JP2008109425A - Communication system and information transmitting method using this - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a communication system, which transmits information from one communication device to the other communication device, capable of avoiding such state as information is tapped during transmission and its content is leaked, to the utmost. <P>SOLUTION: The communication system includes, when transmitting transmission information from a second communication device to a first communication device, a step in which the first communication device acquires a session key, a step in which the second communication device acquires a secret key and a transmission information, a step in which the first communication device encrypts the session key with a public key and then transmits the session key to the second communication device, a step in which the second communication device receives the session key and decrypts it using the secret key, and a step in which the second communication device encrypts the transmission information using the session key that has been decrypted and then transmits the transmission information to the first communication device. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a communication system that transmits information from one device to the other device, and an information transmission method using the communication system.

  Conventionally, devices that perform communication between different devices using, for example, infrared rays as a medium (each such device is referred to as a “communication device”, and each communication device is collectively referred to as a “communication system”) have been widely used. ing. Such a communication system transmits information owned by one side to the other side, and can realize, for example, a remote control function in a television broadcast receiver.

JP-A-11-004424 JP 2005-277975 A

  In the communication system as described above, when information is transmitted from one side to the other side, the information may be intercepted. For example, if the communication means is based on infrared communication, the information may be copied by a learning remote controller or the like.

  Such a situation, for example, related to TV broadcasting of a pay program, leads to a problem such that the key information is illegally copied if only the payer can receive the key information and release the scramble. There is a fear.

  In addition, a method of performing encryption processing when transmitting information from one device and releasing the encryption after being transmitted to the other side is also conceivable, but the key information used for this encryption or descrambling is If it is easily obtained or decrypted by a third party, a sufficient effect cannot be obtained.

  Therefore, in view of the above-described problems, the present invention avoids a situation where the content leaks even if the information is intercepted during transmission in a communication system that transmits information from one communication device to the other communication device. It is an object of the present invention to provide a communication system that can do this. It is another object of the present invention to provide a pay program providing system using such a communication system.

  In order to achieve the above object, a communication system according to the present invention is a communication system having a predetermined first communication device and a second communication device capable of communicating with the first communication device. In transmitting predetermined transmission information from the communication device to the first communication device, the first communication device acquires public key information and session key information for encrypting the transmission information. A second step in which the second communication device acquires secret key information and the transmission information; and a fourth step in which the first communication device performs an encryption process on the session key information using the public key information. And then transmitting the session key information to the second communication device, and the second communication device receives the session key information and uses the secret key information for the encryption. A sixth step of canceling, and the second communication device performs encryption processing on the transmission information using the session key information that has been decrypted, and then transmits the transmission information to the first communication It is assumed that the processing (first configuration) includes the seventh step of transmitting to the apparatus.

  According to this configuration, the transmission information transmitted from the second communication device to the first communication device is encrypted with the session key information. Therefore, even if the transmission information is intercepted, the content can be prevented from leaking unless the encryption is decrypted.

  In addition, since the session key information is encrypted with the public key information and transmitted to the second communication device, even if the session key information is intercepted, leakage of the contents is prevented unless the cipher is decrypted. Can do. As described above, when information is transmitted from one communication device (second communication device) to the other communication device (first communication device), a situation in which the information is intercepted during transmission and the content leaks is avoided as much as possible. It becomes possible to do.

  Here, “transmission / reception” displays information to be transmitted as image information in a format such as a QR code (registered trademark, hereinafter the same), for example, on the screen of the transmission side device, and the reception side captures this as an image by the imaging means. A method of acquiring information transmitted by decoding this later is also included.

  More specifically, as the first configuration, the first communication device and the second communication device have infrared communication means for performing infrared communication with each other, and in the seventh step, the second communication The process in which the device transmits the transmission information to the first communication device may be configured to be executed through the infrared communication means (second configuration).

  In the first or second configuration, the first communication device includes an image display device that displays an image, and the session key information encrypted by the public key information is converted into a QR code. The QR code may be configured to display an image (third configuration).

  According to this configuration, when the second communication device includes a device that reads a QR code, it is possible to execute the process of the fifth step only by displaying the QR code on the screen.

  Further, in any one of the first to third configurations, the first communication device has a random number generating means for generating a random number, and the random number is used as the session key information (fourth configuration). ).

  More specifically, as the fourth configuration, the first communication device receives the transmission information by the processing of the seventh step, and encrypts with the session key information applied to the transmission information. A configuration (fifth configuration) in which the random number is newly generated and the session key information is updated each time is released.

