JP2015082829A - Encryption device, decryption device, encryption program, and decryption program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an encryption device, a decryption device, and programs, capable of effectively tracking an unauthorized person to a receiving device that receives content distribution service of simultaneous distribution.SOLUTION: In an encryption device, a common encryption part encrypts first region data by applying a common encryption key thereto to generate common encryption data. An individual encryption part encrypts second region data by applying first to n-th (n is an integer of 2 or more) encryption keys thereto respectively to generate individual encryption data. An encryption packet generation part converts the encrypted data into TS, and provides a packet identifier associated with the encryption key in a packet identifier region of a header of a TS packet. A plaintext packet generation part sets a common packet identifier, and the packet identifiers respectively associated with the first to n-th encryption keys, in a PMT. A packet compositing part composes these packets to generate encryption content data.

Description

  The present invention relates to an encryption device, a decryption device, an encryption program, and a decryption program for encrypting and decrypting content data.

  A content distribution service for distributing content data to content reproduction devices of a large number of users by broadcasting or communication has been implemented. In this content distribution service, the content distribution device distributes encrypted content data so that only authorized users of the service can acquire content data. For example, Non-Patent Document 1 describes encryption (scramble) of content data.

  However, if a fraudulent receiver that illegally decrypts content data is developed in the buying and selling of content data distributed using broadcasting or communication, the provider of the content data will be damaged. Such an unauthorized receiver decrypts content data by using an illegally obtained decryption key. To deal with such a problem, there is known an illegal person tracking (Trator Tracing) encryption technique for specifying a distribution source of an illegal receiver that has been illegally distributed. For example, an unauthorized person tracking encryption method (hereinafter referred to as BN08 method) in which a ciphertext is composed of three elements by combining a plurality of public key ciphers is known (see, for example, Non-Patent Document 2).

"Access Control System Standard for Digital Broadcasting", ARIB STD-B25 6.0 Edition, Japan Radio Industry Association, March 28, 2011 Dan Boneh, Moni Naor, “Traitor Tracing with Constant Size Ciphertext”, Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 501-510, 2008

However, the BN08 method has the following problems.
The BN08 method is an unauthorized receiver that cannot determine whether it has received test ciphertext (test data) for tracking unauthorized users or whether it has received content data from a normal service, or it can determine In this case, it is possible to track a plurality of collusion attackers against an unauthorized receiver that continues to receive content data. In the tracking test using the BN08 method, a plurality of test data are input to the receiver. The plurality of test data are ciphertexts obtained by encrypting different plaintexts, and different plaintexts are decrypted for receivers having different decryption keys.
However, for example, an unauthorized receiver equipped with a plurality of decoders (decryption devices) to which mutually different encryption keys are applied compares the decrypted data obtained by decrypting each of them, and the test data is currently input. Or whether content data by a normal service is input. When such a determination is made, an attack that prevents the illegal user tracking algorithm of the BN08 method from working effectively was possible.
In addition, this attack is not limited to the BN08 method, and it is possible to track unauthorized users by using all of the illegal security tracking encryption technology called the black box tracking function developed so far and the difference in decryption keys. It was possible for the technology to identify.

  The present invention has been made in view of the above circumstances, and provides an encryption device, a decryption device, an encryption program, and a decryption program that effectively perform illegal person tracking with respect to a receiving device that receives a content delivery service for simultaneous delivery. It is to provide.

[1] In order to solve the above-described problem, an encryption apparatus according to an aspect of the present invention includes a data acquisition unit that captures encoded content data, and first area data in the encoded content data that is captured by the data acquisition unit. In addition, a common encryption unit that encrypts by applying a common encryption key and generates common encrypted data, and second area data obtained from the encoded content data are divided into first to nth (n is 2 or more). An encryption key up to an integer), an individual encryption unit for generating individual encrypted data, and converting the common encrypted data generated by the common encryption unit into a transport stream, The individual encrypted data generated by the individual encryption unit is converted into a transport stream, and each transport stream is transported for each transport stream for each encryption key. A packet identifier associated with the encryption key in the packet identifier area of the header of the packet, and an encrypted packet generator for generating encrypted packet data, and a common associated with the common encryption key A descriptor including first to n-th packet identifiers that are provided in the elementary packet identifier area or the elementary stream loop area of the program map table and are associated with the first to n-th encryption keys, respectively. A plaintext packet generator for generating plaintext packet data including the program map table by generating information, providing the descriptor information in an elementary stream loop area of the program map table, and generating the encrypted packet The encrypted packet data generated by the unit, and Provided by combining said plaintext packet data sentence packet generating unit has generated a packet combining section that generates the encrypted content data.
In the above configuration, it is sufficient for the plaintext packet generation unit to provide the common packet identifier only in one of the elementary packet identifier area and the elementary stream loop area of the program map table, but it may be provided in both. .
When providing the common packet identifier in the elementary stream loop area of the program map table, the plaintext packet generator generates descriptor information including the common packet identifier.
The method of providing the common packet identifier in the elementary stream loop area of the program map table is as described in the modification of the embodiment.

[2] Further, according to one aspect of the present invention, in the encryption apparatus, a code detection unit that detects a predetermined first code from a variable-length code included in the encoded content data captured by the data acquisition unit; , The encoded content data is separated into block data including the first code and common data excluding the block data, and the first code included in the block data is changed to the first code A code change unit that generates second to n-th changed block data by changing from the second code to the n-th code having the same code length as the code length, respectively, Each of the nth codes is different from the other codes, and the common encryption unit converts the common data separated by the data separation unit into the first area data. And the individual encryption unit converts the block data separated by the data separation unit and the second to nth changed block data generated by the code changing unit, respectively, from the first to nth Encrypt by applying the encryption key.
Note that the expression “second to n-th changed block data” indicates that when n = 2, only a single changed block data (second changed block data) exists.
In addition, the expression “each of the 1st code to the nth code is different from the other codes” means that when n = 2, only the 1st code and the 2nd code exist and they are different from each other. Represent.

[3] Further, according to one aspect of the present invention, in the encryption apparatus, the predetermined first code indicates a run length that is the number of zero coefficients and a value of a non-zero coefficient, and the second code The run length in each of the nth codes is the same as the run length in the first code.
“Each of the 2nd code to the nth code” refers to only the 2nd code when n = 2. At this time, only the first code and the second code exist.

[4] In addition, the decryption device according to an aspect of the present invention includes the common packet packet generated by providing a packet identifier associated with an encryption key in a packet identifier region included in each transport stream packet, and the common A common packet identifier associated with the encryption key is provided in the elementary packet identifier region or the elementary stream loop region, and the first to n-th (n is an integer of 2 or more) encryption keys associated with the encryption key. The encrypted content data obtained by combining the plaintext packet data generated including the program map table in which the descriptor information including the 1st packet identifier to the nth packet identifier is provided in the elementary stream loop area is captured. Captured by the encrypted content data acquisition unit and the encrypted content data acquisition unit However, in the encrypted content data, a common packet identifier associated with a common encryption key is extracted from an elementary packet identifier area or an elementary stream loop area of a program map table included in the plaintext packet data, and the plaintext packet Descriptor information is extracted from the elementary stream loop area of the program map table included in the data, and the first to the nth packet identifier is extracted from the descriptor information, and the encrypted content data includes the In accordance with either the common packet identifier or the packet identifier from the first packet identifier to the nth packet identifier provided in the packet identifier area of the header from the encrypted packet data, the common encrypted packet and the first A packet extraction unit for extracting from encoded packet data to n-th encrypted packet data, decrypting encrypted data included in the common encrypted packet data extracted by the packet extraction unit, and further extracting the descriptor Based on the information, the encrypted packet data corresponding to the decryption key stored in the device is decrypted from the first encrypted packet data to the n-th encrypted packet data to generate encoded content data. A decoding unit.
When the common packet identifier associated with the common encryption key is provided in the elementary stream loop area, the packet extraction unit is associated with the common encryption key from the elementary stream loop area of the program map table. The common packet identifier is extracted. This method is as described in the modification of the embodiment.

  [5] Further, according to one aspect of the present invention, in the above decryption apparatus, the first encrypted packet data includes block data including a predetermined first code included in a variable length code included in the encoded content data. Each of the second encrypted packet data to the nth encrypted packet data includes the first code included in the block data having the same code length as that of the first code and different from the code. The changed block data is changed from the second code to the nth code, each of the first code to the nth code is different from the other codes, and the packet extraction unit includes the elementary elements of the program map table. A common packet identifier is extracted from the packet identifier area or the elementary stream loop area, and the header is extracted from the encrypted content data. Extracting the packet data provided with a common packet identifier in a packet identifier region, the decryption unit decrypts the common encrypted packet data extracted by the packet extraction unit to obtain first region decryption data, Decrypting the encrypted packet data corresponding to the decryption key stored in the device among the n-th encrypted packet data from the first encrypted packet data to obtain the second region decrypted data, the first region Decoded encoded content data is generated by combining the decoded data and the second region decoded data.

  [6] Further, according to an aspect of the present invention, in the decoding device, the predetermined first code indicates a run length that is the number of zero coefficients and a value of a non-zero coefficient, The run length in each of the n codes is the same as the run length in the first code.

  [7] Further, according to one aspect of the present invention, there is provided an encryption program, wherein a computer acquires a data acquisition unit that captures encoded content data, and first area data in the encoded content data captured by the data acquisition unit In addition, a common encryption unit that encrypts by applying a common encryption key and generates common encrypted data, and second area data obtained from the encoded content data are divided into first to nth (n is 2 or more). An encryption key up to an integer), an individual encryption unit for generating individual encrypted data, and converting the common encrypted data generated by the common encryption unit into a transport stream, The individual encrypted data generated by the individual encryption unit is converted into a transport stream, and each transport stream for each encryption key is transferred to each transport stream. A packet identifier associated with the encryption key is provided in a packet identifier area of a header included in the stream packet, and an encrypted packet generation unit that generates encrypted packet data and the common encryption key Description including a common packet identifier in an elementary packet identifier area or an elementary stream loop area of the program map table, and including first to n-th packet identifiers respectively associated with the first to n-th encryption keys. A plaintext packet generation unit for generating child information, providing the descriptor information in an elementary stream loop area of the program map table, and generating plaintext packet data including the program map table; and the encrypted packet The encrypted packet data generated by the generation unit , By combining with the plaintext packet data to which the plaintext packet generating unit has generated, is intended to function as a packet combining section that generates the encrypted content data.

  [8] One embodiment of the present invention is a decryption program, which is an encryption generated by providing a computer with a packet identifier associated with an encryption key in a packet identifier area included in each transport stream packet. Packet data and a common packet identifier associated with the common encryption key are provided in an elementary packet identifier area or an elementary stream loop area, and the first to nth (n is an integer of 2 or more) encryption keys are used. Obtained by combining the plaintext packet data generated including the program map table with descriptor information including the first to nth packet identifiers associated with each other provided in the elementary stream loop region. An encrypted content data acquisition unit that captures encrypted content data; and In the encrypted content data captured by the content data acquisition unit, a common packet identifier associated with a common encryption key from an elementary packet identifier area or an elementary stream loop area of a program map table included in the plaintext packet data is Extracting the descriptor information from the elementary stream loop region of the program map table included in the plaintext packet data, extracting the first packet identifier to the nth packet identifier from the descriptor information, and From the encrypted packet data in the encrypted content data, according to either the common packet identifier or the packet identifier from the first packet identifier to the nth packet identifier provided in the packet identifier area of the header, A packet extractor for extracting the encrypted packets and the first encrypted packet data to the nth encrypted packet data; and decrypting the encrypted data included in the common encrypted packet data extracted by the packet extractor; Further, based on the extracted descriptor information, the encrypted packet data corresponding to the decryption key stored in the device among the n-th encrypted packet data from the first encrypted packet data is decrypted, It functions as a decoding unit that generates encoded content data.

ADVANTAGE OF THE INVENTION According to this invention, the tracking of the decoding key used illegally, ie, an unauthorized person, can be effectively performed with respect to the receiving apparatus which receives the content delivery service of simultaneous delivery.
Further, according to the present invention, it is possible to reduce an increase in transmission amount necessary for performing such illegal person tracking.

