JP3400303B2 - Encrypted data decryption device - Google Patents

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention has a different encryption key for each unit called a title in transmission between two digital devices or transmission of a plurality of digital devices, and shortens the time required for authentication performed for each different title. The present invention relates to an encrypted data decryption device that realizes

[0002]

2. Description of the Related Art FIG. 1 is a block diagram showing a configuration of an encrypted data decryption device for performing data transmission using an optical disc device and a digital interface. In FIG. 1, 1 is an optical disk device, 2 is an authentication unit on the optical disk device side, 3 is a CPU on the optical disk device side, 4 is an optical disk,
Reference numeral 5 is an interface circuit on the optical disk device side, 6 is an encrypted data decryption device, and 7 is a CP on the encrypted data decryption device side.
U and 8 are authentication / data decryption units, 9 is an interface circuit on the side of the encrypted data decryption device, and 10 is a memory circuit.

The encrypted data decryption device 6 performs data transmission using the optical disc device 1 in which a plurality of encrypted data having different title keys are recorded for each title and the digital interface means 5 and 9, and the optical disc device 1 described above is used.
It decrypts the encrypted data of. The encrypted data decryption device 6 includes a CPU 7 that generates CPU data for performing an authentication operation of a communication subject when decrypting the encrypted data of the optical disc device 1, and an authentication / decryption device that decrypts the encrypted data of the optical disc device 1. A data decryption unit 8, an interface circuit 9 for performing data transmission with the optical disc device 1, and a memory circuit 10 for storing the data decrypted by the authentication / data decryption unit 8 are provided.

The optical disk device 1 includes an authentication unit 2 for authenticating encrypted data recorded on an optical disk 4, and a CP for generating CPU data for performing an authentication operation of a communication subject.
A U3, an optical disc 4 in which a plurality of pieces of encrypted data having different title keys are recorded for each title, and an interface circuit 5 for performing data transmission with the encrypted data decryption device 6 are provided.

FIG. 6 is a block diagram showing the configuration of the authentication / data decryption unit 8 in the conventional encrypted data decryption apparatus 6. In FIG. 6, 11 is a data selector circuit, 12 is a register C for holding title key decryption data, 13
Is an authentication key 1 register, 14 is an authentication key 2 register, 1
5 is an authentication key 3 register, 16 is a title key decryption key register, 17 is a title key register, 18 is a key selector circuit, 19 is an encryption / decryption algorithm (DES:
JP-A-51-108701, JP-A-51-108
See Japanese Patent No. 702. ), 20 is a register A for holding authentication data, 21 is a comparator circuit, and 22 is a register B for holding authentication data.

The operation of the encrypted data decryption device 6 configured as described above will be described below. The authentication operation of the authentication unit 2 in the optical disc device 1 is the same as that of the authentication / data decryption unit 8. In order to decrypt the data of the optical disc device 1 by the external encrypted data decryption device 6 using the interface circuit 5, the authentication operation, the title key decryption operation, and the data decryption operation are performed in this order.

The above-mentioned authentication operation is performed in the procedure of steps 1 to 4 below. First, in step 1, the random number I generated by the CPU 7 of the encrypted data decryption device 6 is transmitted to the authentication / data decryption unit 8 and the interface circuit 9 to the authentication unit 2 via the CPU 3 of the optical disc device 1. In the authentication / data decryption unit 8, as shown in FIG.
The data selector circuit 11 selects the random number I, which is CPU data, as data, and the key selector circuit 18 selects the authentication key 1 as a key, and the decryption operation by the encryption / decryption algorithm 19 is performed.
The (authentication key 2) is held in the authentication key 2 register 14.
Further, the authentication unit 2 of the optical disc device 1 also uses the random number I as data and the authentication key 1 as a key to generate the authentication key 2 by the same algorithm as the encryption / decryption algorithm 19.