  According to this configuration, the content of the session key is updated every time (every encryption and decryption by the session key is performed). For this reason, even if the content of one session key is leaked, it is possible to minimize problems caused by this.

  In addition, for a communication system having a predetermined first communication device and a second communication device capable of communicating with the first communication device, a predetermined transmission from the second communication device to the first communication device. A method for transmitting trust information, wherein the first communication device causes the first communication device to acquire session key information for encrypting the public key information and the transmission information, and the second communication device. And obtaining the secret key information and the transmission information, and causing the first communication device to perform encryption processing on the session key information using the public key information, and then executing the session A fifth step of transmitting key information to the second communication device; and a process of causing the second communication device to receive the session key information and canceling the encryption using the secret key information. A sixth step of causing the second communication device to perform an encryption process on the transmission information using the decrypted session key information, and then transmitting the transmission information to the first communication device; A method of content (sixth content) including the seventh step to be transmitted to the communication device is also useful. According to the method of this content, the advantage which concerns on the said 1st structure can be enjoyed.

  A television program providing system according to the present invention includes a television broadcast receiving device as the first communication device and a communication terminal as the second communication device, and the communication according to any one of the first to fifth configurations. A television program providing system capable of communicating with the system, a television broadcast station that broadcasts a television program, and the communication terminal, and having a communication server that holds the secret key information and the transmission information; A first step in which the television broadcast station transmits the public key to the television broadcast receiver; a second step in which the communication server transmits the secret key information and the transmission information to the communication terminal; A configuration (seventh configuration) for executing a process including:

  According to this configuration, for example, if the video data of the program is scrambled before being broadcast, and the transmission information is key information for canceling the scramble processing, viewing restrictions on the program Can be easily executed. In other words, if the private key information and the key information (transmission information) are transmitted to the communication terminal only when viewing is permitted through the communication server, the scramble cannot be released unless the permission is made. It becomes.

  In the seventh configuration, in the process of the second step, the communication server uses the communication method such as SSL (Secure Socket Layer) that can prevent leakage of communication data, and transmits the secret key information and the transmission key. It is good also as a structure (8th structure) which transmits trust information to the said communication terminal. According to this structure, the process of the said 2nd step can be performed more safely.

  The communication system according to any one of claims 1 to 5, further comprising: a television broadcast receiving device as the first communication device; and a communication terminal as the second communication device; a television broadcast for broadcasting a television program A television program providing system capable of providing a television program, comprising: a communication station that is capable of communicating with a station; and a communication server that holds the secret key information and the transmission information. A first step of causing a broadcasting station to transmit the public key to the television broadcast receiver; a second step of causing the communication server to transmit the secret key information and the transmission information to the communication terminal; A third step for causing the broadcast receiving apparatus to acquire session key information for encrypting the public key information and the transmission information; and And the fourth step of acquiring the transmission information, and causing the television broadcast receiving apparatus to execute an encryption process on the session key information using the public key information, and then converting the session key information to the first step. 5th step to transmit to 2 communication apparatuses, 6th step to make the said communication terminal receive the said session key information, and to perform the process which cancels | releases the said encryption using the said secret key information, The said communication terminal A seventh step of performing an encryption process on the transmission information using the decrypted session key information, and then transmitting the transmission information to the television broadcast receiving device; A method of including content (9th content) is also useful. According to the method of the present content, it is possible to enjoy the advantages according to the seventh configuration.

  As described above, according to the communication system of the present invention, the transmission information transmitted from the second communication device to the first communication device is encrypted with the session key information. Therefore, even if the transmission information is intercepted, the content can be prevented from leaking unless the encryption is decrypted.

  In addition, since the session key information is encrypted with the public key information and transmitted to the second communication device, even if the session key information is intercepted, leakage of the contents is prevented unless the cipher is decrypted. Can do. As described above, when information is transmitted from one communication device (second communication device) to the other communication device (first communication device), a situation in which the information is intercepted during transmission and the content leaks is avoided as much as possible. It becomes possible to do.

  According to the television broadcast providing system according to the present invention, for example, the program video data is scrambled before being broadcast, and the transmission information is key information for canceling the scramble process. If this is the case, it is possible to easily limit viewing of the program. In other words, if the private key information and the key information (transmission information) are transmitted to the communication terminal only when viewing is permitted through the communication server, the scramble cannot be released unless the permission is made. It becomes.