1 is a schematic configuration diagram of a content distribution system according to a first embodiment of the present invention. It is a block diagram which shows the outline of an internal function structure of the content server 11 by the embodiment. It is the schematic which shows the data structure of the transport stream packet used in the embodiment. It is the schematic which shows the relationship between the packet data of video content and PMT (program map table) in the encryption packet data which the encryption server 12 by the same embodiment produces | generates. It is a block diagram which shows the function structure inside the encryption server 12 by the embodiment. It is a block diagram which shows the function structure inside the transmitter 13 by the embodiment. It is a block diagram which shows the schematic function structure inside the receiver 21 by the embodiment. It is a flowchart which shows the procedure of the process which the content server 11 by the embodiment performs. It is a flowchart which shows the procedure of the process which the encryption server 12 by the embodiment performs. It is a flowchart which shows the procedure of the process which the transmitter 13 by the embodiment performs. It is a flowchart which shows the procedure of the process which the receiver 21 by the embodiment performs. It is a block diagram which shows the outline of a function structure of the encryption server 62 by 2nd Embodiment. It is a flowchart which shows the procedure of the process which the encryption server 62 by the embodiment performs.

[First Embodiment]
Hereinafter, embodiments for carrying out the present invention will be described in detail with reference to the drawings.
FIG. 1 is a schematic configuration diagram of a content distribution system according to a first embodiment of the present invention. This system is an application of an encryption device and a decryption device according to the present invention. The content distribution system 1 shown in the figure includes a broadcasting station group, a transmission antenna (not shown), a reception antenna (not shown), and a reception device 21 (decoding device). The receiving device 21 includes a decoding device. Note that an actual content distribution system usually includes a large number of receiving devices 21, but in the present embodiment, only four receiving devices 21 are illustrated in order to simplify the drawing and simplify the description. The broadcasting station device group and the transmission antenna are a device group and facilities managed by the broadcasting station. The receiving device 21 is a device that the viewer has.

  The broadcast station device group includes a content server 11, an encryption server 12 (encryption device), a transmission device 13, and a network 18. The encryption server 12 includes an encryption device. This broadcasting station apparatus group compresses and encodes content data produced by a broadcasting station, a program production company, etc., and produces | generates compression coding content data. Then, the broadcast station apparatus group encrypts the compression-encoded content data according to the method according to the present embodiment, and generates encrypted content data. Then, the broadcast station apparatus group converts the encrypted content data into a broadcast signal, and transmits this broadcast signal from the transmission antenna. The network 18 is a communication line that connects the content server 11, the encryption server 12, and the transmission device 13. The network 18 is a computer network capable of communicating using, for example, the Internet protocol (IP). One form of the network 18 is an intranet built inside a broadcast station or the like. For example, communication is performed between the content server 11 and the encryption server 12 and between the encryption server 12 and the transmission device 13 via the network 18.

  The content server 11 takes in content data and an encoding rate from a content supply device (not shown). The content data is digital data including video data and audio data. In the present embodiment, the content data includes at least video data. The encoding rate is a value indicating a transmission capacity that can be used in a transmission path between the transmission device 13 side and the reception device 21 side. The content server 11 executes compression encoding processing of content data, generates compression encoded content data having a capacity value equal to or less than the above encoding rate, and stores this compression encoded content data. The compression-encoded content data is, for example, video data that has been compression-encoded based on the MPEG-2 video standard or audio data that has been compression-encoded based on the MPEG-2 audio standard.

  The encryption server 12 takes in the compression-encoded content data from the content server 11, and converts the compression-encoded content data into common encryption target area data (first area data) and individual encryption target area data (second area data). ) And separated. Then, the encryption server 12 encrypts the common encryption target area data by applying a common encryption key (any one of an even key and an odd key) to generate common encrypted data. The common encryption key is an encryption key that all receiving apparatuses have in common and can be used. The encryption server 12 encrypts the individual encryption target area data by applying two different individual encryption keys (first individual encryption key and second individual encryption key) to each other, (2 systems) individual encrypted data (first individual encrypted data, second individual encrypted data) is generated.

  The encryption server 12 also has a program map table (Program) including packet identifiers (common packet identifier, first packet identifier, and second packet identifier) associated with each of the three types of encryption keys based on the control information. Map Table (PMT) is generated, and plaintext packet data including the PMT is generated. The PMT is a kind of PSI / SI and is a table for designating a packet identifier for identifying a packet storing data constituting a broadcast program.

  However, the receiving apparatus according to the present embodiment decrypts the common encrypted packet data encrypted by applying the common encryption key and the first individual encrypted data encrypted with the first encryption key. Alternatively, the encryption server 12 performs the following to decrypt the common encrypted packet data encrypted by applying the common encryption key and the second individual encrypted data encrypted by the second encryption key: Thus, a PMT corresponding to the encrypted packet data is generated.

  That is, the encryption server 12 provides a common encryption packet identifier associated with the common encryption key in the elementary packet identifier area of the PMT that can be recognized by all receiving apparatuses according to the present embodiment. Also, the encryption server 12 corresponds to the first encryption key in the descriptor area in the elementary stream loop area of the PMT recognized by the receiving device having the first decryption key corresponding to the first encryption key. An attached first packet identifier and an encryption key identifier for identifying the first encryption key are provided. Further, the encryption server 12 corresponds to the second encryption key in the descriptor area in the elementary stream loop area of the PMT recognized by the receiving apparatus having the second decryption key corresponding to the second encryption key. An attached second packet identifier and an encryption key identifier for identifying the second encryption key are provided. In addition, the encryption server 12 provides a simultaneous scramble identifier (descriptor information) including information (parameter) related to decryption in the PMT. Details of the data structure of the PMT and the simul scrambling identifier will be described later.

  Then, the encryption server 12 converts the common encrypted data into packets, and provides common encryption key identification information for identifying the common encryption key in each packet. The encryption server 12 packet-converts each of the first individual encrypted data and the second individual encrypted data, and individual encryption key identification information for identifying each of the first individual encryption key and the second individual encryption key. (First individual encryption key identification information, second individual encryption key identification information) is provided in each corresponding packet. Then, the encryption server 12 combines all the packets to generate encrypted content data, and stores this encrypted content data. The encrypted content data is, for example, a stream in the format of a transport stream (TS) defined by the MPEG-2 system standard.

The transmission device 13 acquires the above-described encrypted content data from the encryption server 12, and converts this encrypted content data into a broadcast signal for digital broadcasting. Then, the transmission device 13 transmits the broadcast signal from the transmission antenna. The transmission antenna radiates a broadcast radio wave based on a broadcast signal transmitted from a transmission device of the broadcast station device group into the air.
Note that the transmission device 13 may transmit a broadcast signal as an electrical signal via a cable instead of the radio wave propagating in the air. Moreover, you may make it use a radio wave and a cable together.

  Each of the receiving devices 21 stores a common encryption key and common encryption key identification information for identifying these common encryption keys in association with each other, and also stores an individual encryption key (own device encryption key) of the own device. ) And the local device encryption key identification information for identifying the local device encryption key are stored in association with each other. The receiving device 21 receives a broadcast signal by receiving a broadcast radio wave radiated from the transmission antenna, and acquires encrypted content data from the broadcast signal. The receiving device 21 may receive a broadcast signal as an electric signal transmitted via a cable instead of the broadcast radio wave.

  The receiving device 21 extracts the common encrypted packet data including the common encryption key identification information from the encrypted content data, applies the common encryption key associated with the common encryption key identification information, and By decrypting the common encrypted packet data, the common encryption target area data is acquired. In addition, the receiving device 21 encrypts individual encrypted packet data (first individual encrypted data or second individual encrypted data) including the same individual encryption key identification information as the own device encryption key identification information into encrypted content data. The individual encryption target area data is obtained by decrypting the individual encrypted packet data by applying the individual encryption key associated with the individual encryption key identification information.

  The receiving device 21 synthesizes the acquired common encryption target area data and the individual encryption target area data, and generates compressed encoded content data. Then, the receiving device 21 generates (restores) content data by decoding the compression-encoded content data, and presents the content data.

  FIG. 2 is a block diagram showing an internal functional configuration of the content server 11. As shown in the figure, the content server 11 includes a content acquisition unit 111, an encoding rate acquisition unit 112, a content compression encoding unit 113, a compression encoded content storage unit 114, and a compression encoded content supply unit 115. With. The content server 11 is a device configured using a computer, for example.

The content acquisition unit 111 takes in content data from the content supply device (not shown) and supplies the content data to the content compression encoding unit 113. Specifically, the content supply device is, for example, a storage device such as a magnetic hard disk device or a semiconductor disk device, or a content editing device connected via a communication network.
The encoding rate acquisition unit 112 takes in numerical data representing the encoding rate from an encoding rate supply device (not shown), and supplies this encoding rate to the content compression encoding unit 113. Specifically, the coding rate supply device is, for example, an input device such as a keyboard or a mouse, or a storage device such as a semiconductor memory. That is, the data representing the coding rate is set by an operator or stored in advance in a memory or the like as a set value.

  The content compression encoding unit 113 takes in the content data supplied from the content acquisition unit 111 and takes in the encoding rate supplied from the encoding rate acquisition unit 112. The content compression encoding unit 113 executes compression encoding processing of the content data, generates compression encoded content data having an encoding rate equal to or less than the value of the captured encoding rate, and converts the compression encoded content data to The compressed encoded content storage unit 114 is supplied. Here, the compression encoding process is, for example, a video compression encoding process based on the MPEG-2 video standard.

The compression-encoded content storage unit 114 stores compression-encoded content data supplied from the content compression / encoding unit. The compression-encoded content storage unit 114 stores the compression-encoded content data as file data managed by a file system, for example.
The compression-encoded content supply unit 115 reads the compression-encoded content data from the compression-encoded content storage unit 114 and supplies the compression-encoded content data to the outside (for example, the encryption server 12 in FIG. 1).

Here, a data structure of a transport stream packet that is a packet of a stream generated by the encryption server 12 will be described.
FIG. 3 is a diagram illustrating a data configuration of the transport stream packet. As shown in the figure, a transport stream packet (hereinafter referred to as a TS packet) has a header part (header) and an adaptation field / payload part.
FIG. 2A shows the configuration of the entire TS packet. The header part is data having a length of 4 bytes. The adaptation field / payload portion is data having a length of 184 bytes. That is, the TS packet is data having a total length of 188 bytes.
FIG. 5B shows a more detailed configuration (data item and number of bits of each item) of the 4-byte header part.

  The header portion includes a synchronization byte, a transport error indicator, a payload unit start indicator, a transport priority, a packet identifier (PID), a transport scramble control, an adaptation field control, and a continuity index. .

The synchronization byte is 8-bit data indicating the head of the TS packet, and its value is 0x47 (hexadecimal number).
The payload unit start indicator is 1-bit data, and when its value is 1 (binary number), it indicates that the start point of the payload of the TS packet is the start point or pointer of the PES packet.
The packet identifier (PID) is 13-bit data that identifies the type of payload data.
The transport scramble control is a 2-bit data area for identifying the scramble mode of the payload of the TS packet. Table 1 below shows the scramble control values stored in the transport scramble control area (transport scramble control area) and their meanings.

  In the scramble control values shown in Table 1, “no scramble” (00 (binary number)) indicates that the payload of the TS packet is not scrambled (encrypted). “Undefined” (01 (binary number)) indicates that it is not currently defined. “Even key” (10 (binary number)) and “odd key” (11 (binary number)) indicate the type of scrambled key (whether it is an even key or an odd key).

  The adaptation field control is a 2-bit data area indicating the type of configuration of the adaptation field / payload part. Table 2 below shows the adaptation field control values stored in this adaptation field control area (adaptation field control area) and their meanings.

  The continuity index is 4-bit data that specifies the order of TS packets having the same packet identifier, and is incremented by 1 (binary number) starting from 0000 (binary number) to 1111 (binary number). The next time it reaches, it returns to 0000 (binary number).

  The adaptation field / payload part is an area for storing the adaptation field and / or the payload according to the adaptation field control value stored in the adaptation field control. The adaptation field is information that extends the header part. The payload is the main body of information included in the TS packet.

