 27 and transmits the encrypted part to the recording controller 26. When the data to be written is stored in a predetermined unit of memory in the recording controller 26, the recording information is transmitted to the content information writer 11 according to an instruction from a control CPU (not shown), and the content information reader / writer 11 encrypts the content. The converted compressed data is recorded on the recording medium 1 with the structure shown in FIG.

  Next, the format of the side information (library information) recorded on the recording medium 1 will be described with reference to FIGS. 2, 3, and 4, Table 1, Table 2, and Table 3. As shown in FIG. 2, a folder named TAPE_LIB is created under the ROOT on the recording medium 1, and side information is recorded under the file name SIDEn.ifo from SIDEO.ifo for a plurality of programs under the ROOT. .

  The format of SIDEj.ifo (j = 1 to n) has a hierarchical structure as shown in FIG. TOTAL_MANAGER_IFO is defined at the top, including GENERAL_IFO and CNTNT_IFO. GENERAL_IFO describes parameters related to the entire information group. The details have a syntax structure as shown in Table 1.

表１において、System_IDはこのフォーマットでかかれた情報体であることを示すＩＤである。Versionはバージョンナンバーを記述する。Character Setは後述するプログラムのテキストインフォメーションを記述しているテキストコードを記述するものである。Num of CNTNT_IFOは後述するPR_IFOの数である。Start Adrs of CNTNT_IFOはPR_IFO_Oの先頭アドレスを記述するものである。

In Table 1, System_ID is an ID indicating an information body written in this format. Version describes the version number. Character Set describes a text code that describes text information of a program to be described later. Num of CNTNT_IFO is the number of PR_IFO described later. Start Adrs of CNTNT_IFO describes the start address of PR_IFO_O.

  Next, CNTNT_IF0 (FIG. 3) describes PR_IFO_0 to PR_IFO_n as information for each of a plurality of programs. Details are shown in Table 2.

表２において、End Adrs of PR_IFOはPR_1FOの終了アドレスである。PR numberは自分自身のプログラムナンバである。Playback Timeはそのプログラムの再生時間である。Num of INDEXはそのプログラム中をさらにいくつかのシーンに分けたもの（INDEX）の数である。Rec Dateはそのプログラムを記録した日付、Rec Timeは時刻である。PR text information sizeは後に続くプログラムに簡単な説明をつけるときのテキストインフォメーションのバイト数である。PR text informationはテキストインフォメーション情報である。Content nibbleはプログラムのジャンル情報である。Ｖ_ATRはビデオの画素サイズやビットレート、圧縮パラメータ関連の情報である。A_ATRはオーディオに関するビットレート、チャンネル数などの情報である。

In Table 2, End Adrs of PR_IFO is the end address of PR_1FO. PR number is your own program number. Playback Time is the playback time of the program. Num of INDEX is the number of the program divided into several scenes (INDEX). Rec Date is the date when the program was recorded, and Rec Time is the time. PR text information size is the number of bytes of text information when a brief explanation is given to the program that follows. PR text information is text information information. Content nibble is the genre information of the program. V_ATR is information related to video pixel size, bit rate, and compression parameters. A_ATR is information such as the bit rate and the number of channels related to audio.

  In the lower hierarchy, there is a structure INDEX_IFO that allows a part of the program to be registered as an index. The format of this structure is as shown in FIG. Table 3 shows the syntax of INDEX_IFO.

表３において、End Adrs of INDEX_IFOはINDEX_IFOの終了アドレスである。INDEX numberはプログラム内のINDEXの通しナンバである。Playback TimeはINDEXの再生時間である。Start frame of INDEXはINDEXのスタートフレームナンバである。End frame of INDEXはINDEXのエンドフレームナンバーである。

In Table 3, End Adrs of INDEX_IFO is the end address of INDEX_IFO. INDEX number is the serial number of INDEX in the program. Playback Time is the playback time of INDEX. Start frame of INDEX is the start frame number of INDEX. End frame of INDEX is the end frame number of INDEX.

  Next, an encryption key generation method that can be supported by the present embodiment and encryption control information for specifying information based on the encryption key will be described. In the TS unit header described above, as shown in FIG. 6, a unit reset identifier and encryption control information specifying the original information of the encryption key are recorded. The unit reset identifier has a bit indicating whether or not it is encrypted with 2 bits, and a bit indicating whether or not to reset an initial value of an encryption key to be described later. The encryption control information for specifying the information on the encryption key is assigned 8 bits to indicate whether the information used for the encryption key is used (1) or not (0). Recorded as bits. Examples of information on which the encryption key is based include, for example, a program number, information on a region defining a country, region, and space, information on an individual identification ID, information on an identification ID for identifying a group of a plurality of people, and rating Information, information related to the identification ID of the device manufacturer, information related to the identification ID of the content provider, information related to the time, information related to the content authorer, information related to the unique ID of the playback device that reproduces the content, information related to the unique ID of the connected device, Information relating to the unique ID of the recorded medium, information relating to the ID for identifying the content, information relating to charging, etc. are used. Of these, eight sources (seeds) that are actually used can be selected here. As shown in FIG. 7, a seed selector selects a seed corresponding to a place where one bit is set, and inputs each into a hash function (a function that associates a numerical value with a character string), thereby obtaining a predetermined value. The encryption key of the number of bits is calculated. The encryption method used here may be any publicly available encryption method as long as it uses a cryptographic key. For example, in the case of the DES (Data Encryption Standard) method, the hash function may be designed so as to output a 56-bit encryption key.

  In addition, as shown in FIG. 8, a group of seeds to be used in advance is set, and, for example, four such groups can be described, and encryption control information for specifying the original information of the encryption key is configured with 4 bits. You may do it. In this case, the bit length of the encryption control information specifying the original information of the encryption key can be shortened, so that there is an effect of reducing the data amount. In addition, as shown in FIG. 9, a number from 0 to 3 may be associated with the four groups, and a 2-bit identifier for identifying the group may be described. In this case as well, the bit length of the encryption control information for specifying the original information of the encryption key can be shortened, so that there is an effect of reducing the data amount.

  Also, the encryption control information may be parameter information related to encryption including not only specifying the source of the encryption key but also encryption initial value information. For example, DES has a mode (CBC mode or the like) for performing a chain of cipher blocks, and for this purpose, the first initial value of the chain can be set. The initial value can set a bit indicating whether or not to reset in the unit reset identifier so that the initial value can be valid at a predetermined time. This initial value can also be used as a means for improving the security of the cryptographic system depending on the device. If the method of the present embodiment is used, for example, a plurality of pieces of information are initially stored, and it is possible to indicate which one of them is used to configure an initial value by using an encryption control information bit. For example, as shown in FIG. 8, 8 bits are assigned to the encryption control information and recorded as bits indicating whether (1) or not (0) each uses the initial value information. As the initial value information, for example, the program number, the information about the region defining the country, the region, and the space, the information about the personal identification ID, the information about the identification ID for identifying a group of a plurality of people, the information about the rating, the device Information relating to the manufacturer's identification ID, information relating to the content provider's identification ID, information relating to the time, information relating to the content authoring person, information relating to the unique ID of the playback device that reproduces the content, information relating to the unique ID of the connected device, and content recorded Information relating to the unique ID of the media, information relating to the ID for identifying the content, information relating to charging, etc. are used. Of these, eight pieces of initial value information to be actually used can be selected here. As shown in FIG. 11, an initial value selector selects an initial value corresponding to a place where 1 bit is set, and inputs each to an XOR function (function for performing an exclusive OR operation). The initial value of a predetermined number of bits is calculated. This encryption method may be any publicly available encryption method as long as it uses the initial value. For example, in the case of the DES CBC mode, the XOR function may be designed together with the bit length adjustment so as to output a 64-bit block initial value.

  In addition, as shown in FIG. 12, encryption control information for specifying initial value information with 4 bits can be configured by setting a group of initial values to be used in advance and describing four such groups, for example. good. In this case, since the bit length of the encryption control information specifying the initial value information can be shortened, there is an effect of reducing the data amount. Further, as shown in FIG. 13, a number from 0 to 3 may be associated with the four groups, and a 2-bit identifier for identifying the group may be described. In this case as well, since the bit length of the encryption control information specifying the initial value information can be shortened, there is an effect of reducing the data amount.

  In the above-described embodiment, an example in which the present invention is applied to an information recording / reproducing apparatus has been described. However, the present invention can also be applied to an information communication apparatus as shown in FIG. The apparatus shown in FIG. 14 replaces the content information reader / writer 11 of FIG. 1 with a content information MUX / DEMUX unit 33, and transmits / receives content information via the transmission / reception controller 32 and the antenna 31. is there. Other than these components, the apparatus is the same as that of FIG.

  In this apparatus, the content information and library information are multiplexed and transmitted by the content information MUX / DEMUX unit 33, and the multiplexed and transmitted content information and library information are received, and the content information MUX / DEMUX is received. Separation is performed by the vessel 33. At this time, the transmission / reception controller 32 controls transmission / reception of content information.

  Further, the recording medium 1 on which the signal data of the ciphertext information is recorded has an effect peculiar to the medium that the reproduction apparatus can reproduce the medium data by using the encryption control information, and this encryption control information is used. Thus, it is possible to improve the encryption security, and it is possible to suitably realize a content information delivery / distribution system such that a business such as a pre-recorded recording medium having high security can be realized.

  The recording medium 1 includes a medium capable of recording data such as a magnetic disk, a magnetic tape, and an optical disk.

It is a block diagram which shows the structure of the information recording / reproducing apparatus concerning one Embodiment of this invention. It is a figure which shows the file structure in the case of recording library information on a recording medium. It is a figure which shows the structure in the file shown in FIG. FIG. 4 is a diagram showing a lower structure of the structure shown in FIG. 3. It is a figure which shows the data format on a recording medium. It is a figure which shows the example of a format of encryption control information. It is a figure for demonstrating the procedure which produces | generates an encryption key from encryption control information. It is a figure which shows the example of a format of encryption control information. It is a figure which shows the example of a format of encryption control information. It is a figure which shows the example of a format of encryption control information. It is a figure for demonstrating the procedure which produces | generates an initial value from encryption control information. It is a figure which shows the example of a format of encryption control information. It is a figure which shows the example of a format of encryption control information. It is a block diagram which shows the structure of the information transmission / reception apparatus concerning other embodiment of this invention.

Explanation of symbols

12 Encryption Control Information Regenerator 13 Encryption Key Generator (Encryption Key Generation Means)
14 Cryptographic decoder (decryption means)
DESCRIPTION OF SYMBOLS 15 Reverse unitization machine 23 Unitization machine 24 Encryption control information recorder 25 Encryption machine 27 Encryption key generator

Claims (2)

A decryption method for decrypting ciphertext information into plaintext information,
Plain text information unitized for each predetermined packet unit conforming to a predetermined number of MPEGs is encrypted in units using an encryption key generated using a plurality of pieces of information specified for each unit. Using the cipher control information for identifying the plurality of pieces of information used as the encryption key used for encrypting the unit, added to each unit of the unitized ciphertext information, An encryption key generating step of identifying the plurality of information that is the basis of the encryption key used for encrypting a unit, and generating an encryption key from the specified plurality of information;
A decryption step of decrypting the ciphertext information of the unit into plaintext information using the encryption key generated by the encryption key generation step;
A decoding method comprising: A decryption device that decrypts ciphertext information into plaintext information,
Plain text information unitized for each predetermined packet unit conforming to a predetermined number of MPEGs is encrypted in units using an encryption key generated using a plurality of pieces of information specified for each unit. Using the cipher control information for identifying the plurality of pieces of information used as the encryption key used for encrypting the unit, added to each unit of the unitized ciphertext information, An encryption key generating means for specifying the plurality of pieces of information used as the basis of the encryption key used for encrypting a unit, and generating an encryption key from the specified pieces of information;
Decryption means for decrypting the ciphertext information of the unit into plaintext information using the encryption key generated by the encryption key generation means;
A decoding device comprising:

Images