[Example 1]
As an embodiment of the present invention, a communication system including a first communication device and a second communication device will be described. A block diagram of the communication system is shown in FIG. As shown in the figure, the communication system 9 includes an IrDA interface 51, a control unit 52, a cryptographic processing unit 53, a public key acquisition unit 54, a session key acquisition unit 55, and the like, an IrDA interface 61, a control unit. The second communication device 60 includes a unit 62, an encryption processing unit 63, a secret key acquisition unit 64, a transmission information acquisition unit 65, and the like.

  The IrDA interface (51, 61) is an interface for executing infrared communication (IrDA communication). Thus, the first communication device and the second communication device can transmit and receive information to and from each other.

  The control units (52, 62) control various processes in the first communication device or the second communication device. The encryption processing units (53, 63) execute encryption or descrambling processing using various key information.

  The public key acquisition unit 54 and the secret key acquisition unit 64 acquire public key information and secret key information from the outside, respectively. Here, the public key information and the secret key information are key information used as a pair in a public key encryption method. As a public key encryption method, for example, an RSA method using difficulty of prime factorization is known, and in order to decrypt information encrypted by a public key (this content is generally disclosed to the public). This utilizes the fact that a secret key corresponding to this public key is required.

  The session key acquisition unit 55 acquires a session key, for example, by generating some random number (this random number itself becomes the session key). Further, the transmission information acquisition unit 65 acquires transmission information that is information to be transmitted to the first communication device 50 side. It does not matter whether the transmission information is acquired from the outside or is generated inside the second communication device.

  Next, in the communication system 9 described above, refer to the flowchart of FIG. 2 for the processing flow until the transmission information acquired in the second communication device 60 is transmitted to the first communication device 50. While explaining.

  First, on the first communication device side, public key and session key information is acquired by the public key acquisition unit 54 and the session key acquisition unit 55 (step S11). Then, the encryption processing unit 53 encrypts the session key using the public key (step S12). Thereafter, the encrypted session key is transmitted to the second communication device side (step S13).

  On the other hand, on the second communication apparatus side, secret key information and transmission information are acquired by the secret key acquisition unit 64 and the transmission information acquisition unit 65 (step S21). When a session key (encrypted with a public key) is received from the first communication device side (step S22), the encryption is canceled using the secret key, and session key information is acquired (step S23).

  Thereafter, the second communication device encrypts the transmission information with the obtained session key (step S24), and transmits the encrypted transmission information to the first communication device side (step S25). The first communication device receives the encrypted transmission information (step S14), cancels the encryption using the session key, and acquires the transmission information (step S15). Since the session key is acquired (generated) on the first communication device side, the process of step S15 can be executed.

  Through the series of processes described above, it is possible to transmit transmission information from the second communication device to the first communication device through infrared communication. Information relating to transmission from the first communication device side to the second communication device side (step S13) is encrypted with the public key, and transmission from the second communication device side to the first communication device side (step S25). ) Is encrypted with the session key. Therefore, if the administrator (the person who is trying to prevent the interception) strictly manages the secret key, even if the transmission content by this infrared communication is intercepted, the content will be decrypted by others as much as possible. It is possible to prevent.

  The session key is updated each time it is used for encryption of transmission information and decryption (the session key acquisition unit newly generates a random number to be used as the next session key). Is desirable. For example, the session key may be updated each time the process of step S14 or S15 is performed in the first communication device. By doing so, even if one session key is duplicated by another person, it is not possible to use this session key to decrypt the encryption using another session key. Therefore, it is possible to further improve the safety of communication.

[Example 2]
Next, as a second embodiment of the present invention, a pay program providing system applying the communication system as in the first embodiment will be described. A schematic configuration of the pay program providing system is shown in FIG. As shown in the figure, the pay program providing system 1 includes a television broadcast station 2, a television broadcast receiver 3, a mobile phone 4, a communication server 5, and a telephone company 6. As will become apparent later, the television broadcast receiving device 3 and the mobile phone 4 of the present embodiment correspond to the first communication device and the second communication device of the first embodiment, respectively.

  First, the television broadcasting station 2 will be described. The television broadcast station 2 broadcasts information (video data or the like) related to the content of the program created by the program provider as a data stream using, for example, an RF signal. Here, the data structure of the data stream will be described with reference to FIG.