  Next, the data structure of the PMT generated by the encryption server 12 will be described with reference to Table 3 below.

Details of the data structure of the program map table (PMT) shown in Table 3 are as follows.
table_id (8 bits) is an identifier of the PMT and is 0x02 (hexadecimal number).
The section_syntax_indicator (1 bit) is 1 (binary number).
section_length (12 bits) is a numerical value representing the data length from immediately after the field to the end of the PMT.
program_number (16 bits) is service identification information of this PMT.
version_number (5 bits) is the version number of the PMT.
current_next_indicator (1 bit) indicates that this PMT is applied when it is “1” (binary number), and indicates that this PMT is applied next when it is “0” (binary number). .
section_number (8 bits) is a section number.
last_section_number (8 bits) is the maximum section number in this PMT.
PCR_PID (13 bits) is a packet identifier of a TS packet that stores a program clock reference (PCR) of a program including this PMT.

program_info_length (12 bits) is the data length ((8 × N) bits) of the loop provided in the next stage of the field.
The loop provided in the next stage of program_info_length is a program loop (first loop, PMT first loop). This program loop area (program loop area) is a descriptor area 1 and is provided with first descriptor information. In this loop, an 8-bit descriptor is repeated.

The loop provided in the next stage of the program loop is an elementary stream loop (second loop, PMT second loop). The meaning of each data item in the elementary stream loop region (elementary stream loop region) is as follows.
stream_type (8 bits) indicates the stream format of the target elementary stream.
elementary_PID (13 bits) is a packet identifier of a TS packet that stores an associated elementary stream or payload. In this embodiment, an elementary_PID area (elementary packet identifier area) is provided with a common packet identifier indicating a TS packet storing common encrypted data encrypted by the common encryption method.
ES_info_length (12 bits) is the data length ((8 × M) bits) of the descriptor information that starts immediately after the field.
The loop provided at the next stage of ES_info_length is the descriptor area 2, and the second descriptor information is provided. In the present embodiment, a simultaneous scramble descriptor (simultaneous_scramble_descriptor) is provided in this descriptor area.

  The loop provided in the next stage of the descriptor area 2 is a parameter loop. The parameter loop area (parameter loop area) is provided with information related to the decryption of the encryption method necessary for decrypting the encrypted data. The parameter loop can be omitted.

  CRC_32 (32 bits) is a cyclic redundancy check (CRC) value for the entire PMT.

  Next, an example of the data structure of the simul scramble descriptor provided in the descriptor area in the elementary stream loop area of the PMT will be described with reference to Table 4 below.

Details of the data structure of the simultaneous scramble descriptor shown in Table 4 are as follows.
descriptor_tag (8 bits) is tag information for identifying the simulant scramble descriptor.
descriptor_length (8 bits) is a numerical value indicating the data length from immediately after the field to the end of the simulant scramble descriptor.
key_ID (8 bits) is an encryption key identifier for identifying an individual encryption key.
ES_PID (13 bits) is a packet identifier of the individually encrypted packet data. That is, in the ES_PID area, the first packet identifier indicating the TS packet storing the first encrypted data encrypted by applying the first encryption key or the second encryption key is applied. A second packet identifier indicating a TS packet in which the encrypted second encrypted data is stored is provided.
The loop provided in the next stage of ES_PID is a parameter loop. The parameter loop area (parameter loop area) is provided with information related to the decryption of the encryption method necessary for decrypting the encrypted data. The parameter loop can be omitted.

As shown in Table 1, when the encryption server 12 stores encrypted data encrypted by applying a common encryption key in the payload of the TS packet, the encryption server 12 uses the common encryption key in the packet identifier area of the header portion. An associated common packet identifier is provided, and a scramble control value (10 (binary number) or 10 respectively) indicating an “even key” or an “odd key” corresponding to the scramble key to be used is provided in the transport scramble control area of the header portion. 11 (binary number)).
In addition, when the encryption server 12 stores the individual encrypted data encrypted by applying the individual encryption key in the payload of the TS packet, the encryption server 12 includes the first identifier associated with the individual encryption key in the packet identifier area of the header portion. One packet identifier or second packet identifier is provided, and a scramble control value indicating “even key” or “odd key” corresponding to the scramble key to be used (10 (binary number), respectively) in the transport scramble control area of the header part Or 11 (binary number)). However, when there is one individual encryption key, it is set to 10 (binary number) or 11 (binary number). In the following example, a case where there are an even key and an odd key will be described.

  Further, as shown in Tables 3 and 4, the encryption server 12 provides a common packet identifier associated with the common encryption key in the elementary packet identifier area in the elementary stream loop area. The encryption server 12 also includes a first packet identifier associated with the individual encryption key, a second packet identifier, and a first individual encryption key in the descriptor area (descriptor area 2) in the elementary stream loop area. A simultaneous scramble descriptor including an individual encryption key identifier for identifying the encryption key and the second individual encryption key and information related to the decryption is provided.

  FIG. 4 is a conceptual diagram showing the relationship between the packet data of the video content and the PMT in the encrypted packet data generated by the encryption server 12. As shown in the figure, the encrypted packet data generated by the encryption server 12 is obtained by encrypting compression-encoded content data by applying a common encryption key as packet data (video packet) of video content. Common encrypted packet data, and first encrypted packet data and second encrypted packet data obtained by encrypting compression-encoded content data by applying an individual encryption key. The common encrypted packet data includes a common packet identifier (common PID) indicating a common encryption key. The first encrypted packet data and the second encrypted packet data each include a first packet identifier (first PID) indicating the first encryption key and a second packet identifier (second PID) indicating the second encryption method. .

  In this stream, the elementary packet identifier area in the elementary stream loop area of the PMT corresponding to the video packet includes a common packet identifier (elementary PID). The descriptor area includes a first simul scramble descriptor and a second simul scramble descriptor provided with a first packet identifier and a second packet identifier, respectively. The common packet identifier in the PMT corresponds to the common packet identifier in the video packet. Also, the first simul scramble descriptor in the PMT corresponds to the first packet identifier in the video packet. Further, the second simultaneous scramble descriptor in the PMT corresponds to the second packet identifier in the video packet.

  FIG. 5 is a block diagram showing a functional configuration inside the encryption server 12. The encryption server 12 shown in the figure encrypts common encryption target area data (first area data) by applying a common encryption key, and applies two different individual encryption keys to each other. This is an example of encrypting individual encryption target area data (second area data). As shown in the figure, the encryption server 12 includes a data acquisition unit 120, a storage unit 121, a data separation unit 122, an individual encryption unit 123, a common encryption unit 124, and an encrypted packet generation unit 125. A plaintext packet generation unit 126, a packet synthesis unit 127, and an encrypted content data supply unit 128.

The data acquisition unit 120 takes in the compressed encoded content data from the content server 11 and stores the compressed encoded content data in the storage unit 121.
The storage unit 121 stores the compression encoded content data supplied from the data acquisition unit 120. The storage unit 121 is realized by, for example, a semiconductor storage device.

  The data separation unit 122 reads the compression-encoded content data from the storage unit 121, and converts the compression-encoded content data into common encryption target region data (first region data) and individual encryption target region data (second region data). ) And separated. The boundary position where the data separation unit 122 separates the compression-encoded content data is arbitrary. For example, the data separation unit 122 separates the compression-encoded content data so that the data amount of either the common encryption target region data or the individual encryption target region data becomes a predetermined data amount. Alternatively, the data separation unit 122 separates the compression-encoded content data so that each data amount after the separation has a predetermined ratio. Alternatively, the data separation unit 122 separates the compression encoded content data according to the data structure of the compression encoding method.

Specifically, for example, the data separation unit 122 reads the MPEG-2 video file data from the storage unit 121 and extracts the common encryption target area data from the head of the MPEG-2 video file data.
Further, the data separation unit 122 extracts individual encryption target area data excluding common encryption target area data from the read MPEG-2 video file data.
The data separation unit 122 supplies the common encryption target area data to the common encryption unit 124. Further, the data separation unit 122 supplies the individual encryption target area data to the individual encryption unit 123.

  The common encryption unit 124 takes in the common encryption target area data supplied from the data separation unit 122. Then, the common encryption unit 124 encrypts the common encryption target area data by applying the common encryption key, and generates common encrypted data. Then, the common encryption unit 124 supplies the common encrypted data to the common encrypted packet generation unit 1250 in the encrypted packet generation unit 125.

  The individual encryption unit 123 takes in the individual encryption target area data supplied from the data separation unit 122. Then, the individual encryption unit 123 encrypts the individual encryption target area data by applying different individual encryption keys (a first individual encryption key and a second individual encryption key) to each other. System) individual encrypted data (first individual encrypted data and second individual encrypted data). As a detailed configuration for that purpose, the individual encryption unit 123 includes a first encryption unit 1231 and a second encryption unit 1232.

The first encryption unit 1231 takes in the individual encryption target area data supplied from the data separation unit 122. The first encryption unit 1231 then applies the first individual encryption key to encrypt the individual encryption target area data to generate first individual encrypted data, and encrypts the first individual encrypted data. This is supplied to the first encrypted packet generation unit 1251 in the packet generation unit 125.
The second encryption unit 1232 also takes in the individual encryption target area data supplied by the data separation unit 122. Then, the second encryption unit 1232 applies the second individual encryption key to encrypt the individual encryption target area data to generate second individual encrypted data, and encrypts the second individual encrypted data. This is supplied to the second encrypted packet generation unit 1252 in the packet generation unit 125.
The individual encryption target area data to be encrypted by the first encryption unit and the second encryption unit may be different from each other. In this case, for example, the data separation unit 122 may change the individual encryption target area data supplied to the first encryption unit 1231 and the second encryption unit 1232 to different data.

  The encrypted packet generator 125 includes a common encrypted packet generator 1250, a first encrypted packet generator 1251, and a second encrypted packet generator 1252. The first encrypted packet generator 1251 and the second encrypted packet generator 1252 are individual encrypted packet generators that generate individual encrypted packets.

  The common encryption packet generation unit 1250 takes in the common encryption data supplied from the common encryption unit 124, and converts this common encryption data into a TS packet. Then, the common encrypted packet generation unit 1250 corresponds to the common encryption key used by the common encryption unit 124, and the scramble control value “10” indicating “even key” in the transport scramble control area of each TS packet. ”(Binary number) or“ odd number key ”is provided as a scramble control value“ 11 ”(binary number), and an adaptation field control value“ 01 ”(2) indicating“ no adaptation field, only payload ”is provided in the adaptation field control area. An adaptation field control value “11” (binary number) indicating “adjacent number” or “payload next to the adaptation field” is provided. Furthermore, a packet identifier associated with the common encryption key is provided in the packet identifier area of the header part, and common encrypted packet data is generated. The common encryption packet generation unit supplies the common encryption packet data generated in this way to the packet synthesis unit 127.

  The first encrypted packet generation unit 1251 takes in the first individual encrypted data supplied from the first encryption unit 1231 and converts the first individual encrypted data into a TS packet. Then, the first individual encrypted packet generation unit 1251 indicates “even key” in the transport scramble control area of each TS packet corresponding to the first individual encryption key used by the first encryption unit 1231. A scramble control value “10” (binary number) or a scramble control value “11” (binary number) indicating “odd key” is provided, and an adaptation field control value indicating “no adaptation field, only payload” in the adaptation field control area An adaptation field control value “11” (binary number) indicating “01” (binary number) or “payload next to the adaptation field” is provided. Furthermore, a packet identifier associated with the first individual encryption key is provided in the packet identifier area of the header portion, and first individual encrypted packet data is generated. The first individual encrypted packet generation unit 1251 supplies the first individual encrypted packet data generated in this way to the packet synthesis unit 127.