As step 2, C of the optical disk device 1
The random number II generated from PU3 is transmitted to the authentication unit 2 and the authentication / data decryption unit 8 by the interface circuit 5 via the CPU 7 of the encrypted data decryption device 6. In the authentication / data decryption unit 8, as shown in FIG. 6, the data selector circuit 11 selects the random number II as CPU data as data, and the key selector circuit 18 selects the authentication key 2 register 14 as a key. The decryption operation is performed by the encryption / decryption algorithm 19 and the result II (authentication key 3) is held in the authentication key 3 register 15. The random number II is also used in the authentication unit 2 of the optical disc device 1.
Is used as a key and the authentication key 2 is used as the key, and the authentication key 3
To generate.

At step 3, the encrypted data decryption device 6
The random number III generated by the CPU 7 is transmitted to the authentication / data decryption unit 8 and the interface circuit 9 to the authentication unit 2 via the CPU 3 of the optical disc device 1. In the authentication / data decryption unit 8, as shown in FIG. 6, the data selector circuit 11 selects the random number III as CPU data as data, and the key selector circuit 18 selects the authentication key 3 register 15 as a key. , The decryption operation is performed by the encryption / decryption algorithm 19 and the result III
C of the optical disk device 1 by the interface circuit 9
It is transmitted to the authentication unit 2 via the PU 3. Then, in the authentication unit 2 of the optical disk device 1, the comparison result of the result IV and the result IV generated by the same algorithm as the encryption / decryption algorithm 19 using the random number III as data and the authentication key 3 as a key is sent to the CPU 3. If they match, the authentication in the optical disk device 1 is established.

As step 4, C of the optical disk device 1
The random number IV generated by the PU 3 is transmitted to the authentication unit 2 and the authentication / data decryption unit 8 by the interface circuit 5 via the CPU 7 of the encrypted data decryption device 6. Then, the authentication unit 2 authenticates the result V generated by the same algorithm as the encryption / decryption algorithm 19 using the same data as the authentication key 3 register 15 as the key with the random number IV as data, via the CPU 7 by the interface circuit 5. -Transmit to the data decoding unit 8 and hold the result V in the register A20. In the authentication / data decryption unit 8, as shown in FIG. 6, the data selector circuit 11 selects the random number IV as CPU data as data, and the key selector circuit 18 selects the authentication key 3 register 14 as a key. The decryption operation is performed by the encryption / decryption algorithm 19 and the result VI is held in the register B22.
Then, in the comparator circuit 21, the register A
If the comparison result of the result V held in 20 and the result VI held in the register B22 is sent to the CPU 7 and they match, the authentication in the encrypted data decryption device 6 is established.

In this way, when mutual authentication is established, the next title key decryption operation is performed. The title key is encrypted using the title key decryption key.
It is encrypted using a decryption algorithm and recorded on the optical disc 4. Therefore, for example, in the decoding of the title key A, the title key A of the title A to be reproduced on the optical disc 4 is sent to the authentication unit 2 via the CPU 3, and the title key A is used as data, and the authentication key 2 register 1
4 is used as a key for encryption by the same algorithm as the encryption / decryption algorithm 19, and the resultant title key A is transmitted to the encrypted data decryption device 6 by the interface circuit 5. As shown in FIG. 6, the encrypted data decryption device 6 performs a decryption operation using the encryption / decryption algorithm 19 based on the transmitted title key A and authentication key 2 and holds the result in the register C12. Next, in the data selector circuit 11, the register C12 is selected,
At the same time, the key selector 18 selects the title key decryption key 16, performs the decryption operation by the encryption / decryption algorithm 19, and holds the resulting title key A in the title key register 17.