  As shown in FIG. 4, the data stream 10 includes a synchronization signal 11, a data identification flag 12, control data 13, a synchronization signal 14, a data identification flag 15, and video data 16. The synchronization signals 11 and 14 each indicate the start of data. The data identification flag 12 indicates that the control data 13 follows, and the data identification flag 15 indicates that the video data 16 follows.

  The control data 13 is information relating to various controls. In particular, when a pay program is currently being broadcast, as shown in FIG. 4, a pay flag 13A, an authentication site address 13B, notification image selection information 13C, program identification information 13D, public key information 13E, and other control data 13F.

  The pay flag 13A indicates whether the program being broadcast is a pay program. The authentication site address 13B indicates an address for accessing an authentication site (web page) for performing an authentication procedure when viewing the pay program. This authentication site is provided by the communication server 5. The notification image selection information 13C is used when the pay program guide is displayed on the television broadcast receiver 3, and is different for each set amount of the viewing fee in the pay program, for example.

  The program identification information 13D is information for identifying the type of program being broadcast, and is used when the communication server 5 determines the type of program, as will be described later. The public key information 13E represents the contents of the public key used in the public key encryption process described later.

  The video data 16 is video data related to the contents of the program. However, in the case of a pay program, the video data 16 is scrambled, and the program cannot be viewed normally unless the scramble process is canceled. Although not shown in the figure, audio data is present together with the video data 16, and the television broadcast receiving device 3 can output audio related to the program content.

  Even if the television broadcast is an analog broadcast, the control data described above can be transmitted by superimposing the data signal on the scanning line in the vertical blanking period. That is, it is possible to broadcast what is equivalent to the data stream 10 described above regardless of whether it is digital broadcasting or analog broadcasting.

  Next, a television broadcast receiver (hereinafter simply referred to as “receiver”) 3 will be described. The receiving device 3 receives a television broadcast transmitted from the television broadcast station 2 and displays a program content on a screen. The configuration of the receiving device 3 will be described below with reference to FIG.

  As shown in FIG. 5, the reception device 3 includes an encryption processing unit 31, an antenna 32, an RF reception circuit 33, a demodulation circuit 34, a video signal processing circuit 35, a system control circuit 36, a video display unit 37, an IrDA interface 38, and It consists of a session key generator 39 and the like.

  The RF receiving circuit 33 receives an RF signal (television broadcast signal) acquired through the antenna 32 and transmits it to a subsequent circuit. The RF receiving circuit 33 includes a tuner circuit, and only the signal of the channel selected by the user is transmitted.

  The demodulating circuit 34 extracts the video data 16 and the control data 13 based on the signal transmitted from the RF receiving circuit 33. This extraction process is performed with reference to the synchronization signal and the data identification flag in the data stream described above. The video data 16 is transmitted to the video signal processing circuit 35 in the subsequent stage, and the control data 13 is transmitted to the system control circuit 36.

  The video signal processing circuit 35 causes the video display unit 37 to display a video based on the video data input from the demodulation circuit 34 or the system control circuit 36. It also has a descrambling circuit, and when key information to be described later is input, descrambling processing using this is executed for video data that has been scrambled. The video display unit 37 includes a video display device such as a cathode ray tube or a liquid crystal display.

  The system control circuit 36 executes various controls based on the input control data. In particular, when a pay program TV broadcast is received (recognized by the contents of the pay flag 13A), the contents of these information are encoded based on the authentication site address 13B and the program identification information 13D that are input. A converted QR code (registered trademark, the same applies hereinafter) is generated and transmitted to the video signal processing circuit 35. Note that these processes are unnecessary for receiving a free program, and may be executed only when it is recognized that the pay program is received by the pay flag 13A.

  The system control circuit stores a plurality of types of pay program guide images as shown in FIG. The reason why a plurality of types of images are provided is to deal with this because the viewing fee varies depending on the type of pay program.

  The IrDA interface 38 is an interface provided for executing infrared communication (IrDA communication) with the mobile phone 4 or the like. As will be described later, the receiving device 3 can receive key information for canceling the scramble process from the mobile phone 4 via the IrDA interface.

  The session key generation unit 39 generates a session key for encrypting key information described later. More specifically, a random number generator that generates some random number is provided, and a random number generated by the random number generator is employed as a session key.

  The encryption processing unit 31 encrypts information using some key information (encryption processing), and decrypts the encryption using the key information for the information encrypted with the key information. Perform processing (decryption processing). Various specific methods for the encryption process and the descrambling process may be employed.