  The second encrypted packet generation unit 1252 takes in the second individual encrypted data supplied from the second encryption unit 1232 and converts the second individual encrypted data into a TS packet. Then, the second individual encrypted packet generation unit 1252 indicates an “even key” in the transport scramble control area of each TS packet corresponding to the second individual encryption key used by the second encryption unit 1232. A scramble control value “10” (binary number) or a scramble control value “11” (binary number) indicating “odd key” is provided, and an adaptation field control value indicating “no adaptation field, only payload” in the adaptation field control area An adaptation field control value “11” (binary number) indicating “01” (binary number) or “payload next to the adaptation field” is provided. Furthermore, a packet identifier associated with the second individual encryption key is provided in the packet identifier area of the header portion, and second individual encrypted packet data is generated. The second individual encrypted packet generation unit 1252 supplies the second individual encrypted packet data generated in this way to the packet synthesis unit 127.

The plaintext packet generation unit 126 reads the packet identifiers corresponding to the common encryption key and the two types of individual encryption keys from the storage unit 121 and supplies these three packet identifiers to the encryption packet generation unit 125.
In addition, the plaintext packet generation unit 126 reads control information from the storage unit 121, and converts various PSI / SI into a transport stream based on the control information. For example, the plaintext packet generation unit 126 provides a common encryption packet identifier associated with the common encryption key applied to the common encryption unit 124 in the elementary packet identifier region of the PMT. In addition, the plaintext packet generation unit 126, for example, includes a first encrypted packet identifier and a second encrypted packet identifier respectively associated with the first encryption key and the second encryption key among the three types of encryption keys. Then, a simultaneous scramble descriptor including an encryption key identifier for identifying the first encryption key and the second encryption key and information relating to the decryption of the first encryption packet and the second encryption packet in association with each other is generated. Then, the plaintext packet generation unit 126 provides the simul scramble identifier in the descriptor area in the PMT elementary stream loop area. Then, the plaintext packet generation unit 126 divides the PMT into sections and generates plaintext packet data.
The plaintext packet generation unit 126 supplies the plaintext packet data to the packet synthesis unit 127.

  The packet combining unit 127 includes the common encrypted packet data supplied from the common encrypted packet generating unit 1250, the first individual encrypted packet data supplied from the first encrypted packet generating unit 1251, and the second encrypted packet generating unit. The second individual encrypted packet data supplied by 1252 is captured. Then, the packet combining unit 127 generates encrypted content data by combining the common encrypted packet data, the first individual encrypted packet data, and the second individual encrypted packet data, and encrypts the encrypted content data. The data is supplied to the content data supply unit 128. For example, the packet combining unit 127 generates encrypted content data by concatenating the common encrypted packet data, the first individual encrypted packet data, and the second individual encrypted packet data in this order. A specific example of the data structure of the encrypted content data will be described later.

Note that the order in which the packet combining unit 127 connects the common encrypted packet data, the first individual encrypted packet data, and the second individual encrypted packet data is not limited to the above order. These three types of packet data can be concatenated in an arbitrary order. Further, the packet combining unit 127 may arbitrarily combine these three types of encrypted packet data in units of minimum TS packets.
The encrypted content data supply unit 128 supplies the encrypted content data acquired from the packet combining unit 127 to the outside (for example, the transmission device 13).

FIG. 6 is a block diagram illustrating an internal functional configuration of the transmission device 13. As shown in the figure, the transmission device 13 includes an encrypted content data acquisition unit 131, a broadcast signal generation unit 132, and a broadcast signal transmission unit 133.
The encrypted content data acquisition unit 131 takes in the encrypted content data from the encryption server 12 and supplies the encrypted content data to the broadcast signal generation unit 132.
The broadcast signal generation unit 132 takes in the encrypted content data supplied by the encrypted content data acquisition unit 131, modulates the encrypted content data, converts it into a digital broadcast signal, and converts the broadcast signal into a broadcast signal transmission unit. 133. The specification of the broadcast signal here is defined by, for example, ARIB (Association of Radio Industries and Broadcast) standard.
The broadcast signal transmission unit 133 takes in the broadcast signal supplied by the broadcast signal generation unit 132 and transmits this broadcast signal from the transmission antenna. Or the broadcast signal transmission part 133 transmits a broadcast signal toward the cable of a cable television.

  FIG. 7 is a block diagram showing a schematic functional configuration inside the receiving apparatus 21. As shown in the figure, the reception device 21 includes a reception unit 211 (encrypted content data acquisition unit), a packet extraction unit 212, a data separation unit 213, a decryption key storage unit 214, a decryption unit 215, data A synthesis unit 218 and a compression-encoded content decompression unit 219 are provided.

  For example, the receiving unit 211 takes in a broadcast signal obtained from a broadcast radio wave received by a receiving antenna (not shown). Or the receiving part 211 receives a broadcast signal via the cable of a cable television. Then, the reception unit 211 demodulates the broadcast signal to acquire encrypted content data, and supplies the encrypted content data to the packet extraction unit 212 and the data separation unit 213.

  The packet extraction unit 212 takes in the encrypted content data supplied from the reception unit 211. Then, the packet extraction unit 212 searches for the simul scramble identifier from the identifier area in the PMT elementary stream loop area included in the encrypted content data. When the packet extraction unit 212 detects the simulant scramble identifier, the packet extraction unit 212 reads the own device encryption identifier from the decryption key storage unit 214, and obtains the simulsion scramble identifier including the same encryption key identifier as the own device encryption key identifier from the PMT. Extract. Then, the packet extraction unit 212 extracts a packet identifier (in this case, the first encrypted packet identifier or the second encrypted packet identifier) from the simul scrambling identifier. Further, the packet extraction unit 212 extracts the common packet identifier from the elementary packet identifier region in the elementary stream loop region of the PMT. Then, the extracted common packet identifier and packet identifier are supplied to the data separation unit 213.

  In the following, a case where the own device encryption key identifier is the first encryption key identifier will be described, but the same processing is performed when the own device encryption key identifier is the second encryption key identifier.

  The data separator 213 takes in the encrypted content data supplied from the receiver 211, the common packet identifier supplied from the packet extractor 212, and the individual packet identifier (first encryption key identifier). Then, from the three encrypted packet data included in the encrypted content data, the encrypted packet data in which the common packet identifier and the first packet identifier are provided in the packet identifier area of the header portion, that is, the common encrypted packet data and the first Extract encrypted packet data. Then, the data separation unit 213 supplies the common encrypted packet data and the first encrypted packet data extracted from the encrypted content data to the decryption unit 215.

  The decryption key storage unit 214 stores an even key and an odd key corresponding to the common encryption key. Also, the decryption key storage unit 214 includes an individual encryption key (own device encryption key) of either the first individual encryption key or the second individual encryption key and an individual encryption key for identifying the device encryption key. Pair data in which identification information (own device encryption key identification information) is associated is stored. The decryption key storage unit 214 is realized by an IC card such as a Conditional Access Systems (CAS) card, for example.

  The decryption unit 215 takes in the two encrypted packet data (common encrypted packet data and first individual encrypted packet data) supplied from the data separation unit 213. Then, the decryption unit 215 applies the even key or odd key stored in the decryption key storage unit 214 to decrypt the common encrypted packet data, and generates common encryption target area data. Further, the decryption unit 215 decrypts the first individual encrypted packet data based on the own device encryption key identification information stored in the decryption key storage unit 214, and generates individual encryption target area data. At this time, the decryption unit 215 performs decryption by applying the local device encryption key associated with the local device encryption key identification information stored in the decryption key storage unit 214.

  A more detailed configuration of the decoding unit 215 will be described. The decoding unit 215 includes a common decoding unit 216 and an individual decoding unit 217. The common encrypted packet data output from the data separation unit 213 is sent to the common decryption unit 216, and the first encrypted packet data is sent to the individual decryption unit 217.

  The common decryption unit 216 takes in the common encrypted packet data output from the data separation unit 213. Then, the common decryption unit 216 generates common encrypted data by extracting and combining the payload from each TS packet of the common encrypted packet data. Then, when the scramble control value is “10” indicating “even key”, the common decryption unit 216 applies the even key stored in the decryption key storage unit 214 to decrypt the common encrypted data, and Generate target area data. Further, when the scramble control value is “11” indicating “odd key”, the common decryption unit 216 applies the odd key stored in the decryption key storage unit 214 to decrypt the common encrypted data, and Generate target area data. Then, the common decryption unit 216 supplies the common encryption target area data to the data synthesis unit 218.

  The individual decryption unit 217 takes in the first encrypted packet data output from the data separation unit 213. Then, the individual decryption unit 217 generates individual encrypted data by extracting and combining the payload from each TS packet of the first encrypted packet data. When the scramble control value is “10” indicating “even key”, the individual decryption unit 217 applies the individual even key stored in the decryption key storage unit 214 to decrypt the first encrypted data, Individual encryption target area data is generated. When the scramble control value is “11” indicating “odd key”, the individual decryption unit 217 applies the individual odd key stored in the decryption key storage unit 214 to decrypt the individual encrypted data, and Generate encryption target area data. Then, the individual decryption unit 217 supplies the individual encryption target area data to the data synthesis unit 218. If there is one individual encryption key, the scramble control value is set to “10” or “11”.

The data synthesis unit 218 takes in the common encryption target area data supplied from the common decryption unit 216 and takes in the individual encryption target area data supplied from the individual decryption unit 217. Then, the data synthesis unit 218 generates the compression-encoded content data by synthesizing the common encryption target region data and the individual encryption target region data, and sends the compression-encoded content data to the compression-encoded content decompression unit 219. Supply.
The compression-encoded content decompression unit 219 takes in the compression-encoded content data supplied from the data synthesis unit 218, decompresses the compression-encoded content data into content data, and outputs this content data.
Note that data decrypted from the common encrypted packet data is referred to as first area decrypted data for convenience. Further, the data decrypted from the individually encrypted packet data is referred to as second area decrypted data for convenience.

Next, the operation of each device constituting the content distribution system 1 will be described.
FIG. 8 is a flowchart showing a procedure of processing executed by the content server 11.
First, the content acquisition unit 111 takes in content data from an external content supply device, and supplies this content data to the content compression encoding unit 113. Then, the content compression encoding unit 113 takes in the content data supplied from the content acquisition unit 111 (step S1).
Next, the encoding rate acquisition unit 112 takes in encoding rate data from an external encoding rate supply device, and supplies the encoding rate to the content compression encoding unit 113. Then, the content compression encoding unit 113 takes in the encoding rate supplied by the encoding rate acquisition unit 112 (step S2).
Next, the content compression encoding unit 113 performs compression encoding processing of the content data, generates compression encoded content data having a capacity value equal to or less than the encoding rate, and compresses and encodes this compression encoded content data. It supplies to the content memory | storage part 114 (step S3).
Next, the compression encoded content storage unit 114 stores the compression encoded content data supplied from the content compression encoding unit 113 as, for example, file data. Then, the compression-encoded content supply unit 115 reads out the compression-encoded content data from the compression-encoded content storage unit 114 and transmits it (step S4).

FIG. 9 is a flowchart showing a procedure of processing executed by the encryption server 12.
First, the data acquisition unit 120 takes in the compressed encoded content data from the content server 11 and stores the compressed encoded content data in the storage unit 121 (step S11).

  Next, the data separation unit 122 reads the compression-encoded content data from the storage unit 121 and separates this compression-encoded content data into common encryption target region data and individual encryption target region data. Specifically, for example, the data separation unit 122 reads the MPEG-2 video file data from the storage unit 121 and extracts the common encryption target area data from the head of the MPEG-2 video file data. Next, the data separation unit 122 supplies the common encryption target area data to the common encryption unit 124. Further, the data separation unit 122 extracts individual encryption target area data excluding common encryption target area data from the read MPEG-2 video file data. Next, the data separation unit 122 supplies the individual encryption target area data to the individual encryption unit 123 (step S12).