After the title key is decrypted,
The following data decoding operation is performed. The data on the optical disk 4 is encrypted by the encryption / decryption algorithm using the title key as a key in units of titles. Therefore, for the data decryption, the data of the title desired to be reproduced from the optical disc 4 is transmitted to the authentication / data decryption unit 8 of the encrypted data decryption device 6 by the interface circuit 5. In the authentication / data decryption unit 8, as shown in FIG. 6, the data selector circuit 1
1, the data from the interface circuit 9 is selected, and the key selector circuit 18 selects the title key register 17 as a key to perform the decryption operation by the encryption / decryption algorithm 19. The decrypted data is stored in the memory circuit. Held at 10.

As described above, the authentication operation, the title key decryption operation, and the data decryption operation are sequentially performed every time the title changes.

[0014]

However, in the configuration of the above-described conventional encrypted data decryption apparatus, when the data encrypted by a plurality of title keys is recorded in the same disc, the authentication is performed every time the title key is changed. Therefore, even if it is necessary to return to the title key once decrypted to decrypt the encrypted data, the authentication is required and authentication is time-consuming and inefficient, which is a problem.

The present invention has been made in order to solve the above-mentioned conventional problems. In short, by providing a register for holding a plurality of title keys, the optical disk device in which the encrypted data is recorded in units of title keys. And one-to-one digital device with a function to decrypt encrypted data
That is, decryption of encrypted data in data transmission between two points, and encryption in multiple-to-one data transmission of a plurality of optical disc devices having encrypted data recorded in title key units and a digital device having a decryption function for encrypted data. An object of the present invention is to provide an encrypted data decryption device that promptly decrypts data.

[0016]

According to a first aspect of the present invention, there is provided an encrypted data decrypting apparatus in which data transmission is carried out using an optical disc device in which a plurality of encrypted data having different title keys are recorded for each title and a digital interface means. And an encrypted data decryption device for decrypting encrypted data of the optical disc device, wherein the CPU generates CPU data for performing an authentication operation of a communication subject when decrypting the encrypted data of the optical disc device; An authentication / data decryption unit for decrypting encrypted data of the device, and a memory means for storing the data decrypted by the authentication / data decryption unit, wherein the authentication / data decryption unit is the CPU or the optical disc device. CPU from
It holds an encryption / decryption algorithm for decrypting data and an authentication key 1 which is a fixed value key of 1 byte or more for performing authentication, which proves the validity of the communication subject each time the title of the encrypted data changes. Authentication key 1 register,
An authentication key 2 register that holds an authentication key 2 that is a key of 1 byte or more that changes for each authentication, and an authentication key 3 register that holds an authentication key 3 that is a key of 1 byte or more that changes for each authentication. A title key decryption key register that holds a title key decryption key that is a key for decrypting the title key, and a plurality of title key registers that retains different title bytes of 1 byte or more generated by the encryption / decryption algorithm. A key selecting means for selecting any one of the authentication key 1, the authentication key 2, the authentication key 3, the title key decryption key, and the decrypted title key as a key in the encryption / decryption algorithm , The authentication operation and the Thailand
The above multiple title keys can be
-Decoding the data by selecting one of the registers
It is characterized by performing .

Further, in the encrypted data decryption apparatus according to the second aspect of the present invention, data transmission is performed using a plurality of optical disk devices in which a plurality of encrypted data having different title keys are recorded and digital interface means.
And an encryption data decryption device for decrypting the encryption data of the optical disk device, which is a C for performing an authentication operation of a communication subject when decrypting the encryption data of the optical disk device.
A CPU for generating PU data, an authentication / data decryption unit for decrypting the encrypted data of the optical disk device, and a memory means for storing the digital data decrypted by the authentication / data decryption unit are provided. The data decryption unit is an encryption / decryption algorithm for decrypting the CPU data from the CPU or the optical disc device, and 1 byte or more for performing authentication to prove the validity of the communication subject each time the title of the encrypted data is changed. Authentication key 1 register that holds the authentication key 1 that is a fixed value key, authentication key 2 register that holds the authentication key 2 that is a key of 1 byte or more that changes for each authentication, and that changes for each authentication An authentication key 3 register holding an authentication key 3 which is a key of 1 byte or more, and a key for decrypting the title key. A title key decryption key register that holds an iter key decryption key and a different one that corresponds to each optical disc device for decrypting the encrypted data transmitted from the plurality of optical disc devices and that is generated by the encryption / decryption algorithm. A plurality of title key registers holding 1-byte or more title keys,
The key selection means for selecting any one of the authentication key 1, the authentication key 2, the authentication key 3, the title key decryption key, and the decrypted title key as a key in the encryption / decryption algorithm , Authentication operation
And the above multiple without performing the above title key decryption operation.
By selecting any of the title key registers of
It is characterized in that the data is decoded .

[0018]

BEST MODE FOR CARRYING OUT THE INVENTION Embodiments of the present invention will be described below with reference to the drawings. Embodiment 1. FIG. 1 shows a first embodiment of the present invention.
FIG. 3 is a block diagram showing a configuration of an encrypted data decryption device that performs data transmission using an optical disc device and a digital interface, and the block configurations of the optical disc device 1 and the encrypted data decryption device 6 are the same as those of the conventional one. FIG. 2 is a block diagram showing the configuration of the authentication / data decryption unit 8 in the encrypted data decryption apparatus 6 according to the first embodiment.

In the first embodiment, in the data transmission using the one-to-one correspondence between the optical disk device and the encrypted data decryption device, that is, the two-point digital interface, the data encrypted in the unit of title can be smoothly decrypted. This is an encrypted data decryption device. That is, the encrypted data decryption apparatus 6 of the first embodiment differs from the conventional one shown in the block diagram of FIG. 6 in that the conventional one has only one title key register 17, whereas In the case of form 1, as shown in FIG. 2, title key register A2
3 and two title key registers B24.

FIG. 3 is a data decryption diagram of the authentication / data decryption unit 8 in the case of including two title key registers A23 and B24 as shown in FIG. In FIG. 3, 23 is a title key register A,
Reference numeral 24 is a title key register B. TK0 is the title key in title 0, and TK1 is title 1
Is the title key in.

The operation of the encrypted data decryption apparatus configured as described above will be described below.

First, the data of the optical disk device 1 is transferred to the external encrypted data decoding device 6 using the interface circuit 5.
In order to decrypt, the authentication operation, title key decryption operation, and data decryption operation are performed in this order.

The above-mentioned authentication operation is performed in the procedure of steps 1 to 4 below. In order to reproduce the title 0, first, in step 1, the random number I generated by the CPU 7 of the encrypted data decryption device 6 is sent to the CP of the optical disc device 1 by the authentication / data decryption unit 8 and the interface circuit 9.
It is transmitted to the authentication unit 2 via U3. In the authentication / data decryption unit 8, as shown in FIG.
, The CPU selects the random number I as data, and the key selector circuit 18 selects the authentication key 1 as a key, and the decryption operation is performed by the encryption / decryption algorithm 19.
Hold on. Further, the authentication unit 2 of the optical disc device 1 also uses the random number I as data and the authentication key 1 as a key to generate the authentication key 2 by the same algorithm as the encryption / decryption algorithm 19.

As step 2, C of the optical disk device 1
The random number II generated from PU3 is transmitted to the authentication unit 2 and the authentication / data decryption unit 8 by the interface circuit 5 via the CPU 7 of the encrypted data decryption device 6. In the authentication / data decryption unit 8, as shown in FIG. 2, the data selector circuit 11 selects the random number II as CPU data as data, and the key selector circuit 18 selects the authentication key 2 register 14 as a key. , And the result II is held in the authentication key 3 register 15. In addition, the optical disk device 1
The authentication unit 2 also uses the random number II as data and the authentication key 2 as a key to generate the authentication key 3 by the same algorithm as the encryption / decryption algorithm 19.

As step 3, the encrypted data decryption device 6
The random number III generated from the CPU 7 of the optical disc device 1 is used by the authentication / data decryption unit 8 and the interface circuit 9.
To the authentication unit 2 via the CPU 3. In the authentication / data decryption unit 8, as shown in FIG. 2, the data selector circuit 11 selects the CPU random number III as the data, and the key selector circuit 18 selects the authentication key 3 register 15 as the key. , The decryption operation is performed by the encryption / decryption algorithm 19 and the result III
Is transmitted to the authentication unit 2 via the CPU 3 of the optical disc device 1 by the interface circuit 9. Further, in the authentication unit 2 of the optical disc apparatus 1, the comparison result of the result IV and the result 3 generated by the same algorithm as the encryption / decryption algorithm 19 using the random number III as data and the authentication key 3 as a key is sent to the CPU 3 for agreement. Then, the authentication in the optical disk device 1 is established.

As step 4, C of the optical disk device 1
The random number IV generated from the PU 3 is transmitted to the authentication / data decryption unit 8 by the authentication unit 2 and the interface circuit 5 via the CPU 7 of the encrypted data decryption device 6. In the authentication unit 2, the random number IV is used as data in the authentication key 3 register 1
Using the same data as 5 as a key, the result V generated by the same algorithm as the encryption / decryption algorithm 19 is
Authentication by the interface circuit 5 via the CPU 7
The data is transmitted to the data decoding unit 8 and held in the register A20.
In the authentication / data decryption unit 8, as shown in FIG. 2, the random number which is the CPU data in the data selector circuit 11
IV is selected as data, and the key selector circuit 18
In the authentication key 3 register 14 is selected as a key, the decryption operation is performed by the encryption / decryption algorithm 19, and the result VI is held in the register B22.
When the comparison result of the register A20 and the register B22 is sent to the CPU 7 and they agree with each other, the authentication in the encrypted data decryption device 6 is established. In this way, when mutual authentication is established, the title key decryption operation of title 0 is performed.

The title key TK0 is encrypted on the optical disc 4 by using the title key decryption key as a key and an encryption / decryption algorithm. Therefore, the title key TK0 is decrypted by transmitting the title key TK0 of the title 0 to be reproduced on the optical disc 4 to the authentication unit 2 via the CPU 3, and using the title key TK0 as data and the authentication key 2 register 14 as a key. The title key TK0, which is the result of encryption by the same algorithm as the algorithm 19, is transmitted to the encrypted data decryption device 6 by the interface circuit 5. The encrypted data decryption device 6 performs a decryption operation using the encryption / decryption algorithm 19 based on the transmitted title key TK0 and authentication key 2 and holds the result in the register C12. Next, the register C12 is selected in the data selector circuit 11 and the title key decryption key 16 is selected in the key selector circuit 18, and the title key TK0 necessary for compounding the data of the title 0 is selected by the encryption / decryption algorithm 19. The title key decryption operation is performed, and the result is held in the title key register A23 as shown in FIG. After the title key TK0 is decrypted, the title 0 data decryption operation is performed.

The data on the optical disk 4 is encrypted by the encryption / decryption algorithm using the title key as a key in units of titles. Therefore, in decoding the data of title 0, the data of title 0 to be reproduced from the optical disc 4 is transmitted to the authentication / data decryption unit 8 of the encrypted data decryption device 6 by the interface circuit 5. In the authentication / data decryption unit 8, the data from the interface circuit 9 is selected in the data selector circuit 11 as shown in FIG.
At the same time, the key selector circuit 18 selects the title key register A23 as a key to perform the decryption operation of the title 0 data by the encryption / decryption algorithm 19, and the decrypted title 0 data is stored in the memory circuit 10.
Held in.

Next, in order to reproduce the title 1, the above authentication operation is performed, and the title key TK1 necessary for decoding the data of the title 1 is held in the title key register A23 by the title key decoding operation, and the title key TK1 is stored. The data of the title 1 is decrypted by the data decryption operation using the key register A23 as a key. At this time,
As shown in (2), title key TK of title 0 above
0 is transferred from the title key register A23 to the title key register B24 and held. In this way, each time new title keys TK2, TK3, ... Are decrypted, they are held in the title key register A23, and at the same time the title keys TK1,
TK2, ... Are moved to and held in the title key register B24.

Here, when it is desired to newly perform the data decryption operation of the title 0, the CPU 7 does not perform the authentication operation and the title key decryption operation as shown in FIG. By selecting the register B24, the data of title 0 is decoded.

As described above, according to the encrypted data decryption apparatus 6 according to the first embodiment, the title key register A2
3. By selecting the title key register B24, the data of the optical disk device 1 can be decrypted without performing the authentication operation and the title key decryption operation.
It is possible to realize a one-to-one correspondence between an optical disk device in which encrypted data is recorded in units of title keys and a digital device equipped with a decrypted function of encrypted data, that is, a device for promptly decrypting encrypted data in data transmission between two points. There is an effect.

Embodiment 2. FIG. 4 is a block diagram showing the configuration of the authentication / data decryption unit 8 in the encrypted data decryption apparatus 6 according to the second embodiment. FIG. 5 is a data decryption diagram of the authentication / data decryption unit 8 in the case of including three title key registers A23, title key registers B24, and title key registers C25 as shown in FIG. In FIG. 5, 26 is an optical disk device A, 27 is an optical disk device B, 28 is an optical disk device C, 23 is a title key register A, 24 is a title key register B,
Reference numeral 25 is a title key register C. Also, TKA is the title key in title A, and TKB is title B.
, And TKC is the title key in title C.

In the second embodiment, in the data transmission using the three-to-one digital interface between the three optical disk devices and the encrypted data decryption device, the encryption which can smoothly decrypt the data encrypted in the unit of title. It is a data decoding device. That is, in the encrypted data decryption apparatus according to the second embodiment, as shown in FIGS. 4 and 5, the three optical disk apparatuses A, B, and C and the encrypted data decryption apparatus 6 are provided with three title key registers. It has the above-mentioned authentication / data decryption unit 8 in the case where one (title key registers A23, B24, C25) is provided.

Next, the operation of the encrypted data decryption apparatus 6 according to the second embodiment will be described. First, the optical disc device A2
6, the optical disk device B27 and the optical disk device C28 are decoded in this order. In order to reproduce the title A of the optical disk device A26, the authentication operation is performed and the title key TKA necessary for decrypting the data of the title A is obtained by the title key decryption operation as in the case described in the first embodiment. The data in the title A is held in the title key register A23, and the data of the title A is decrypted by the data decryption operation using the title key register A23 as a key.

Similarly, in order to reproduce the title B of the optical disk device B27, the above-mentioned authentication operation is performed, and the title key TKB necessary for decrypting the data of the title B is converted into the title key register B2 by the title key decryption operation.
4, and the data of the title B is decrypted by the data decryption operation using the title key register A24 as a key.

The title C of the optical disk device C28
In order to reproduce the data, the above authentication operation is performed, the title key necessary for decrypting the data of the title C is held in the title key register C25 by the title key decryption operation, and the data decryption is performed using the title key register C25 as a key. The operation decodes the data of the title C.

In the first embodiment, as shown in FIG. 3, when the title key TK0 is held in advance in the title key register A23, the title key TK0 is decoded when the title 1 data is decoded next. However, in the second embodiment, one title key register is provided corresponding to each of the three optical disk devices, and thus such movement of the title key is performed. Is not done.

Next, for example, after the data of the title C is decoded by the optical disc device C28, the optical disc device A26
When the title A is decrypted, the CPU does not perform the authentication operation and the title key decryption operation.
7 selects the title key register A23 to decode the data of the title A, and the optical disc device B
When the title B of 27 is decrypted, the authentication operation and the title key decryption operation are not performed, and C
When the PU 7 selects the title key register B 24 to decode the data of the title B, and further, when the title C of the optical disk device C 28 is decoded, the CPU 7 does not perform the authentication operation and the title key decoding operation. Selects the title key register C25 to decode the data of the title C.

As described above, according to the encrypted data decryption device of the second embodiment, the three optical disc devices A26,
The last accessed title key TKA, TKB, TKC of each of B27, C28 is held in the title key register A23, the title key register B24, and the title key register C25, and the title key register A23,
Title key register B24, Title key register C
By selecting any one of 25, the optical disk device A26, the optical disk device B27, the optical disk device C can be performed without performing the authentication operation and the title key decryption operation.
Since 28 pieces of data are decrypted, a plurality of optical disc devices in which encrypted data is recorded in units of title keys and a digital device having a decryption function for encrypted data are provided in a plurality of one-to-one correspondence.
There is an effect that it is possible to realize the one that promptly decrypts the encrypted data in the above data transmission.

The encrypted data decrypting apparatus according to the present invention is the same as the optical disc apparatus A2 in the second embodiment.
Although one title key register corresponding to each of 6, B27 and C28 is provided, in the second embodiment, for example, as in the first embodiment, the optical disk devices A26 and B27 are provided. , C28 may be provided with a plurality of title key registers. In addition, in the second embodiment, data transmission is performed with three optical disk devices using a digital interface. However, in the encrypted data decryption device according to the present invention, arbitrary plural optical disks are used. Data transmission using a digital interface may be performed with the device.

[0041]

As described above, according to the encrypted data decryption apparatus of the first aspect of the present invention, the encrypted data decryption apparatus is provided with the register for holding two or more different one-byte or more title keys generated by the encryption / decryption algorithm. As a result, one-to-one correspondence with a digital device (encryption data decryption device) having a function of decrypting encrypted data that is digitally transmitted from an optical disc device that records a plurality of data encrypted using a key called a title key, that is, 2 In data transmission using a point-to-point digital interface, it is possible to return to the title key that was once decrypted and decrypt the encrypted data without the need to perform an authentication operation. This makes it possible to quickly decrypt the encrypted data. The effect is that you can do it.

Further, according to the encrypted data decryption apparatus of the second aspect of the present invention, in a plurality of one-to-one data transmission between a plurality of optical disc apparatuses and a digital apparatus (encrypted data decryption apparatus) having a decryption function for encrypted data. , By holding the title key accessed by each of the plurality of optical disk devices, when the data of the optical disk device having the same title key is decrypted again, the decryption can be performed without the authentication operation, thereby promptly decrypting the encrypted data. There is an effect that what can be done can be realized.

[Brief description of drawings]

FIG. 1 is a block diagram showing a configuration of an encrypted data decryption device that performs data transmission using an optical disc device and a digital interface according to the first embodiment and the related art.

FIG. 2 is a block diagram showing a configuration of an authentication / data decryption unit of the encrypted data decryption device according to the first embodiment.

FIG. 3 is a data decryption diagram in an authentication / data decryption unit of the encrypted data decryption device according to the first embodiment.

FIG. 4 is a block diagram showing a configuration of an authentication / data decryption unit of an encrypted data decryption device according to a second embodiment.

FIG. 5 is a data decryption diagram in the authentication / data decryption unit of the encrypted data decryption apparatus according to the second embodiment.

FIG. 6 is a block diagram showing a configuration of an authentication / data decryption unit of a conventional encrypted data decryption apparatus.

[Explanation of symbols]

1 Optical disk device 2 Authentication Department 3 CPU 4 optical disks 5 Interface circuit in optical disk device 6 Encrypted data decryption device 7 CPU 8 Authentication / data decryption unit 9 Interface circuit in encryption data decryption device 10 Memory circuit 11 Data selector circuit 12 register C 13 Authentication key 1 register 14 Authentication key 2 register 15 Authentication key 3 register 16 Title key decryption key register 17 Title Key Register 18 key selector circuit 19 Encryption / decryption algorithm 20 register A 21 Comparator circuit 22 Register B 23 Title Key Register A 24 Title Key Register B 25 Title Key Register C 26 Optical Disk Device A 27 Optical Disc Device B 28 Optical Disk Device C

─────────────────────────────────────────────────── ─── Continuation of front page (58) Fields surveyed (Int.Cl. ⁷ , DB name) G11B 20/10 G09C 1/00-5/00 H04K 1/00-3/00 H04L 9/00-9 / 04

Claims (2)

(57) [Claims] 1. An encrypted data decryption device for performing data transmission using an optical disc device, which records a plurality of encrypted data having different title keys in units of titles, and digital interface means, and for decrypting the encrypted data of the optical disc device. A CP for generating CPU data for performing an authentication operation of the communication subject when decrypting the encrypted data of the optical disc device.
U, an authentication / data decryption unit for decrypting the encrypted data of the optical disk device, and a memory means for storing the digital data decrypted by the authentication / data decryption unit, wherein the authentication / data decryption unit is An encryption / decryption algorithm for decrypting the CPU data from the CPU or the optical disk device, and a fixed value key of 1 byte or more for performing authentication to prove the validity of the communication subject each time the title of the encrypted data changes. Authentication key 1 register that holds the authentication key 1 that is the above, authentication key 2 register that holds the authentication key 2 that is a key of 1 byte or more that changes for each authentication, and key that is 1 byte or more that changes for the above authentication Authentication key 3 register which holds the authentication key 3 which is a key, and a title key decryption key which is a key for decrypting the title key. A title key decryption key register for holding different 1 generated by the encryption and decryption algorithm
A plurality of title key registers holding a title key of at least bytes, and the authentication key 1, the authentication key 2, the authentication key 3, the title key decryption key, and the decrypted title key as keys in the encryption / decryption algorithm. and a key selector means for selecting one of the authentication operation
And the above multiple without performing the above title key decryption operation.
By selecting any of the title key registers of
Encrypted data decoding apparatus, characterized in that for decoding over data. 2. An encrypted data decryption device for performing data transmission using a plurality of optical disc devices having a plurality of encrypted data having different title keys recorded for each title and digital interface means, and for decrypting the encrypted data of the optical disc device. A CP for generating CPU data for performing an authentication operation of a communication subject when decrypting the encrypted data of the optical disk device
U, an authentication / data decryption unit for decrypting the encrypted data of the optical disk device, and a memory means for storing the digital data decrypted by the authentication / data decryption unit, wherein the authentication / data decryption unit is An encryption / decryption algorithm for decrypting the CPU data from the CPU or the optical disk device, and a fixed value key of 1 byte or more for performing authentication to prove the validity of the communication subject each time the title of the encrypted data changes. Authentication key 1 register that holds the authentication key 1 that is the above, authentication key 2 register that holds the authentication key 2 that is a key of 1 byte or more that changes for each authentication, and key that is 1 byte or more that changes for the above authentication Authentication key 3 register which holds the authentication key 3 which is a key, and a title key decryption key which is a key for decrypting the title key. A title key decryption key register for holding, in response to each of the optical disk device to decrypt the encrypted data transmitted from the plurality of optical disk devices,
In addition, a plurality of title key registers holding different 1-byte or more title keys generated by the encryption / decryption algorithm, and the authentication key 1, the authentication key 2, and the authentication key 3 as keys in the encryption / decryption algorithm. , The title key decryption key, and key select means for selecting one of the decrypted title keys, and the authentication operation
And the above multiple without performing the above title key decryption operation.
De one of the title key register by selecting
Encrypted data decoding apparatus, characterized in that for decoding over data.