  With the above configuration, the receiving device 3 causes the video display unit 37 to display the broadcast video when receiving a television broadcast of a normal (non-paid) program. Conversely, when a pay program television broadcast is received, the QR code generated by the system control circuit 36 is displayed together with the broadcast video.

  The QR code display may be performed so as to be superimposed on the broadcast video, or the QR code display and the broadcast video display may be switched by, for example, a user instruction. good.

  Next, the mobile phone 3 will be described. As shown in FIG. 6, the mobile phone 4 here includes a control unit 41, an imaging unit 42, a storage unit 43, a decoding processing unit 44, a communication unit 45, an operation unit 46, an IrDA interface 47, a display unit 48, and an encryption unit. A processing unit 49 and the like are provided.

  The control unit 41 includes an arithmetic control device and controls the operation of each device in the mobile phone 4. The imaging unit 42 includes an imaging element such as a CCD or a CMOS, and can acquire information on an optical image formed through a lens. Thereby, it is possible to acquire information on the QR code displayed on the video display unit of the receiving device 3.

  The storage unit 43 is configured by a RAM or the like, and stores image data acquired by the imaging unit 42, various data received via the communication unit 45, ID information of the mobile phone 4 itself, and the like. The ID information includes information that can specify the mobile phone and the owner thereof, information that can specify a telephone company that has a communication line use contract with the owner of the mobile phone 4, and the like. The decoding processing unit 44 performs decoding processing on the QR code stored in the storage unit 43, and returns the acquired address information and the like to the storage unit 43.

  The communication unit 45 includes an antenna and performs wireless communication (transmission / reception of RF signals) with communication devices such as the communication server 5. Further, the operation unit 46 includes, for example, a button switch, and acquires various instruction information reflecting the user's intention through the operation of the button. The IrDA interface 47 is an interface for executing infrared communication (IrDA communication), and corresponds to the IrDA interface 38 in the receiving device 3. The display unit 48 includes a display, and performs various screen displays.

  Similarly to the encryption processing unit 31 in the receiving device 3, the encryption processing unit 49 encrypts information using some key information (encryption processing), and performs processing on information encrypted with certain key information. Then, a process (decryption process) for canceling the encryption using the key information is executed. Here, it is assumed that the encryption processing units 31 and 49 have the same encryption processing and decryption processing methods. As a result, when information on which encryption processing using a certain key (excluding the public key) is performed on one side is transmitted to the other side, if the other side also has the key, the other side The encryption process can be canceled on the side. As mentioned in the description of the first embodiment, a secret key corresponding to the public key is necessary for the descrambling process for the information encrypted with the public key.

  With the above configuration, the cellular phone 4 can acquire information on the QR code displayed by the receiving device 3 and can communicate with the communication server 5 connected by this address.

  Next, the communication server 5 will be described. As shown in FIG. 7, the communication server 5 includes a communication unit 51, a control unit 52, a storage unit 53, and the like, and is managed by a pay program provider or the like. The communication unit 51 performs wireless communication (RF signal transmission / reception) with a communication device such as the mobile phone 4. The control unit 52 controls each device of the communication server 5.

  The storage unit 53 also provides information for providing an authentication site for authenticating the viewing of a pay program when there is an access from the mobile phone 4 or the like, information on the content of a pay program or a viewing fee, and pay Key information for canceling the scramble applied to the video data of the program is stored in advance. If ID information or the like is transmitted from the communication terminal 4, these are stored.

  The telephone company 6 has a contract in advance with the owner of the mobile phone 4 regarding the use of a wireless telephone line. Thereby, instead of providing the owner with a wireless communication service or the like, a communication fee is collected through, for example, a transfer to a bank account.

  Next, in the pay program providing system 1 described above, the flow of processing performed until the user views the pay program will be described with reference to the flowchart of FIG.

  First, the program provider releases a pair of public key (hereinafter referred to as “Kpu” as appropriate), private key (hereinafter referred to as “Kpr” as appropriate), and scramble processing applied to video information. Key information (hereinafter referred to as “Ks” as appropriate) is created. Then, the Kpu is provided to the broadcasting station 2, and Kpr and Ks are stored in the communication server (step S41).

  In response, the broadcast station 2 broadcasts the control data 13 including Kpu (step S51). On the other hand, the communication server monitors whether or not there is a transmission request for Kpr and Ks from the mobile phone (S61), and if there is a request, transmits the Kpr and Ks to the mobile phone (step S62).