  Next, the common encryption unit 124 takes in the common encryption target area data supplied from the data separation unit 122. Next, the common encryption unit 124 encrypts the common encryption target area data by applying the common encryption key, and generates common encrypted data. Next, the common encryption unit 124 supplies the common encrypted data to the common encrypted packet generation unit 1250. In addition, the individual encryption unit 123 takes in the individual encryption target area data supplied from the data separation unit 122. Next, the individual encryption unit 123 encrypts the individual encryption target area data by applying the different individual encryption keys (the first individual encryption key and the second individual encryption key) to each other. Two types of individual encrypted data (first individual encrypted data and second individual encrypted data) are generated. Specifically, the first encryption unit 1231 takes in the individual encryption target area data supplied from the data separation unit 122. Next, the first encryption unit 1231 applies the first individual encryption key to encrypt the individual encryption target area data to generate first individual encrypted data, and the first individual encrypted data is converted into the first individual encrypted data. 1 is supplied to the encrypted packet generator 1251. The second encryption unit 1232 also takes in the individual encryption target area data supplied by the data separation unit 122. Next, the second encryption unit 1232 applies the second individual encryption key to encrypt the individual encryption target area data to generate second individual encrypted data, and the second individual encrypted data is converted into the second individual encrypted data. 2 is supplied to the encrypted packet generator 1252 (step S13).

  Next, the encrypted packet generation unit 125 takes in the three encrypted data generated by the common encryption unit 124 and the individual encryption unit 123, and the packet corresponding to each of the three types of encryption keys from the plaintext packet generation unit 126. Capture identifier. Next, the encrypted packet generation unit 125 converts each of the three encrypted data into a transport stream. Next, the encrypted packet generation unit 125 provides, for each transport stream for each encryption key, a packet identifier associated with the encryption key in the packet identifier region of the header part of each transport stream packet. Three (three systems) of encrypted packet data are generated. Specifically, the common encryption packet generation unit 1250 takes in the common encryption data from the common encryption unit 124 and converts the common encryption data into a transport stream. Next, the common encrypted packet generation unit 1250 has a scramble control value (“10” (“10”)) corresponding to the scramble key to be used, in the transport scramble control area included in the header portion of each TS packet. Binary number) or "11" (binary number)). Next, the common encrypted packet generation unit 1250 provides the common packet identifier fetched from the plaintext packet generation unit 126 in the packet identifier region included in the header portion of each TS packet. Thus, the common encrypted packet generation unit 1250 generates common encrypted packet data. Next, the common encrypted packet generation unit 1250 supplies the common encrypted packet data to the packet combining unit 127 (part of step S14).

  The first encrypted packet generation unit 1251 takes in the first encrypted data from the first encryption unit 1231 and converts the first encrypted data into a transport stream. Next, the first encrypted packet generation unit 1251 has a scramble control value (“10”) indicating an even key or an odd key corresponding to the scramble key to be used in the transport scramble control area included in the header portion of each TS packet. (Binary number) or “11” (binary number)). Next, the 1st encryption packet generation part 1251 provides the 1st packet identifier taken in from the plaintext packet generation part in the packet identifier area | region which the header part of each TS packet has. Thus, the first encrypted packet generator 1251 generates the first encrypted packet data. Next, the first encrypted packet generator 1251 supplies the first encrypted packet data to the packet combiner 127 (part of step S14).

  Also, the second encrypted packet generation unit 1252 takes in the second encrypted data from the second encryption unit 1232 and converts the second encrypted data into a transport stream. Next, the second encrypted packet generation unit 1252 has a scramble control value (“10”) indicating an even key or an odd key corresponding to the scramble key to be used in the transport scramble control area included in the header portion of each TS packet. (Binary number) or “11” (binary number)). Next, the second encrypted packet generation unit 1252 provides the second packet identifier fetched from the plaintext packet generation unit 126 in the packet identifier area of the header portion of each TS packet. Thus, the second encrypted packet generator 1252 generates second encrypted packet data. Next, the second encrypted packet generator 1252 supplies the second encrypted packet data to the packet combiner 127 (part of step S14).

  Next, the plaintext packet generation unit 126 reads the control information from the storage unit 121, and converts various PSI / SI into a transport stream based on the control information. For example, the plaintext packet generation unit 126 uses the common packet identifier associated with the common encryption key among the three types of encryption keys applied in the common encryption unit 124 and the individual encryption unit 123 for the encryption process. Are provided in the elementary packet identifier area of the PMT. Further, the plaintext packet generation unit 126, for example, among the three types of encryption keys, the first packet identifier and the second packet identifier associated with the first encryption key and the second encryption key, A simultaneous scramble descriptor including an encryption key identifier for identifying the encryption key and the second encryption key, and information relating to the decryption of the first encryption key and the second encryption key in association with each other is generated. Next, the plaintext packet generation unit 126 provides the simulant scramble identifier in the descriptor area in the PMT elementary stream loop area. Next, the plaintext packet generator 126 divides the PMT into sections and generates plaintext packet data. Next, the plaintext packet generation unit 126 supplies the plaintext packet data to the packet synthesis unit 127 (part of step S14).

  Note that the encrypted packet generation unit 125 and the plaintext packet generation unit 126 may execute either of these processes first, or may execute these processes in parallel.

  Next, the packet combining unit 127 includes the common encrypted packet data supplied from the common encrypted packet generating unit 1250, the first individual encrypted packet data supplied from the first encrypted packet generating unit 1251, and the second encrypted packet data. The second individual encrypted packet data supplied by the packet generator 1252 and the plaintext packet data are captured. Next, the packet combining unit 127 combines the common encrypted packet data, the first individual encrypted packet data, the second individual encrypted packet data, and the plaintext packet data to generate encrypted content data. For example, the packet combining unit 127 generates encrypted content data by concatenating plaintext packet data, common encrypted packet data, first individual encrypted packet data, and second individual encrypted packet data in this order (step S14). part).

  In the encryption server 12, the common encryption unit 124, the first encryption unit 1231, and the second encryption unit 1232 may execute the encryption processes in parallel or execute the encryption processes in any order. May be. Similarly, the common encryption packet generation unit 1250, the first encryption packet generation unit 1251, and the second encryption packet generation unit 1252 may execute packet generation processing in parallel or perform packet generation processing in any order. May be executed.

  Then, the encrypted content data supply unit 128 transmits the encrypted content data combined by the packet combining unit 127 (step S15).

FIG. 10 is a flowchart illustrating a procedure of processing executed by the transmission device 13.
The encrypted content data acquisition unit 131 takes in the encrypted content data (encrypted packet data) from the encryption server 12, and supplies this encrypted content data to the broadcast signal generation unit 132 (step S21).
Next, the broadcast signal generation unit 132 takes in the encrypted content data supplied from the encrypted content data acquisition unit 131, modulates the encrypted content data, converts it into a digital broadcast signal, and broadcasts the broadcast signal. It supplies to the signal transmission part 133 (step S22).
Next, the broadcast signal transmission unit 133 takes in the broadcast signal supplied by the broadcast signal generation unit 132 and transmits the broadcast signal via the transmission antenna. Alternatively, the broadcast signal transmission unit 133 transmits a broadcast signal via a cable (step S23).

  The processing for each packet is sequentially performed from step S21 to S23 as described above, but the encrypted content data acquisition unit 131, the broadcast signal generation unit 132, and the broadcast signal transmission unit 133 perform processing in parallel. As a result, the time-series packets supplied are processed and transmitted one after another.

FIG. 11 is a flowchart illustrating a procedure of processing executed by each receiving device 21.
For example, the reception unit 211 captures a broadcast signal obtained by receiving broadcast radio waves with a reception antenna connected to the reception device 21. Or the receiving part 211 receives and takes in the broadcast signal supplied via the cable of a cable television. Next, the reception unit 211 demodulates the broadcast signal to acquire encrypted content data, and supplies the encrypted content data to the packet extraction unit 212 and the data separation unit 213 (step S31).

  Next, the packet extraction unit 212 takes in the encrypted content data supplied from the reception unit 211. Then, the packet extraction unit 212 searches for the simul scramble identifier from the identifier area in the PMT elementary stream loop area included in the encrypted content data. When the packet extraction unit 212 detects the simulant scramble identifier, the packet extraction unit 212 reads the own device encryption identifier from the decryption key storage unit 214, and obtains the simulsion scramble identifier including the same encryption key identifier as the own device encryption key identifier from the PMT. Extract. Then, the packet extraction unit 212 extracts a packet identifier (in this case, the first encrypted packet identifier or the second encrypted packet identifier) from the simul scrambling identifier. Further, the packet extraction unit 212 extracts the common packet identifier from the elementary packet identifier region in the elementary stream loop region of the PMT. Then, the extracted common packet identifier and packet identifier are supplied to the data separation unit 213 (part of step S32).

  Next, the data separation unit 213 takes in the encrypted content data supplied from the reception unit 211 and the common packet identifier and packet identifier supplied from the packet extraction unit 212. Next, the data separation unit 213 uses the encrypted packet data in which the common packet identifier and the first packet identifier are provided in the packet identifier region of the header from the three encrypted packet data included in the stream, that is, the common encrypted packet. Data and first encrypted packet data are extracted. Next, the data separation unit 213 supplies the common encrypted packet data and the first encrypted packet data extracted from the stream to the decryption unit 215 (part of step S32).

  In addition, although the process when the first encrypted packet data is decrypted is described here, the target packet is different or the decryption key to be applied is different also when the second encrypted packet data is decrypted. However, the process itself is the same.

  Next, the decryption unit 215 takes in the two encrypted packet data (common encrypted packet data and first individual encrypted packet data) supplied from the data separation unit 213. Next, the common decryption unit 216 generates common encrypted data by extracting the payload from each TS packet of the common encrypted packet data fetched from the data separating unit 213 and combining them. Next, when the scramble control value is “10” indicating “even key”, the common decryption unit 216 applies the even key stored in the decryption key storage unit 214 to decrypt the common encrypted data, Generate encryption target area data. Further, when the scramble control value is “11” indicating “odd key”, the common decryption unit 216 applies the odd key stored in the decryption key storage unit 214 to decrypt the common encrypted data, and Generate target area data. Next, the common decryption unit 216 supplies the common encryption target area data to the data synthesis unit 218 (part of step S33).

  Further, the individual decryption unit 217 fetches the first individual encrypted packet data fetched from the data separation unit 213. Next, the individual decryption unit 217 generates individual encrypted data by extracting and combining the payload from each TS packet of the individual encrypted packet data. Next, when the scramble control value is “10” indicating “even key”, the individual decryption unit 217 applies the individual even key stored in the decryption key storage unit 214 to decrypt the individual encrypted data, Individual encryption target area data is generated. When the scramble control value is “11” indicating “odd key”, the individual decryption unit 217 applies the individual odd key stored in the decryption key storage unit 214 to decrypt the individual encrypted data, and Generate encryption target area data. Next, the individual decryption unit 217 supplies the individual encryption target area data to the data composition unit 218 (part of step S33).

  Next, the data synthesizing unit 218 takes in the common encryption target area data supplied from the common decryption unit 216 and also takes in the individual encryption target area data supplied from the individual decryption unit 217. Next, the data synthesizing unit 218 synthesizes the common encryption target area data and the individual encryption target area data to generate compression-encoded content data, and the compression-encoded content data is compressed-encoded content decompression unit 219. To supply. Next, the compression-encoded content decompression unit 219 takes in the compression-encoded content data supplied from the data synthesis unit 218, decodes this compression-encoded content data into content data, and outputs this content data (step S34). .

  Note that the common decryption unit and the individual decryption unit may execute encryption processing in parallel or may execute encryption processing in any order. A series of functional units from the reception unit 211 to the compression-encoded content expansion unit 219 may perform processing in parallel. Thereby, a plurality of time-series packets can be sequentially processed.

[Second Embodiment]
Next, a second embodiment will be described. The second embodiment is different from the first embodiment described above in that the encryption server 12 is replaced with an encryption server 62 (encryption device).

  The encryption server 62 takes in the compressed encoded content data from the content server 11 and separates this compressed encoded content data into block data including a predetermined code and common data excluding this block data. The predetermined code will be described later. The encryption server 62 changes the predetermined code (first code) included in the block data to another code (second code) having the same code length as this code and different from this code. Thus, changed block data is generated.

  The encryption server 62 encrypts the common data by applying the common encryption key, and generates the common encrypted data. Also, the encryption server 62 encrypts each of the block data and the changed block data by applying two different individual encryption keys (first individual encryption key and second individual encryption key), and (2 systems) individual encrypted data is generated. That is, the common data corresponds to the common encryption target area data, and the block data and the changed block data correspond to the individual encryption target area data. Then, the encryption server 62 packet-converts the common encrypted data and provides common encryption key identification information in each packet. The encryption server 62 packet-converts each of the first individual encrypted data and the second individual encrypted data, and individual encryption key identification information for identifying each of the first individual encryption key and the second individual encryption key. (First individual encryption key identification information, second individual encryption key identification information) is provided in each corresponding packet. Then, the encryption server 62 combines all the packets to generate encrypted content data, and stores this encrypted content data.

  FIG. 12 is a block diagram illustrating an outline of a functional configuration of the encryption server 62. The encryption server 62 shown in the figure encrypts common data by applying a common encryption key, and encrypts block data and changed block data by applying two different individual encryption keys to each other. Is. As shown in the figure, the encryption server 62 is different from the encryption server 12 in the first embodiment in that it further includes a code detection unit 621 and a code change unit 622. Here, the description is focused on matters specific to the encryption server 62 according to the present embodiment, and a part of the description common to the encryption server 12 of the previous embodiment is partially omitted.

  The code detection unit 621 detects a predetermined code (specific code) from a predetermined data region by taking the compressed encoded content data from the data acquisition unit 120 and analyzing the code string of the compressed encoded content data. For example, the code detection unit 621 detects a code included in a table for variable-length coding of discrete cosine transform (DCT) coefficients from a variable-length code included in the compression-encoded content data. Identify the location.

  Here, a specific code when the compression-encoded content data is MPEG-2 video file data compressed and encoded based on the MPEG-2 video standard will be described in detail. In this example, the compression-encoded content data has a data structure according to the MPEG-2 video standard. Specifically, the compression-encoded content data includes, for example, a sequence layer (Sequence Layer), a GOP layer (Group Of Picture Layer), a picture layer (Picture Layer), a slice layer (Slice Layer), and a macro block layer (Macro). It has a 6-layer hierarchical data structure up to a block layer and a block layer. Of these six layers, the sequence layer is the highest layer, and the block layer is the lowest layer. Of these six layers, the block layer includes coding coefficients (for example, DCT coefficients). Specifically, the block layer includes a table for variable length coding of DCT coefficients.

  Table 5 below is a table showing a part of a table included in the block layer for variable length coding of DCT coefficients. However, in this table, the run length is the number of zero coefficients. The level is a non-zero coefficient value. Further, s is a level code.

  According to Table 5, the predetermined code indicates the run length, which is the number of zero coefficients, and the level value of the non-zero coefficient.

  The code detection unit 621 stores the compression encoded content data in the storage unit 121. The code detection unit 621 also counts the number of bits from the beginning of the compression encoded content data (the beginning of the file) to a predetermined code, and stores the number of bits in the storage unit 121 as code position information. Note that the code detection unit 621 may set the counting start position for counting the number of bits as an arbitrary position determined in advance, instead of the head of the compression-encoded content data.

  The storage unit 121 stores the compression encoded content data and code position information supplied by the code detection unit 621. The storage unit 121 is realized by, for example, a semiconductor storage device.

The data separation unit 122 reads the compression-encoded content data and code position information from the storage unit 121. Then, the data separation unit 122 separates the compression-encoded content data into block data including the code at the position indicated by the code position information and common data excluding this block data.
Specifically, the data separation unit 122 reads MPEG-2 video file data and code position information from the storage unit. Then, for example, the data separation unit 122 extracts block data in a range including the code at the position indicated by the code position information from the head of the read MPEG-2 video file data.
Further, the data separation unit 122 extracts a code string excluding block data extracted from the MPEG-2 video file data as common data.
The data separation unit 122 supplies the block data to the code change unit 622 and the individual encryption unit 123. Further, the data separation unit 122 supplies the common data to the common encryption unit 124.

  The code changing unit 622 takes in the block data supplied from the data separating unit 122. Then, the code changing unit 622 generates changed block data by changing a predetermined code included in the block data to another code having the same code length as this code and different from this code. . Specifically, when the predetermined code indicates the run length (the number of zero coefficients) and the level value of the non-zero coefficient, the run length in the other codes is the same as the run length in the predetermined code. By doing so, it is possible to prevent a significant difference in the image quality of the decoded image between the block data and the changed block data. Then, the code change unit 622 supplies the changed block data to the second encryption unit 1232 of the individual encryption unit 123.

  The common encryption unit 124 takes in the common data supplied from the data separation unit 122. Then, the common encryption unit 124 encrypts the common data by applying the common encryption key, and generates common encrypted data. Then, the common encryption unit 124 supplies the common encrypted data to the encrypted packet generation unit 1250.

  The individual encryption unit 123 takes in the block data supplied from the data separation unit 122. Also, the individual encryption unit 123 takes in the changed block data supplied from the code changing unit 622. Then, the individual encryption unit 123 encrypts the block data and the changed block data by applying different individual encryption keys (first individual encryption key and second individual encryption key) to each other, and System) individual encrypted data (first individual encrypted data and second individual encrypted data).

  More specifically, the first encryption unit 1231 takes in the block data supplied from the data separation unit 122. Then, the first encryption unit 1231 applies the first individual encryption key to encrypt the block data to generate first individual encrypted data, and the first individual encrypted data is converted into the encrypted packet generation unit 125. To supply. Further, the second encryption unit 1232 takes in the changed block data supplied from the code changing unit 622. Then, the second encryption unit 1232 applies the second individual encryption key to encrypt the changed block data to generate second individual encrypted data, and the second individual encrypted data is encrypted packet generation unit 125.

  The functions of the encrypted packet generation unit 125, the packet combining unit 127, and the encrypted content data supply unit 128 in the encryption server 62 are the same as the functions of the respective units in the encryption server 12 of the first embodiment.

Next, the operation of the apparatus constituting the content distribution system according to the second embodiment will be described.
FIG. 13 is a flowchart showing a procedure of processing executed by the encryption server 62.

  The data acquisition unit 120 takes in the compressed encoded content data from the external content server 11 and supplies this compressed encoded content data to the code detecting unit 621 (step S61).

  Next, the code detection unit 621 takes in the compressed and encoded content data supplied from the data acquisition unit 120. Next, the code detection unit 621 detects a predetermined code (specific code) from a predetermined data area by analyzing the code string of the compression encoded content data. Next, the code detection unit 621 stores the compression encoded content data and the code position information indicating the position of the detected code in the storage unit 121 (step S62).

  Next, the data separation unit 122 reads the compression-encoded content data and code position information from the storage unit 121. Next, the data separation unit 122 separates the compression-encoded content data into block data including the code at the position indicated by the code position information and common data excluding this block data. Specifically, the data separation unit 122 reads MPEG-2 video file data and code position information from the storage unit 121. Next, the data separation unit 122 extracts block data in a range including the code at the position indicated by the code position information, for example, from the beginning of the read MPEG-2 video file data. Further, the data separation unit 122 extracts a code string excluding block data extracted from the MPEG-2 video file data as common data. Next, the data separation unit 122 supplies the block data to the code change unit 622 and the individual encryption unit 123. Further, the data separation unit 122 supplies the common data to the common encryption unit 124 (step S63).

  Next, the code changing unit 622 takes in the block data supplied from the data separating unit 122. Next, the code changing unit 622 generates changed block data by changing a predetermined code included in the block data to another code having the same code length as this code and different from this code. To do. Next, the code changing unit 622 supplies the changed block data to the second encryption unit 1232 of the individual encryption unit 123 (step S64).

Next, the common encryption unit 124 takes in the common data supplied from the data separation unit 122. Next, the common encryption unit 124 encrypts the common data by applying the common encryption key, and generates common encrypted data. Next, the common encryption unit 124 supplies the common encrypted data to the encrypted packet generation unit 125 (part of step S65).
Also, the first encryption unit 1231 takes in the block data supplied from the data separation unit 122. Next, the first encryption unit 1231 applies the first individual encryption key to encrypt the block data to generate first individual encrypted data, and the first individual encrypted data is encrypted packet generation unit 125 (part of step S65).
Further, the second encryption unit 1232 takes in the changed block data supplied from the code changing unit 622. Next, the second encryption unit 1232 applies the second individual encryption key to encrypt the changed block data to generate second individual encrypted data, and the second individual encrypted data is converted into an encrypted packet. It supplies to the production | generation part 125 (a part of step S65).

  Since the subsequent processing is the same as the processing of the encryption server 12 in the first embodiment, description thereof is omitted here.

  In the encryption server 62, the common encryption unit 124, the first encryption unit 1231, and the second encryption unit 1232 may execute encryption processes in parallel or execute encryption processes in any order. May be. Similarly, the common encryption packet generation unit 1250, the first encryption packet generation unit 1251, and the second encryption packet generation unit 1252 may execute packet generation processing in parallel or perform packet generation processing in any order. May be executed.

[System Operation, Operation, and Unauthorized Person Tracking: First Embodiment]
When receiving the encrypted content data generated by the encryption server 12, the receiving device 21 described in the first embodiment generates common data from the common encrypted packet data by applying a common encryption key that is held in advance. Also, block data or changed block data (decrypted block data) is generated from the individual encrypted packet data corresponding to the self-device individual encryption key that is held in advance among the two systems of individual encrypted packet data. Then, the receiving device 21 combines the common data and the decoded block data to generate decoded compressed encoded content data, and decodes the decoded compressed encoded content data into decoded content data. As described above, the receiving device 21 can normally decrypt the encrypted content data generated by the encryption server 12.

  As described above in detail, the encryption server 12 according to the first embodiment applies a common encryption key, encrypts the common encryption target area data in the compression encoded content data, and generates common encrypted data. An encryption unit 124 is provided. Also, the encryption server 12 applies the first individual encryption key and the second individual encryption key which are different from each other, respectively encrypts the individual encryption target area data obtained from the compression encoded content data, and An individual encryption unit 123 that generates encrypted data is provided. Further, the encryption server 12 includes a common encryption packet generation unit 1250 that converts the common encryption data into TS, provides common encryption key identification information to each TS packet, and generates common encryption packet data. In addition, the encryption server 12 converts the individual encrypted data into a TS, and provides individual encryption key identification information for each TS corresponding to the first individual encryption key and the second individual encryption key. A separate encrypted packet generator (a first encrypted packet generator 1251 and a second encrypted packet generator 1252) for generating encrypted packet data. In addition, the encryption server 12 provides a common packet identifier associated with the common encryption key in the elementary packet identifier area of the program map table, and associates it with the first individual encryption key and the second individual encryption key, respectively. Generated descriptor information including the first encrypted packet identifier and the second encrypted packet identifier, providing the descriptor information in an elementary stream loop area of the program map table, and including the program map table A plaintext packet generator 126 for generating packet data is provided. In addition, the encryption server 12 includes a packet combining unit 127 that combines the common encrypted packet data, the individual encrypted packet data, and the plaintext packet data to generate encrypted content data.

  That is, the encryption server 12 in the first embodiment encrypts the common encryption target area data in the compression-encoded content data by applying the common encryption key, and also performs individual encryption in the compression-encoded content data. The target area data is encrypted by applying two different individual encryption keys. The receiving device 21 that has acquired the encrypted content data generated by the encryption server 12 applies the own device individual encryption key of the device and applies either the first individual encrypted data or the second individual encrypted data. Or decrypt. That is, the receiving device 21 that has acquired the encrypted content data generated by the encryption server 12 reproduces the content data corresponding to the individual encryption key that it holds. This makes it possible to distribute content using a plurality of different encryption keys during normal operation of a content distribution service for simultaneous distribution by a content distribution system including the encryption server 12. This is because all the contents of the conventional simultaneous delivery are the same contents, and in the unauthorized person tracking test, different contents are delivered for each individual encryption key held in the receiver. While it has been determined whether it is a simultaneous distribution or a test, different contents can be distributed for each individual encryption key even in the simultaneous distribution. According to the first embodiment, the unauthorized receiving device is illegal. It is possible to prevent correct determination of whether the test is a person tracking test or normal operation.

  In addition, the receiving device 21 in the first embodiment includes a receiving unit 211 that captures encrypted content data. This encrypted content data is obtained by combining the common encrypted packet data, the encrypted packet data, and the plaintext packet data on the transmission side.