  The receiving device 3 receives a pay program from the broadcasting station 2 and simultaneously receives Kpu and the like (step S72). Along with this, the acquired video data (scrambled) is displayed. On the other hand, the receiving device 3 generates a session key in response to the reception of Kpu (step S73). Then, the session key is encrypted using Kpu (step S74).

  Thereafter, the receiving device 3 displays on the screen a site code for authentication 13B, program identification information 13D, and a QR code in which the content of the session key encrypted by Kpu is encoded (step S75). It should be noted that which of the above-described video data and QR code is displayed on the screen can be freely switched by the user through a user interface (not shown).

  An example of the state where the QR code is displayed is shown in FIG. In this way, not only the QR code 17 but also one of a plurality of pay program guidance images (notification images) stored in advance in the receiving device 3 is displayed. Which pay program guide is displayed is determined by the received notification image selection information 13C.

  At the time of receiving a pay program, the receiving device 3 monitors whether or not an encrypted Ks (release key) is input (step S71). Note that this monitoring may not be performed after Ks is input, and the above-described QR code 17 may not be displayed.

  On the other hand, in the mobile phone 4, the presence / absence of transmission of Kpr and Ks by the communication server 5 (step S83) and the presence / absence of input of the QR code 17 (including the encrypted session key) through the imaging unit 42 (step S81). Is monitoring. In this state, when the user takes the QR code 17 displayed in step S75 into the mobile phone 4 (Y in step S81), the mobile phone 4 decodes the content of the QR code 17 and based on the obtained address. To access the communication server 5.

  When executing access to the communication server, for example, the mobile phone 4 may be displayed as shown in FIG. 10 to allow the user to select whether or not to allow access to the authentication site. If access is denied, the QR code 17 data is discarded and the process returns to step S81.

  After accessing the communication server 5, the mobile phone 4 transmits the ID information assigned to the mobile phone 4 to the communication server 5, and sends Kpr and Ks to the mobile phone 4 (or a mail server corresponding to the mobile phone 4). A request is made to the communication server 5 to transmit (step S82).

  Before executing the process of step S82, the communication server 5 may display the display as shown in FIG. 11, for example, on the mobile phone 4 to confirm whether the user is willing to pay the viewing fee or the like. . If there is no intention to pay the viewing fee or view the pay program, the process of step S82 is not executed.

  On the other hand, the communication server 5 monitors the presence or absence of a transmission request for Kpr and Ks by the mobile phone 4 (step S61). If there is such a transmission request (Y in step S61), Kpr and Ks are transmitted to the mobile phone 4 (or a mail server corresponding to the mobile phone 4) (step S62). At this time, the communication server 5 acquires the ID information of the mobile phone 4. That is, the communication server 5 provides Kpr and Ks in exchange for the ID information.

  In addition, when the mobile phone 4 receives the provision of Kpr and Ks from the communication server 5, the communication between the mobile phone 4 and the communication server 5 (steps S82 and S62) is performed so that they are not leaked to others. By using a communication method such as SSL (Secure Socket Layer) that can prevent leakage of communication data (processing for preventing leakage of communication data is performed), communication safety is improved.

  If Kpr and Ks are transmitted by the process of step S62 (Y of step S83), the mobile phone 4 receives these pieces of information. At this point, the mobile phone 4 has information on the session key encrypted with Kpr, Ks, and Kpu. Therefore, the mobile phone 4 uses Kpr to release encryption using Kpu and obtains a session key. (Step S84). Then, Ks is encrypted using this session key (step S85).

  At this time, the mobile phone 4 may display such as shown in FIG. 12, for example, to notify the user of the current state. Further, after that, the display as shown in FIG. 13 may be performed to prompt the user to transmit Ks to the receiving device 3.

  Further, a program for causing the mobile phone 4 to display as shown in FIG. 11 is stored in the communication server 5 in advance, and this program is transmitted to the mobile phone 4 when accessed from the mobile phone 4. You may make it let it be.

  When the user inputs Ks to the receiving device 3 through the IrDA interface in the state where the processing in step S85 is completed, the receiving device 3 uses the session key that the receiving device 3 encrypts with the session key applied to Ks. To release. As a result, the receiving device 3 acquires Ks, and thereafter uses this Ks to release the scramble process applied to the video data of the pay program (step S76). As a result, if Ks is legitimate, the scramble is canceled and the content of the pay program is normally output.

  Further, the pay program provider charges the pay program viewing fee to the telephone company with which the mobile phone 4 is contracted based on the ID information acquired from the mobile phone 4 (acquired by the communication server 5). To do. In response to such billing, the telephone company will pay for the viewing fee, while deducting the amount equivalent to the viewing fee from the viewer's bank account.

  Through the series of processes described above, the viewer can view the pay program. Here, in order for the viewer to view the pay program, mainly the process of reading the QR code from the receiving device 3 by the mobile phone 4, the process of acquiring the key information by accessing the communication server 5 by the mobile phone 4, and It suffices to pass the process of inputting the key information to the receiving device 3. Therefore, even if there is no prior viewing contract with the pay program provider, the viewer can watch the pay program without waiting for a long time.

  Moreover, since the ID information of the mobile phone 4 used by the viewer can be obtained from the pay program provider's side, the program viewing contract with the viewer is not made in advance. You can easily collect viewing fees. That is, it is possible to identify the viewer of the pay program and the telephone company with which the viewer has a contract based on the ID information, so that the viewing fee can be easily collected even after the fact.

  In the receiving apparatus 3 of the present embodiment, the video data of the pay program is scrambled, but instead of or in addition to this, the screen display of the video data itself may be limited. For example, key information may be incorporated into the control data 13 so that the screen display is not executed unless the key information transmitted from the mobile phone 4 matches the key information.

  Further, it is desirable that the session key generation unit 39 newly generates a session key each time it is used for Ks encryption and decryption, and updates the contents thereof. Specifically, for example, every time a descrambling process using a session key (corresponding to step S76 described above) is performed, the session key may be updated. By doing so, even if one session key is duplicated by another person, it is not possible to use this session key to decrypt the encryption using another session key. Therefore, it is possible to further improve the safety of communication.

  Here, Ks from the mobile phone 4 (corresponding to the “second communication device” in the first embodiment) to the receiving device 3 (corresponding to the “first communication device” in the first embodiment) (in the first embodiment) In particular, since Ks is encrypted with a session key, it is possible to prevent unauthorized acquisition of Ks by using a learning remote controller or the like. . Further, since the session key embedded in the QR code is also encrypted by Kpu, unauthorized acquisition can be prevented. An outline of the above-described processing flow is shown in FIG. An outline of the relationship between each component in the pay program providing system 1 is shown in FIG.

  As described above, the embodiments of the present invention have been described. However, the present invention is not limited to these embodiments, and various modifications can be made without departing from the gist of the present invention. The contents of the embodiments can be combined with each other as long as there is no contradiction.

  The present invention is useful in a system for providing a pay program in television broadcasting.

It is a block diagram of the communication system which concerns on Example 1 of this invention. It is a flowchart of the process of the communication system which concerns on Example 1 of this invention. It is the structure schematic of the pay program provision system which concerns on Example 2 of this invention. It is the structure schematic of the stream data which concerns on Example 2 of this invention. It is a block diagram of the television broadcast receiver in Example 2 of this invention. It is a block diagram of the mobile telephone in Example 2 of this invention. It is a block diagram of the communication server in Example 2 of this invention. It is a flowchart of the process of the pay program provision system in Example 2 of this invention. It is a figure which shows the screen display of the television broadcast receiver based on Example 2 of this invention. It is a figure which shows the screen display of the mobile telephone based on Example 2 of this invention. It is a figure which shows the screen display of the mobile telephone based on Example 2 of this invention. It is a figure which shows the screen display of the mobile telephone based on Example 2 of this invention. It is a figure which shows the screen display of the mobile telephone based on Example 2 of this invention. It is explanatory drawing regarding encryption of the key information which concerns on Example 2 of this invention. It is explanatory drawing regarding the content of the pay program provision system in Example 2 of this invention.