Among these, the common encryption packet data is obtained by converting the common encryption target area data in the compression encoded content data by applying the common encryption key to the common encryption data, and converting each TS packet. Is obtained by providing common encryption key identification information.
In addition, the encrypted packet data includes individual encryption target area data obtained from the compression-encoded content data and obtained by encrypting the individual encryption target area data by applying the first individual encryption key and the second individual encryption key, respectively. Encrypted data is converted to TS, and each TS packet corresponding to the first individual encryption key and the second individual encryption key corresponds to the encryption key in the packet identifier area of the header of each TS packet. It is generated by providing the attached packet identifier.
The plaintext packet data is provided with a common packet identifier associated with the common encryption key in the elementary packet identifier area of the program map table, and the first packet associated with the first encryption key and the second encryption key. The descriptor information including the packet identifier and the second packet identifier is generated and the descriptor information is generated including the program map table provided in the elementary stream loop area of the program map table.

In addition, the receiving device 21 extracts descriptor information from the elementary stream loop area of the program map table included in the plaintext packet data from the captured encrypted content data, and the first encrypted packet identifier and the first identifier are extracted from the descriptor information. 2 includes an encryption identifier extraction unit (function in the packet extraction unit 212) that extracts the encrypted packet identifier.
Further, the receiving device 21 extracts common encrypted packet data having a TS packet provided with common encryption key identification information from the captured encrypted content data, and the common encrypted data included in the common encrypted packet data is extracted. A common decryption unit 216 that decrypts the data and generates common encryption target area data is provided.
The receiving device 21 extracts encrypted packet data in which the encryption key identification information in the header portion of the TS packet is the same as the pre-stored own device encryption key identification information from the encrypted content data. An individual decrypting unit 217 that decrypts individual encrypted data included in the encrypted packet data to generate individual encryption target area data is provided.
In addition, the receiving device 21 includes a data synthesis unit 218 that synthesizes the common encryption target area data and the individual encryption target area data to generate compression-encoded content data.

  With this configuration, the receiving device 21 that has captured the encrypted content data generated by the encryption server 12 applies the common encryption key that is stored in advance to obtain the common encryption target area data from the common encrypted packet data. Individual encryption target area data can be generated from the individual encrypted packet data corresponding to the own device individual encryption key of the two systems of individual encrypted packet data. Therefore, the receiving device 21 can normally decrypt the encrypted content data generated by the encryption server 12.

  Therefore, in the normal operation of the mass distribution content distribution service by the content distribution system including the encryption server 12, all the contents are the same content, and in the unauthorized person tracking test, the individual encryption key held in the receiver Since different contents are distributed every time, it is easy to determine whether the distribution is a simultaneous distribution or a test, but even in simultaneous distribution, different contents can be distributed for each individual encryption key. . In other words, it is possible to prevent the receiving device, which is an unauthorized receiving device, from correctly determining whether the receiving device is a fraud tracking test or normal operation.

[System Operation, Operation, and Unauthorized Person Tracking: Second Embodiment]
In addition to the configuration of the encryption server 12 in the first embodiment, the encryption server 62 in the second embodiment of the present invention detects a predetermined code from the variable length code included in the compressed encoded content data. The code | symbol detection part 621 to be further provided.
The encryption server 62 further includes a data separation unit 122 that separates the compression-encoded content data into block data including the code and common data excluding the block data.
In addition, the encryption server 62 changes the code included in the block data to another code having the same code length as that of the code and different from the code, and generates the changed block data. Is further provided.
In addition, the common encryption unit 124 of the encryption server 62 encrypts the common data separated by the data separation unit 122 by applying a common encryption key.
In addition, the individual encryption unit 123 of the encryption server 62 converts the block data separated by the data separation unit 122 and the changed block data generated by the code change unit 622 into the first individual encryption key and the second individual encryption key. Encrypt by applying each encryption key.

  That is, the encryption server 62 encrypts the common data in the compression-encoded content data by applying a common encryption key, and the block data in the compression-encoded content data and a part of the content from the block data The changed block data that has been changed is encrypted by applying two different individual encryption keys. The receiving device 21 that has acquired the encrypted content data generated by the encryption server 62 applies its own device individual encryption key that the device has, and the first individual encrypted data (encrypted block data) or the second Decrypt individual encrypted data (encrypted changed block data). That is, the receiving device 21 that has acquired the encrypted content data generated by the encryption server 62 reproduces the content data corresponding to the individual encryption key that it holds. As a result, the content data reproduced by the unauthorized receiving device having an unauthorized individual encryption key during normal operation of the simultaneous delivery content distribution service by the content distribution system including the encryption server 62 is stored in the authorized individual encryption key. It is different from the content data decrypted in.

  In other words, according to the second embodiment, it is possible to prevent the unauthorized receiving device from correctly determining whether the unauthorized person tracking test is a normal operation. Further, such code conversion hardly affects the image quality. The decoded data in bit units is different, but the difference cannot be visually recognized as an image. For this reason, it is possible to view content without any problem in decoding by a normal receiver.

  However, for example, an unauthorized receiving device configured to cause self-destruction when it is detected that a tracking test is being executed will cause self-destruction even during normal operation services, and becomes unusable as a receiving device. . Or, an unauthorized receiving device configured not to occur until self-destruction cannot determine whether test data has been input or content data by a normal service has been input. Is executed.

  In addition, the encryption server 62 generates changed block data from block data that is a part of the compression-encoded content data. Therefore, the encryption server 62 encrypts the entire compression-encoded content data by applying a plurality of types of encryption keys. The amount of codes can be greatly reduced, and the use band of the transmission line is not compressed.

  Also, the receiving unit 211 of the receiving device that has received the encrypted content data generated by the encryption server 62 takes in the encrypted content data obtained by combining the encrypted packet data and the plaintext packet data.

Among these, the encrypted packet data includes block data including a predetermined code included in the variable length code included in the compression encoded content data, and the code included in the block data having the same code length as the code length of the code. And the encrypted data obtained by encrypting each of the changed block data changed to another code different from the code by applying the first individual encryption key and the second individual encryption key, respectively. Packet identifier associated with the encryption key in the packet identifier area of the header of each TS packet for each TS corresponding to each of the first individual encryption key and the second individual encryption key Is generated.
The plaintext packet data is provided with a common packet identifier associated with the common encryption key in the elementary packet identifier area of the program map table, and the first packet associated with the first encryption key and the second encryption key. The descriptor information including the packet identifier and the second packet identifier is generated and the descriptor information is generated including the program map table provided in the elementary stream loop area of the program map table.

In addition, the receiving device 21 extracts descriptor information from the elementary stream loop area of the program map table included in the plaintext packet data, and uses the first encrypted packet identifier and the second encrypted packet identifier from the descriptor information. Extract.
Further, the common decryption unit 216 of the reception device 21 extracts common encrypted packet data having a TS packet provided with common encryption key identification information from the encrypted content data, and is included in the common encrypted packet data. The common encrypted data is decrypted to generate common data.
Further, the individual decryption unit 217 of the receiving device 21 uses the encrypted packet in which the encryption key identification information in the header portion of the TS packet is the same as the pre-stored device encryption key identification information in the encrypted content data. Data is extracted, and the individual encrypted data included in the encrypted packet data is decrypted to generate decrypted block data.
Further, the data synthesizing unit 218 of the receiving device 21 synthesizes the common data generated by the common decoding unit 216 and the decoded block data generated by the individual decoding unit 217 to generate decoded encoded content data.

  With this configuration, the receiving device 21 that has captured the encrypted content data generated by the encryption server 62 can generate common data from the common encrypted packet data by applying a common encryption key that is held in advance. Block data or changed block data (decrypted block data) can be generated from the individual encrypted packet data corresponding to the own apparatus individual encryption key of the two systems of individual encrypted packet data. The receiving device 21 can generate the decoded compression-encoded content data by synthesizing the common data and the decoded block data, and can decode the decoded compression-encoded content data to obtain the decoded content data. Therefore, the receiving device 21 can normally decrypt the encrypted content data generated by the encryption server 62.

  Therefore, in the normal operation of the mass distribution content distribution service by the content distribution system including the encryption server 62, all the contents are the same contents, and in the unauthorized person tracking test, the individual encryption key held in the receiver Since different contents are distributed every time, it is easy to determine whether the distribution is a simultaneous distribution or a test, but even in simultaneous distribution, different contents can be distributed for each individual encryption key. .

  That is, it is possible to prevent the unauthorized receiving apparatus from correctly determining whether it is a fraud tracking test or normal operation.

  As described above, according to the first embodiment and the second embodiment, it is possible to realize a content distribution system that effectively performs illegal person tracking for a receiving device that receives a content distribution service of simultaneous distribution. .

[Modification 1]
The encryption server 12 in the first embodiment is not limited to two systems of individual encryption in the individual encryption unit 123 and the encrypted packet generation unit 125, and may include three or more systems. If this case is expressed in a generalized manner, the first to n-th (n is an integer of 2 or more) encryption units encrypt the individual encryption target area data with different individual encryption keys. In addition, the first individual encrypted packet generation unit to the nth individual encrypted packet generation unit provide different individual encryption identification information in the TS packet.
In other words, in the encryption device according to this modification, the individual encryption unit adds the first to nth (n is an integer of 2 or more) encryption keys to the second area data obtained from the encoded content data. Are applied to encrypt each of them to generate individually encrypted data. The encrypted packet generation unit converts the common encrypted data generated by the common encryption unit into a transport stream, converts the individual encrypted data generated by the individual encryption unit into a transport stream, and For each transport stream for each encryption key, a packet identifier associated with the encryption key is provided in the packet identifier area of the header of each transport stream packet to generate encrypted packet data. Further, the plaintext packet generation unit provides a common packet identifier associated with the common encryption key in the elementary packet identifier area of the program map table, and the first packet packet associated with each of the first to nth encryption keys. Descriptor information including 1 to n-th packet identifiers is generated, and the descriptor information is provided in an elementary stream loop area of the program map table to generate plaintext packet data including the program map table. The packet combining unit generates encrypted content data by combining the encrypted packet data generated by the encrypted packet generation unit and the plaintext packet data generated by the plaintext packet generation unit.
In the decryption device according to this modification, the encrypted content data acquisition unit generates encrypted packet data by providing a packet identifier associated with the encryption key in the packet identifier area of each transport stream packet. And a common packet identifier associated with the common encryption key in the elementary packet identifier area, and a first packet identifier associated with each of the first to nth (n is an integer of 2 or more) encryption keys. The encrypted content data obtained by combining the plaintext packet data generated including the program map table provided with descriptor information including the nth packet identifier in the elementary stream loop area is captured. In the encrypted content data captured by the content data acquisition unit, plaintext A common packet identifier associated with a common encryption key is extracted from an elementary packet identifier area of a program map table included in packet data, and is described from an elementary stream loop area of the program map table included in the plaintext packet data Child information is extracted, the first packet identifier to the nth packet identifier are extracted from the descriptor information, and from the encrypted packet data in the encrypted content data, the common packet identifier provided in the packet identifier area of the header or The common encrypted packet and the first encrypted packet data to the nth encrypted packet data are extracted according to any packet identifier from the first packet identifier to the nth packet identifier. The decrypting unit decrypts the encrypted data included in the common encrypted packet data extracted by the packet extracting unit, and further, based on the extracted descriptor information, encrypts the first encrypted packet data to the nth encrypted data. Of the packet data, the encrypted packet data corresponding to the decryption key stored in the device is decrypted to generate the encoded content data.

[Modification 2]
In addition, the encryption server 62 in the second embodiment may include a plurality of systems including the code changing unit 622, the second encryption unit 1232, and the second encrypted packet generation unit 1252. In this case, the plurality of code changing units generate different changed block data. Each of the plurality of second encryption units applies an individual encryption key different from any of the individual encryption keys applied to other encryption units in the individual encryption unit. In this case, the packet combining unit 127 includes a plaintext packet, a common encrypted packet, an individual encrypted packet based on block data (not changed), a plural form based on a plurality of changed block data changed by the code changing unit, and the like. Of the individual encrypted packets.

[Modification 3]
In the encryption server 62 in the second embodiment, the predetermined code indicates the run length that is the number of zero coefficients and the value of the non-zero coefficient, and the run length in other codes is the predetermined code. It may be the same as the run length in. By doing so, it is possible to prevent a significant difference in the image quality of the decoded image between the block data and the changed block data.

[Modification 4]
Further, the encryption server 62 in the second embodiment may be configured as follows. That is, the code changing unit 622 generates changed compression-encoded content data in which a predetermined code is changed to another code having the same code length as that of the code and different from the code. Then, each of the common encryption unit 124 and the first encryption unit 1231 encrypts the compression encoded content data, and generates the common encrypted data and the first individual encrypted data. In addition, the second encryption unit 1232 encrypts the modified compression-encoded content data to generate second individual encrypted data. Then, each of the common encrypted packet generation unit 1250, the first encrypted packet generation unit 1251, and the second encrypted packet generation unit 1252 includes the common encrypted data, the first individual encrypted data, and the second individual encrypted data. Each data is converted into a TS packet by the method shown in the first embodiment or the second embodiment, and common encrypted packet data, first individual encrypted packet data, and second individual encrypted packet data are generated. Then, the packet combining unit 127 selects a TS packet in a range including a predetermined code from the first individual encrypted packet data, and selects a TS packet whose time matches the TS packet from the second individual encrypted packet data. The TS packets are selected from the common encrypted packet data so that the times do not overlap with those TS packets, and the selected TS packets are synthesized.

[Modification 5]
Moreover, you may make it implement | achieve all or one part of the function of the encryption server 12 or the encryption server 62 in each embodiment mentioned above with a computer. In this case, an encryption program for realizing the function is recorded on a computer-readable recording medium, the encryption program recorded on the recording medium is read into the computer system, and the computer system executes the program. It may be realized.

Moreover, you may make it implement | achieve a part of function of the receiver 21 in each embodiment with a computer. In this case, the decryption program for realizing the function is recorded on a computer-readable recording medium, and the decryption program recorded on the recording medium is read by the computer system and executed by the computer system. May be.
[Modification 6]
Further, in each of the above-described embodiments, the plaintext packet generation unit provides a common packet identifier associated with the common encryption key in the elementary packet identifier area of the program map table, and corresponds to each individual encryption key. Descriptor information including the attached packet identifier is generated, and the descriptor information is provided in the elementary stream loop area of the program map table. Thereby, the plaintext packet generator generates plaintext packet data including the program map table.
In this modification, the plaintext packet generator generates descriptor information including a common packet identifier associated with the common encryption key, and provides this descriptor information in the elementary stream loop area of the program map table. In this modification, the descriptor information corresponding to the common encryption key is distributed to the receiving devices of all viewers.
In other words, the information on the individual encryption key distributed to the receiving devices of all viewers is regarded as the information on the common encryption key. Thereby, the same effect can be obtained even in the method according to the present modification.

  Here, the computer system includes not only a computer as hardware but also an operating system (OS) and hardware of peripheral devices. The computer-readable recording medium refers to a portable recording medium such as a flexible disk, a magneto-optical disk, an optical disk, and a memory card, and a storage device such as a magnetic hard disk and a solid state drive provided in the computer system. In addition, a computer-readable recording medium dynamically holds a program for a short time, such as a computer network such as the Internet, and a communication line for transmitting a program via a telephone line or a mobile phone network. In addition, a server that holds a program for a certain period of time, such as a volatile memory inside a computer system serving as a server device or a client in that case, may be included. The above encryption program and decryption program may be for realizing a part of the above-described functions, and further, the above-described functions are realized by a combination with a program already recorded in the computer system. It may be a thing.

  As mentioned above, although embodiment of this invention was explained in full detail with reference to drawings, the specific structure is not restricted to that embodiment, The design of the range which does not deviate from the summary of this invention, etc. are included.

  Each device according to the present invention can be used in a broadcasting system, a video content distribution system, and the like.

1 Content distribution system 11 Content server 12, 62 Encryption server (encryption device)
13 Transmitting device 21 Receiving device (decoding device)
111 content acquisition unit 112 encoding rate acquisition unit 113 content compression encoding unit 114 compression encoded content storage unit 115 compression encoded content supply unit 120 data acquisition unit 121 storage unit 122 data separation unit 123 individual encryption unit 124 common encryption Unit 125 encrypted packet generation unit 126 plaintext packet generation unit 127 packet synthesis unit 128 encrypted content data supply unit 131 encrypted content data acquisition unit 132 broadcast signal generation unit 133 broadcast signal transmission unit 211 reception unit (encrypted content data acquisition unit) )
212 packet extraction unit 213 data separation unit 214 decryption key storage unit 215 decryption unit 216 common decryption unit 217 individual decryption unit 218 data synthesis unit 219 compression encoded content decompression unit 621 code detection unit 622 code change unit

Claims (8)

A data acquisition unit that captures encoded content data;
A common encryption unit that encrypts the first area data in the encoded content data captured by the data acquisition unit by applying a common encryption key, and generates common encrypted data;
Individual encryption for generating individual encrypted data by encrypting the second area data obtained from the encoded content data by applying the first to nth (n is an integer of 2 or more) encryption keys. And
The common encryption data generated by the common encryption unit is converted into a transport stream, the individual encrypted data generated by the individual encryption unit is converted into a transport stream, and a transport stream for each encryption key For each, an encrypted packet generator for generating encrypted packet data by providing a packet identifier associated with the encryption key in a packet identifier region of a header included in each transport stream packet;
A common packet identifier associated with the common encryption key is provided in an elementary packet identifier area or an elementary stream loop area of the program map table, and the first to n-th encryption keys are associated with each of the first to n-th encryption keys. Descriptor information including 1 to n-th packet identifiers is generated, and the descriptor information is provided in an elementary stream loop area of the program map table to generate plain text packet data including the program map table. A plaintext packet generator,
A packet synthesizer that synthesizes the encrypted packet data generated by the encrypted packet generator and the plaintext packet data generated by the plaintext packet generator, and generates encrypted content data;
An encryption device comprising: A code detection unit that detects a predetermined first code from a variable-length code included in the encoded content data captured by the data acquisition unit;
A data separator that separates the encoded content data into block data including the first code and common data excluding the block data;
By changing the first code included in the block data from the second code to the n-th code having the same code length as the code length of the first code, the second to n-th changed block data, respectively. A sign changing unit for generating
Further comprising
Each of the first code to the n-th code is different from the other codes,
The common encryption unit encrypts the common data separated by the data separation unit as the first area data,
The individual encryption unit applies the first to n-th encryption keys to the block data separated by the data separation unit and the second to n-th change block data generated by the code change unit, respectively. Apply and encrypt,
The encryption apparatus according to claim 1, wherein: The predetermined first code indicates a run length that is the number of zero coefficients and a value of a non-zero coefficient, and the run length in each of the second code to the nth code is the same as the run length in the first code. Is,
The encryption apparatus according to claim 2, wherein: The encrypted packet data generated by providing the packet identifier associated with the encryption key in the packet identifier area of each transport stream packet, and the common packet identifier associated with the common encryption key are the elementary packet identifiers. Descriptor information including the first packet identifier to the nth packet identifier provided in the region or the elementary stream loop region and respectively associated with the first to nth (n is an integer of 2 or more) encryption keys is elementary. An encrypted content data acquisition unit that captures encrypted content data obtained by combining the plaintext packet data generated including the program map table provided in the stream loop region;
In the encrypted content data captured by the encrypted content data acquisition unit, a common key associated with a common encryption key from an elementary packet identifier area or an elementary stream loop area of a program map table included in the plaintext packet data A packet identifier is extracted, descriptor information is extracted from the elementary stream loop area of the program map table included in the plaintext packet data, and the first to n-th packet identifiers are extracted from the descriptor information And the packet identification of either the common packet identifier or the first packet identifier to the nth packet identifier provided in the packet identifier area of the header from the encrypted packet data in the encrypted content data A packet extracting unit which extracts from the common encrypted packet data and the first encrypted packet data to the n encrypted packet data according to,
The encrypted data included in the common encrypted packet data extracted by the packet extraction unit is decrypted, and further, based on the extracted descriptor information, from the first encrypted packet data to the nth encrypted packet data A decryption unit that decrypts encrypted packet data corresponding to a decryption key stored in the device, and generates encoded content data;
A decoding apparatus comprising: The first encrypted packet data includes block data including a predetermined first code included in a variable length code included in the encoded content data,
Each of the second encrypted packet data to the n-th encrypted packet data has a code length that is the same as the code length of the first code and is different from the first code. Including changed block data changed from the second code to the nth code,
Each of the first to nth codes is different from the other codes,
The packet extraction unit extracts a common packet identifier from an elementary packet identifier region or an elementary stream loop region of the program map table, and a common packet identifier is provided in a packet identifier region of a header from the encrypted content data Also extract the common encrypted packet data,
The decryption unit decrypts the common encryption packet data extracted by the packet extraction unit to obtain first area decryption data, and from the first encryption packet data to the nth encryption packet data, The encrypted packet data corresponding to the decryption key stored in its own device is decrypted to obtain the second region decrypted data, and the first region decrypted data and the second region decrypted data are synthesized and decrypted encoded content data Generate
The decoding device according to claim 4. The predetermined first code indicates a run length that is the number of zero coefficients and a value of a non-zero coefficient, and the run length in each of the second code to the nth code is the same as the run length in the first code. Is,
The decoding device according to claim 5, wherein: Computer
A data acquisition unit that captures encoded content data;
A common encryption unit that encrypts the first area data in the encoded content data captured by the data acquisition unit by applying a common encryption key, and generates common encrypted data;
Individual encryption for generating individual encrypted data by encrypting the second area data obtained from the encoded content data by applying the first to nth (n is an integer of 2 or more) encryption keys. And
The common encryption data generated by the common encryption unit is converted into a transport stream, the individual encrypted data generated by the individual encryption unit is converted into a transport stream, and a transport stream for each encryption key For each, an encrypted packet generator for generating encrypted packet data by providing a packet identifier associated with the encryption key in a packet identifier region of a header included in each transport stream packet;
A common packet identifier associated with the common encryption key is provided in an elementary packet identifier area or an elementary stream loop area of the program map table, and the first to n-th encryption keys are associated with each of the first to n-th encryption keys. Descriptor information including 1 to n-th packet identifiers is generated, and the descriptor information is provided in an elementary stream loop area of the program map table to generate plain text packet data including the program map table. A plaintext packet generator,
A packet synthesizer that synthesizes the encrypted packet data generated by the encrypted packet generator and the plaintext packet data generated by the plaintext packet generator, and generates encrypted content data;
Encryption program to function as Computer
The encrypted packet data generated by providing the packet identifier associated with the encryption key in the packet identifier area of each transport stream packet, and the common packet identifier associated with the common encryption key are the elementary packet identifiers. Descriptor information including the first packet identifier to the nth packet identifier provided in the region or the elementary stream loop region and respectively associated with the first to nth (n is an integer of 2 or more) encryption keys is elementary. An encrypted content data acquisition unit that captures encrypted content data obtained by combining the plaintext packet data generated including the program map table provided in the stream loop region;
In the encrypted content data captured by the encrypted content data acquisition unit, a common key associated with a common encryption key from an elementary packet identifier area or an elementary stream loop area of a program map table included in the plaintext packet data A packet identifier is extracted, descriptor information is extracted from the elementary stream loop area of the program map table included in the plaintext packet data, and the first to n-th packet identifiers are extracted from the descriptor information And the packet identification of either the common packet identifier or the first packet identifier to the nth packet identifier provided in the packet identifier area of the header from the encrypted packet data in the encrypted content data A packet extracting unit which extracts from the common encrypted packet data and the first encrypted packet data to the n encrypted packet data according to,
The encrypted data included in the common encrypted packet data extracted by the packet extraction unit is decrypted, and further, based on the extracted descriptor information, from the first encrypted packet data to the nth encrypted packet data A decryption unit that decrypts encrypted packet data corresponding to a decryption key stored in the device, and generates encoded content data;
Decoding program to function as.

Images