Explanation of symbols

1 pay program providing system 2 TV broadcast station 3 TV broadcast receiver 4 mobile phone (communication terminal)
5 Communication server 6 Telephone company 10 Stream data 11 Synchronization signal 12 Data identification flag (indicating that control data follows)
13 Control data 13A Paid flag (paid identification information)
13B Authentication site address (address information)
13C Notification image selection information 13D Program identification information 13E Public key information 14 Synchronization signal 15 Data identification flag (indicating that video data follows)
16 Video data 17 QR code 31 Encryption processing unit 32 Antenna 33 RF reception circuit 34 Demodulation circuit 35 Video signal processing circuit 36 System control circuit 37 Video display unit 38 IrDA interface (infrared communication means)
39 Session Key Generation Unit 41 Control Unit 42 Imaging Unit 43 Storage Unit 44 Decode Processing Unit 45 Communication Unit 46 Operation Unit 47 IrDA Interface (Infrared Communication Means)
48 Display Unit 49 Cryptographic Processing Unit 51 Communication Unit 52 Control Unit 53 Storage Unit

Claims (9)

In a communication system having a predetermined first communication device and a second communication device capable of communicating with the first communication device,
In transmitting predetermined transmission information from the second communication device to the first communication device,
A first step in which the first communication device acquires public key information and session key information for encrypting the transmission information;
A fourth step in which the second communication device acquires secret key information and the transmission information; and
A first step in which the first communication device performs an encryption process on the session key information using the public key information, and then transmits the session key information to the second communication device;
A sixth step in which the second communication device receives the session key information and releases the encryption using the secret key information;
Seventh step in which the second communication device performs encryption processing on the transmission information using the session key information decrypted, and then transmits the transmission information to the first communication device. When,
The communication system characterized by performing the process containing these. The first communication device and the second communication device have infrared communication means for performing infrared communication with each other,
The communication system according to claim 1, wherein in the seventh step, the process in which the second communication device transmits the transmission information to the first communication device is executed through the infrared communication means. The first communication device is
It has an image display device that displays images,
The communication system according to claim 1 or 2, wherein the session key information subjected to encryption processing using the public key information is converted into a QR code (registered trademark), and the QR code is displayed as an image. The first communication device is
Having random number generating means for generating random numbers,
The communication system according to any one of claims 1 to 3, wherein the random number is used as the session key information. The first communication device is
Each time the transmission information is received by the processing of the seventh step and the encryption by the session key information applied to the transmission information is released, the random number is newly generated and the session key information is updated. The communication system according to claim 4. Predetermined transmission information from the second communication device to the first communication device for a communication system having a predetermined first communication device and a second communication device capable of communicating with the first communication device Is a method of sending
A third step of causing the first communication device to acquire session key information for encrypting the public key information and the transmission information;
A fourth step of causing the second communication device to acquire the secret key information and the transmission information; and
A fifth step of causing the first communication device to execute encryption processing on the session key information using the public key information, and then transmitting the session key information to the second communication device;
A sixth step of causing the second communication device to receive the session key information and to execute a process of releasing the encryption using the secret key information;
A second communication device that causes the second communication device to execute encryption processing on the transmission information using the decrypted session key information, and then transmits the transmission information to the first communication device. 7 steps,
A method comprising the steps of: The communication system according to any one of claims 1 to 5, comprising a television broadcast receiving device as the first communication device and a communication terminal as the second communication device;
A TV station that broadcasts TV programs,
A television program providing system capable of communicating with the communication terminal and having the secret key information and a communication server holding the transmission information,
A first step in which the television broadcast station transmits the public key to the television broadcast receiver;
A second step in which the communication server transmits the secret key information and the transmission information to the communication terminal;
A TV program providing system that executes processing including: In the processing of the second step,
The communication server transmits the secret key information and the transmission information to the communication terminal by a communication method capable of preventing leakage of communication data such as SSL (Secure Socket Layer). Item 8. The television program providing system according to Item 7. The communication system according to any one of claims 1 to 5, comprising a television broadcast receiving device as the first communication device and a communication terminal as the second communication device;
With a TV station that broadcasts TV programs;
A method of causing a television program providing system capable of communicating with the communication terminal to provide a television program, the communication program server having the secret key information and the transmission information;
A first step of causing the television broadcast station to transmit the public key to the television broadcast receiver;
A second step of causing the communication server to transmit the secret key information and the transmission information to the communication terminal;
A third step of causing the television broadcast receiving device to acquire session key information for encrypting the public key information and the transmission information;
A fourth step of causing the communication terminal to acquire the secret key information and the transmission information; and
A fifth step of causing the television broadcast receiving apparatus to perform encryption processing on the session key information using the public key information, and then transmitting the session key information to the second communication apparatus;
A sixth step of causing the communication terminal to receive the session key information and to execute a process of releasing the encryption using the secret key information;
Seventh step of causing the communication terminal to execute encryption processing on the transmission information using the session key information that has been decrypted, and then transmitting the transmission information to the television broadcast receiving apparatus When,
A method comprising the steps of: