JP4497099B2 - Information transmission equipment - Google Patents

Description

  The present invention relates to an information transmission apparatus for performing a data distribution service using, for example, a communication satellite.

  When data is transmitted using public telephone lines, leased lines, etc., plaintext data is encrypted in order to prevent transmission information leakage or to maintain the reliability of information against interference with transmission information. The encrypted data is decrypted at the receiver.

  As typical encryption methods, a common key encryption method and a public key encryption method are known. The common key cryptosystem is also called a symmetric cryptosystem, and there are an algorithm private type and an algorithm public type. DES (Date Encryption Standard) is known as a typical algorithm open type. The public key cryptosystem is an asymmetric scheme in which the decryption key may not be decrypted because a huge amount of calculation is required to derive the decryption key from the encryption key. It is also called a key encryption method.

  FIG. 17 is a schematic configuration diagram illustrating an example of an encrypted data transmission apparatus that encrypts data on a transmission path using a common key cryptosystem. This encrypted data transmission apparatus prevents an eavesdropper 93 on the eavesdropper from eavesdropping on a data transmission path 94 connecting the transmission apparatus 91 on the sender side and the reception apparatus 92 on the receiver side.

  Data to be transmitted is subjected to an encryption process using an encryption key 97 by an encryptor 96 in the transmission device 91. The encrypted data transmitted by the data transmission path 94 and received by the receiving device 92 is decrypted by the decryptor 99 using the decryption key 98 to obtain decrypted data.

  Here, even if the eavesdropping device 93 receives encrypted data from the data transmission path 94 in the same manner as the receiving device 92, it does not have the decryption key 98 and is difficult to decrypt. That is, the wiretapping device 93 handles data that has been encrypted (scrambled) with unknown meaning as it is, so that it is possible to prevent information from leaking to the wiretapping device 93 in practice. In the main encryption method of the common key cryptosystem in this example, the encryption key and the decryption key are generally the same bit string.

  Note that the encryption method as described above is determined according to the type of the line system through which the transmission data is transmitted, the confidentiality (confidentiality) of the transmission data, the amount of transmission data, and the like. For example, in data transmission using a dedicated line, the degree of information leakage and interference with transmission data is low, but when data transmission is performed using a public telephone line, the degree of information leakage and interference is high. .

Japanese Patent Laid-Open No. 8-181689 JP-A-6-152588 European Patent Application Publication No. 702477

  By the way, digital data transmission using communication satellites has become possible in recent years, so that not only analog video / audio data such as television broadcasts and movies but also text and digital video / audio data used in computers etc. However, since the information can be received by an unspecified number of receiving devices, the degree of information leakage and the degree of interference are further increased.

  That is, in the data transmission system using the communication satellite, unlike a one-to-one communication such as a telephone line or a dedicated line, an unspecified number of recipients can be easily received by a receiving device, and thus is easily wiretapped. For this reason, for example, there is a high possibility that pay data transmission will be wiretapped. Therefore, the data transmission system also requires data encryption.

  In the actual data transmission system, not all data is encrypted, but the data to be encrypted is encrypted and sent out on the transmission line according to the content of the data to be transmitted in the transmission device, and received. The person decrypts all or part of the encrypted data, and whether the data is necessary for himself / herself by the information obtained as a result or by the part transmitted without being encrypted Know what.

  Here, a conventional television broadcasting service using a communication satellite is a form in which a large number of users simultaneously receive and use data distributed by a distributor. On the other hand, when digital data used in a computer or the like is distributed via a communication satellite, a function of distributing data to one or more specific users from a data distributor is required.

  However, conventionally, in a simultaneous communication or broadcasting system from a data distributor to all users, all users always receive and use or browse the same information, and there is no identification information of individual system users. Data could not be distributed only to specific users.

  The present invention has been made in view of the above circumstances, and it is an object of the present invention to provide an information transmission apparatus that can reduce the degree of information leakage and the degree of interference even when digital data is transmitted using the communication satellite. To do.

In order to solve the above-described problem, the information transmission apparatus according to the present invention performs a first encryption process using a first encryption key after converting digital data into an Internet protocol packet for converting into an Internet protocol packet format. An encryption means for a transmission data provider to be applied, and an Internet protocol packet subjected to a first encryption process using a first encryption key by the encryption means for the transmission data provider A first encryption process using a first encryption key is performed by a header adding means for adding a header including a destination IP address and the encryption means for the transmission data provider; and Internet protocol packet header is added including a destination IP address, input the transport stream packet A transmission path provider different from that for the transmission data provider that performs a second encryption process using a second encryption key different from the first encryption key after being converted into a transport stream packet Double encrypted data obtained by two independent encryption processes by the encryption means for the transmission, the encryption means for the transmission data provider and the encryption means for the transmission path provider And receiving the double encrypted data transmitted from the transmitting means via the data transmission path and performing a decryption process using a decryption key corresponding to the second encryption key. obtain a header including a destination IP address that the first encryption process is not internet protocol packets and encryption processing performed, response to the first encryption key corresponding to the destination IP address in the header And Ru and a receiving means for decoding processing using the decryption key.

  The information transmission apparatus according to the present invention performs at least a double encryption process including an encryption process using an encryption key corresponding to an identifier indicating the type of the digital data on the digital data, and then the encrypted data. The encrypted data received via the data transmission path is decrypted using the respective decryption keys corresponding to the respective encryption keys, so that even when digital data is transmitted using a communication satellite , The degree of information leakage and the degree of interference can be lowered.

  The best mode for carrying out the present invention will be described below with reference to the drawings.

  This embodiment is the data transmission system of FIG. 1 that divides digital data into predetermined data blocks and transmits the data blocks via a satellite line.

  This data transmission system performs double encryption processing including digital data including encryption processing using an encryption key corresponding to an identifier indicating the type of digital data, and transmits the double encrypted data. A data receiving device that receives the double-encrypted data transmitted from the data distributing device via the satellite line and performs a decryption process using each decryption key corresponding to each encryption key The apparatus 30 is provided. Here, the data receiving device 30 is mounted in, for example, an expansion slot of a personal computer. In FIG. 1, the personal computer is shown as the data receiving device 30 as it is.

  The data distribution device 10 and the data reception device 30 can communicate with each other via a terrestrial communication network such as ISDN capable of bidirectional communication. The terrestrial communication network may be connected to the Internet that transmits and receives digital data between a plurality of systems via the network. Further, the satellite link by the communication satellite 18 has a transmission capacity larger than that of the terrestrial communication network.

  First, the data flow in the data transmission system will be described. Here, it is assumed that a data provider who owns the data distribution apparatus 10 and a specific user who owns the data receiving apparatus 30 have made a data delivery contract in advance. Note that the data providers referred to here include both a provider that provides transmission information (hereinafter referred to as a content provider) and a provider that provides a transmission path (hereinafter referred to as a service provider).

  A user who owns the data receiving device 30 sends a request to the data distribution device 10 to receive a predetermined service provided by the data provider, for example, via ISDN as a ground communication network. The method of sending this request is not particularly limited, and is determined according to the type of data and the contract status with the user, and may be, for example, mail. Moreover, a data provider may provide a service in accordance with a contract in advance without sending a request.

  The request from the user sent to the data distribution device 10 is received by the data request reception unit 11 and sent to the data management unit 12. The data management unit 12 checks whether the user's contract information or request is meaningful. If there is no problem, the data management unit 12 makes a data read request to the data storage unit 13. In response to the data read request, the data storage unit 13 sends, for example, data to the data creation unit 15 via the high-speed switcher 14.

  The data creation unit 15 converts the data from the data storage unit 13 into an IP packet, a media access control (MAC) frame, and a MPEG (Moving Picture Experts Group Phase) 2 transport format conversion. I do. The data creation unit 15 performs the above-described double encryption after the data is converted into an IP packet and the data is converted into a transport.

  This format conversion will be described below. As described above, in recent years, it has become possible to multiplex and transmit various types of data such as audio, video signals and data through a large-capacity digital line. As a multiplexing method, for example, a transport stream (Transport Stream, TS) packet, which is an MPEG2 transmission format, is known. In this TS packet, the information data part (payload part) is encrypted. The encryption key for this encryption uses a 13-bit packet ID (PID) in the header portion of the TS packet and a unique bit string corresponding to the 2-bit scramble control unit. The PID is also used to identify information types such as video and audio of a specific channel of each TS packet.

  When data is transmitted using the TS packet, the data is converted into an Internet protocol (IP) packet format widely used on the Internet, and the IP packet is inserted into the TS packet.

  When various types of data are transmitted as IP packets, the PID is used to distinguish the IP packet data from other video and audio data, and the bit length is only 13 bits. The number of bits is insufficient to identify various types of data transmitted in packets. Therefore, a method for identifying data types other than PID is required.

  For example, on the Internet, a destination address (Destination Address) included in an IP header of an IP packet is used to identify whether received data is data addressed to itself. Even when an IP packet is transmitted using a TS packet, it is possible to identify whether the data is addressed to itself using this transmission destination address (hereinafter referred to as a transmission destination IP address).

  However, taking a satellite line as an example, the data transmission rate is 30 Mbps per repeater, and it is very difficult to analyze the destination IP address with software in real time on the data receiving side. Some means is required to extract only the information addressed to you.

  Furthermore, even if you do not specify the title of specific information, if you specify only the information of the genre of the information you are interested in, it is very convenient that only the information of that genre is automatically received and downloaded. .

  In addition, when data is encrypted as described above so that it can be received only by a specific subscriber, it is necessary for the receiving side to decrypt the encrypted data. Therefore, in the data transmission system, an identifier indicating the data type is added to the multiplexed data composed of a plurality of types of data blocks in the data distribution device 10, and the data reception device 30 is transmitted via the communication satellite 18 through the satellite line. Is sending to. Then, the data receiving device 30 reads the identifier in hardware, extracts and decodes only the pre-registered type data required by the receiver.

  The addition of this identifier is performed by the data creation unit 15 of the data distribution apparatus 10. The data storage unit 13 in the data distribution apparatus 10 stores data required by the user in a state where nothing is processed. The data storage unit 13 notified of the data read request from the user from the data management unit 12 simultaneously sends the requested data and the user destination information to the data creation unit 15 via the high-speed switcher 14.

  Here, the user destination information is a destination IP address necessary for IP packet transmission. In this data transmission system, a unique destination IP address is allocated to all users. A destination IP address possessed by one user is not possessed by a user other than the one user while the one user has secured it.

  Data from the data storage unit 13 is created or format-converted by the data creation unit 15 and then multiplexed with other audio signals and video signals by the data processing unit 16, and is transmitted from the transmission antenna 17 to the communication satellite 18 as multiplexed data. Sent via a wireless line.

  The multiplexed data transmitted via the communication satellite 18 can be received not only by the data receiving device 30 owned by the specific user but also by all users who can receive the data. The data receiving device 30 receives all multiplexed data from the communication satellite 18, selects and extracts data corresponding to the request issued by the data receiving device 30, and decodes it.

  The data receiving device 30 receives multiplexed data composed of a plurality of types of data blocks to which an identifier indicating the type of data is added via a satellite line by the communication satellite 18 and reads the identifier to register in advance. Extract and decode only the types of data blocks.

  That is, the data receiving device 30 receives a large number of data blocks including data transmitted in response to a request, and among them, a data block addressed to itself, a data block to be received by itself, and data that can be received by the data receiving device 30 Select and extract blocks. Note that the data receiving device 30 possessed by the user is determined in advance by a contract between the user and the data provider. Therefore, normally, it is not possible to select specific data addressed to other users using the data receiving device 30 owned by the user.

  However, in the data transmission system using the communication satellite 18, unlike a one-to-one communication such as a telephone line or a dedicated line, an unspecified number of recipients can be easily received by a receiving device, and thus is easily wiretapped. That is, there is a high possibility that the data transmission will be wiretapped. Therefore, the data transmission system also requires data encryption.

  For this reason, as shown in FIG. 2, the data distribution apparatus 10 includes a content provider 18 that provides information and a service provider 19 that transmits the information by an encryptor 21 and an encryptor 26. Heavy encryption processing is applied.

  The data distribution apparatus 10 is actually configured as shown in FIG. 1 described above, and in particular, each component included in the content provider 18 and the service provider 19 shown in FIG. 2 includes data as shown in FIG. It is included in the creation unit 15.

  The data and IP address addressed to the specific user sent from the data storage unit 13 are sent to the destination IP packet creation unit 20. The IP packet creation unit 20 generates the IP packet 60 shown in FIG. 4 using the data sent from the data storage unit 13 and the destination IP address that identifies the user at that time. The size of the IP packet 60 is defined by TCP / IP (Transmission Control Protocol / Internet Protocol), and when the data requested by the user exceeds the size, the data is divided into a plurality of IP packets and then transmitted. Are transferred to the encryptor 21.

  The IP header of the IP packet 60 used here contains the user's destination IP address 74 and the source IP address 73 shown in FIG. Here, the destination IP address 74 is 32 bits.

  The IP packet 60 created by the IP packet creation unit 20 is transferred to the encryptor 21. The encryptor 21 knows that the destination is a specific user from the 32-bit transmission destination IP address 74 in the IP packet 60, and already knows only between the data provider and the specific user at that time. The entire IP packet 60 is encrypted with the IP packet encryption key. As the encryption method, for example, DES (Data Encryption Standard) is adopted.

  Since the encryptor 21 performs encryption using the 32-bit transmission destination IP address 74, only limited reception by encryption of the IP packet is received within a range of 2 to the 32nd power (= about 4.3 billion). Can be divided.

  The content provider 18 gives the data receiving device 30 in advance a destination IP address of the IP packet to be transmitted and a decryption key for decrypting the encrypted IP packet. Then, the payload portion of the IP packet is encrypted with the encryption key corresponding to this decryption key and sent to the service provider 19.

  However, it is not necessary to perform encryption on all data for a specific user, and encryption may not be performed depending on the type of data. When encryption is not performed, the IP packet 60 is directly transferred from the IP packet creation unit 20 to the MAC frame creation unit 22.

  Here, a case where encryption is performed will be described. Encryption is normally performed on 64-bit plain text. When the data length of the IP packet 60 to be encrypted is not a multiple of 64 bits, the entire IP packet 60 is obtained by padding data, that is, padding invalid data. Is a multiple of 64 bits to obtain an IP packet 61.

  The IP packet 62 obtained by encrypting the IP packet 61 for a specific user is transferred to the MAC frame creation unit 22. The MAC frame creation unit 22 adds a MAC header 70 to the IP packet 62 encrypted by the encryptor 21.

  As shown in FIG. 6, the MAC header 70 is composed of a total of 64 bits: an 8-bit SSID (Server System ID), a 24-bit UDB (User Depend Block) 1, and a 32-bit UDB2. In particular, in the UDB 2 of the MAC header 70, a transmission destination IP address similar to the transmission destination IP address written in the IP header is written.

  The destination IP address in the IP header is encrypted, and the receiving device cannot know the destination IP address without decrypting the cipher, but the MAC header 70 has the same destination IP address. For example, the receiving side can know whether it is a data block addressed to itself by simply reading it out in hardware. This destination IP address is directly passed from the IP packet creation unit 20 to the MAC frame creation unit 22.

  The UDB 1 includes a 3-bit PBL (Padding_Byte_Length), a 1-bit CP (Control_Packet), a 1-bit EN (Encrypted_or_Not), a 1-bit PN (Protocol_Type Available_or_Not), a 2-bit Reserve, A 16-bit protocol number (Protocol Type) is set.

  Of these, PBL is the padding byte length, and is the length of invalid data that has been compensated for during encryption. This is necessary for the user who receives the encrypted IP packet to know the proper data length.

  The CP is a bit for identifying whether the IP packet contains data required by the user or control data required for system operation. Normally, the CP of the MAC frame 63 to be received when the user makes a request indicates that data is contained instead of control data.

  EN is a control bit indicating whether the IP packet is encrypted by the encryptor 21. Based on this bit information, the user decides whether or not to decode the received MAC frame 63. The PN is a control bit indicating whether there is useful information in the Protocol Type area.

  The MAC frame creation unit 22 in FIG. 3 adds the above control bits to the IP packet 62. Here, in addition to the transmission destination IP address, a content ID indicating the type of IP packet information may be set in the UDB 2. This content ID will be described later. It is the SSID that identifies whether the destination IP address or the content ID is set in the UDB 2.

  A CRC (Cyclic Redundancy Checking) calculated by the CRC calculation unit 23 is added to the MAC frame 63 generated by the MAC frame creation unit 22. Thus, by performing CRC calculation on the data distribution device 10 side, the data reception device 30 can check whether the received MAC frame is correctly transmitted from the communication satellite 18. The 16-bit CRC generated by the CRC calculation unit 23 is added to the end of the MAC frame 63.

  The MAC frame 63 is transferred to the section creation unit 24 and converted into a section defined by MPEG2. As shown in FIG. 4, the MAC frame 63 is added immediately after the section (Sec) header 71 and is called a private section 64.

The format of this section header 71 is shown in FIG. The format of the section header 71 is defined by MPEG2 and includes a table (ID) T _id , a section-sync-indicator S _si , a private-indicator P _i , a reserved R _es , and a private-section-length P _sl . Here, the private-section-length P _sl contains the data length of the MAC frame.

The private section 64 created by the section creation unit 24 is transferred to the transport packet creation unit 25. In the transport packet creation unit 25 divides the private section 64 that is transferred transport packet 65 _1, 65 _2, the · · 65 _n.

The transport packets 65 ₁ , 65 ₂ ,... 65 _n are each composed of 188 bytes. These transport packets 65 _1, 65 _2, the · · 65 _n, is added 4-byte TS header.

For example, the format of the TS header 72 is shown in FIG. The TS header 72 includes a sync byte S _yb , a transport-error-indicator T _ei , a payload-unit-start-indicator P _ui , a transport-priority T _p , the PID, the scramble control unit (transport-scramble-control). ) T _sc , Adaptation-Field-Control A _fc and Continuity-Counter C _c .

Since the size of one transport packet 65 ₁ , 65 ₂ ,... 65 _n is defined as 188 bytes as described above, one section 64 is generally divided into a plurality of transport packets. It is necessary to divide.

Here, since one section is not always an integral multiple of 184 bytes (the number of bytes obtained by subtracting 4 bytes of the header length) from 184 bytes, one section 64 is divided into a plurality of transport packets 65 ₁ and 65 When dividing into ₂ ,... 65 _n , data filling using stuffing bytes is performed as shown in FIG. That is, when one section that is not a multiple of 184 bytes is divided into a plurality of transport packets, a stuffing area in which all bits are stuffed is formed in the remaining data area of the last transport packet.

  Each transport packet created by the transport packet creation unit 25 is supplied to the encryptor 26. The encryptor 26 performs an encryption process on the data portion of each transport packet using the TS packet encryption key as shown in FIG.

  The service provider 19 previously gives the data receiving device 30 the PID portion of the TS packet to be transmitted, the value of the scramble control unit, and the decryption key for decrypting this TS packet. Then, the encrypted IP packet given from the content provider 18 is converted into a TS packet, and the payload portion of the TS packet is encrypted with an encryption key corresponding to the decryption key to create an encrypted TS packet. Send on the line.

  Here, as described above, the encryption key for encryption is a unique bit string corresponding to the PID (13 bits) of the TS header and the scramble control unit (2 bits) shown in FIG. use. For this reason, a maximum of 15 bits and 4096 types can be limited.

  Since the recipients have already been divided into the 2 32 range as described above using the destination IP address of the IP packet, when this TS packet encryption is combined, the range is 4096 times that The recipients can be divided into more detailed limited reception methods.

  In addition, by performing independent encryption twice, even if an eavesdropper succeeds in decrypting one of the ciphers, plaintext data cannot be obtained unless the other cipher can be decrypted. A safer conditional access system can be configured.

  Further, here, the conditional access method based on the encryption of the IP packet and the conditional access method based on the encryption of the TS packet are performed by different providers such as the content provider 18 and the service provider 19, respectively. The reception method can be configured. This is effective when the provider that provides the transmission path is different from the provider that provides the transmission data, and each of them wants to make a limited reception contract with the user independently. There is no risk of leakage of information regarding encryption keys between providers.

  Data that has been double-encrypted by the content provider 18 and the service provider 19 is transferred to the data transfer unit 27 and then transmitted to the data processing unit 16 such as a multiplexer. In the data processing unit 16, the transport packet is multiplexed with other digitized video and audio signals, and then modulated and amplified.

  The broadcasted data for the specific user is received by the receiving antenna 31 on the user side and transferred to the data receiving device 30 of the specific user.

  A signal received by the receiving antenna 31 is converted into an IF signal and input to the data receiving device 30. FIG. 8 shows a block diagram of the data receiving apparatus 30. As shown in FIG. FIG. 9 shows a flowchart of the double decoding process performed by the data receiving apparatus 30.

  The signal input to the front end 32 composed of the tuner 33, A / D converter 34, demodulator 35 and decoder 36 is converted into a digital signal, subjected to QPSK demodulation processing and error correction processing, and step S1. Is received as encrypted TS packet data.

  The encrypted TS packet is supplied to the descrambler 37. The descrambler 37 performs descrambling processing at the TS packet level on the encrypted TS packet data. In this case, the descrambler 37 reads the values of the PID part and the scramble control part from the header part of the encrypted TS packet data, and whether or not the TS provider decryption key corresponding to these values is given from the service provider 19. In step S2, the payload portion of the encrypted TS packet is decrypted with the decryption key, and the decrypted TS packet is output. Here, if the decryption key is not given in advance from the service provider 19, the encrypted TS packet is discarded in step S7.

  The TS packet decoded in step S3 is supplied to the demultiplexer 38. Here, the demultiplexer 38 divides the audio data and video data multiplexed together with the TS packet data by the data processing unit 16, supplies the audio data to the audio decoder 39, and supplies the video data to the video decoder 40. . The audio decoder 39 outputs analog audio, and the video decoder 40 outputs analog video via the NTSC encoder 41. The remaining TS packet data is supplied to the depacketizer 45.

  The depacketizer 45 reproduces the format of the private section 64 shown in FIG. 4, calculates the CRC value, and determines whether the data has been correctly received. In step S4, the depacketizer 45 converts the private section 64 into an IP packet and converts it into format data 75 as shown in FIG. The format data 75 is transferred via the FIFO 46 to the decoder 47 that decodes the IP packet.

  In the decryptor 47, the identifier set in the UDB2 shown in FIG. 6 of the MAC header in the format data 75, here the destination IP address is extracted, and the IP packet decryption key corresponding to this is given from the content provider 18 In step S5, the payload part of the IP packet is decrypted using this decryption key, and the decrypted IP packet is output. Here, if the decryption key is not given in advance from the content provider 18, the encrypted IP packet is discarded in step S7.

  The decryption key is stored in the reference table 80 shown in FIG. 11 in the dual port RAM (DPRAM) 48 in correspondence with the identifier.

  This reference table 80 has an identifier of a receivable type of data block together with a decryption key corresponding to the identifier. The identifier uses 4 bytes and the decryption key uses 8 bytes.

  In the figure, as described above, the content ID may be used as the identifier even if the destination IP address is used, and the identification is performed by the SSID in the MAC header of the received packet. The value of the reference table 80 is set by the CPU 42 having an input to the DPRAM 48.

  When the decryptor 47 receives the encrypted IP packet data in the format shown in FIG. 10 and extracts the identifier of UDB2 in the MAC address, the decoder 47 accesses the DPRAM 48 and reads the identifier in the table 80 every 16 bytes from the head address. A search is performed, and a match between the identifier in the received packet and the identifier in the table is detected for the bit of the identifier that is “1” among the mask bits stored in the 4 bytes after the identifier.

  If the mask bit is H “ffffffff”, it is confirmed that the identifier in the MAC address of the received packet matches all bits of the identifier in the table, and the same identifier as the input identifier is in DPRAM 48. A decryption key (session key in the figure) corresponding to the identifier is taken out, and subsequent IP packet decryption processing is performed.

  At the end of the identifier in the pre-registered reference table 80, an END code is stored, and the identifier is searched. When the END code is detected, the search is exited and the received packet is not received. Instead, it is discarded by the decoder 47 as shown in step S7.

  As described above, the content ID (or genre ID) is used in addition to the transmission destination IP address as the identifier. That is, the content ID may be set in addition to the transmission destination IP address in UDB2 of the MAC header 70 shown in FIG. For example, when “0” is set as the SSID, it indicates that the transmission destination IP address is used. For example, when “1” is set, it is defined that the genre ID is used. It is possible to determine which one is being used by analyzing the SSID on the receiving side.

  For example, when a destination IP address is used for UDB2, it becomes possible to transmit data addressed to individuals corresponding to a unicast address and to a group user using a multicast address. Only the data addressed to the groove to which the user belongs can be received in real time.

  In this case, the DPRAM 48 of the data receiving apparatus 30 only needs to include a reference table 81 having a format as shown in FIG. The reference table 81 has the transmission destination IP address of a receivable type of data block together with a decryption key corresponding to the transmission destination IP address. For example, in the first 16 bytes, the destination IP address 1 for the group such as the multicast address is set.

  The encryption ON / OFF flag of this destination IP address 1 is 0. In the next 16 bytes, a destination IP address 2 addressed to an individual such as the unicast address is set. The encryption ON / OFF flag is 1. A session key is also set for the destination IP address 2.

  When the decoder 47 receives the IP packet data in the format shown in FIG. 10 and inputs the destination IP address in the MAC address, the decoder 47 accesses the DPRAM 48 and sends the destination IP in the table 81 every 16 bytes from the head address. The address is searched, and the identity of the identifier in the received packet and the identifier in the table is detected for the identifier bit of “1” in the mask bits stored in the 4 bytes after the IP address. .

  If the mask bit is H “ffffffff”, it is confirmed that all the bits of the destination IP address in the MAC address of the received packet match the destination IP address in the table, and the same IP address as the input IP address Is in the DPRAM 48, the decryption key corresponding to the IP address is extracted, and the subsequent IP packet decryption process is performed.

  At the end of the IP address in the pre-registered reference table 81, an END code is stored, and the IP address is searched. If an END code is detected, the search is exited, and the received packet is Without being received, the decoder 47 discards it as in step S7.

  On the other hand, when a content ID that uses 32 bits fully is used as UDB2, when data of a genre registered in advance is received, the data can be transferred to a PC and automatically downloaded to the hard disk. It becomes.

  In this case, the DPRAM 48 of the data receiving apparatus 30 only needs to include a reference table 82 having a format as shown in FIG. This reference table 82 stores, for example, a content ID 83 of a receivable type of data block using 32 bits full.

  As shown in FIG. 14A, such a 32-bit content ID 83 includes an 8-bit major category D0, a 6-bit middle category D1, a 4-bit minor category D2, and a 14-bit information ID. And is composed of. The large classification D0 represents a large category such as computer software, publications, and game software. The middle category D1 indicates an intermediate category such as a book, magazine, or newspaper if the major category D0 is a publication. Further, if the middle class D1 is a newspaper, the minor category D2 indicates a category representing the name of a newspaper company, such as A newspaper, B newspaper, and S newspaper. One data unit is identified by the unique ID in the small classification D2. In this case, the issue date of the newspaper becomes the information ID, and as a result, for example, the content ID as shown in FIG.

  An actual information identification method using such a content ID as an identifier will be described below. For example, in the example of FIG. 14 described above, when contracting A newspaper, the mask bit is H “ffffc000”, and it is only necessary to detect a match between the identifier of the received packet whose bit position is 1 and the identifier in the table. . In addition, when all newspapers are received regardless of the unique newspaper name, if the mask bit is set to H “ffc0000”, the A newspaper H “020084000 + issue date ID” and the B newspaper H “020088000 + issue date ID” are also used. All can be downloaded with one setting.

  This is a very useful method in that it is possible to automatically receive information of the specified genre if only the genre of the necessary information is specified without specifying the ID of each individual information. .

  However, in this case, if each information is encrypted, for example, each newspaper is encrypted with a separate session key, the session key for each newspaper cannot be set only by setting the content ID. This is an effective method only when each information is not encrypted.

  In addition, as an identifier of the information, there is a method of using a MAC address assigned to each product with a 48-bit length.

  If the decryption unit 47 can read the destination IP address and the content ID, the data block is determined to be a pre-registered type of data block, and is extracted and encrypted in the format data 75. Decrypt the IP header and IP data as described above.

  The decrypted data block is transferred to the main memory on the personal computer via the FIFO 49 and the PCI interface 50. Then, processing by the software of this personal computer is performed.

  The CPU 42 controls reading of the DPRAM 48 and sets a reference table value. Further, the CPU 42 controls the demultiplexer 38, DPRAM 48, and DPRAM 52 according to the program read from the ROM 44 into the RAM 43. Further, the CPU 42 may process the data read from the IC card reader 53 and generate the decryption key. Further, the request is transmitted to the data supply source by ISDN through the modem 54 and the telephone line 56.

  As described above, the data receiving device 30 reads the transmission destination IP address and the content ID that have been set in the DBU 2 of the MAC frame and transmitted by the data distribution device 10 with the decoder 47 and registered in advance. Since only types of data blocks can be extracted, it is possible to extract and decrypt only the information addressed to itself or necessary information from received data in which various encrypted data are multiplexed.

  Further, as shown in FIG. 2, the transmitted data is double-encrypted by the content provider 18 and the service provider 19, and only the data receiving device 30 has two decryption keys for decrypting it. Since it has, it can prevent data from being stolen by others.

  In the data transmission system according to this embodiment, the double encryption processing on the data distribution apparatus 10 side may be performed with a configuration as shown in FIG. That is, the content provider 18 does not perform the IP packet encryption processing, but the service provider 19 performs the processing. For this reason, the content provider 18 can save expenses.

  That is, if one provider performs both encryption processes, the other provider does not need to have facilities for encryption processing. This is effective because, for example, when a plurality of content providers use a transmission path provided by one service provider, each content provider does not have to have an encryption processing facility.

  Here, the operation of each unit is the same as the operation of each unit shown in FIG. 2, and the configuration of the data receiving device 30 is also the same, and the description thereof is omitted. Further, the configuration in the data receiving device 30 may be as shown in FIG. In other words, a storage device 58 such as a hard disk driver may be provided between the depacketizer 45 and the decoder 47 to store encrypted IP packets. In this way, even if the decryption key for decrypting the IP packet is not obtained in advance, the encrypted IP packet is stored in the storage device 58 and decrypted when the decryption key is obtained later. That's fine.

  That is, by storing the encrypted packet in the storage device, the data can be made valid even if the receiving device obtains the decryption key later. For example, by storing a large amount of data in a storage device in advance and obtaining the decryption key at the stage intended by the user and using the data, a larger amount of data is obtained than when the user starts receiving data after the user intends. Can save time for receiving data.

  Here, a case has been described in which the receiving device 30 does not obtain a decryption key for decrypting an IP packet. However, even if a decryption key for decrypting a TS packet is not obtained, the TS packet remains encrypted. Can be stored in the storage device to perform the same processing.

  Furthermore, it is possible to prevent the plaintext data from being copied by adding a mechanism that can store the encrypted data but cannot store the decrypted data and the decryption key.

  In each example described above, an IP packet is considered as transmission data, but a similar conditional access system can be configured even when other transmission protocol packets having a similar structure are considered. Also, the transmission data packetization may be triple or more, and three or more conditional access methods may be combined. For this reason, encryption processing may be performed on file data before IP packetization.

  For example, the data compression method of the MAC frame is not limited to MPEG2, and other compression methods may be used. Further, the Internet protocol is not limited to TCP / IP, and for example, an OSI (Open System Interconnection) method may be used.

1 is a configuration diagram of a data transmission system according to an embodiment of the present invention. It is the block diagram which showed simply the structure in connection with the double encryption process of the said data transmission system. It is a block diagram which shows the structure of the data preparation part shown in the said FIG. It is a figure for demonstrating the process of the data preparation in the data preparation part shown in the said FIG. It is a format figure which shows the detailed structure of an IP header. It is a format figure of a MAC header. It is a format figure of a section header and TS header. It is a block diagram of the data receiver which comprises the said data transmission system. It is a flowchart for demonstrating the decoding process performed with the said data receiver. It is a figure for demonstrating the transfer of the data from the depacketizer in the said data receiver to a decoder. It is a basic block diagram of the reference table which DPRAM in the said data receiver stores. It is a figure which shows the 1st specific example of the said reference table. It is a figure which shows the 2nd specific example of the said reference table. It is a figure which shows the specific structural example of content ID. It is a block diagram which shows the other specific example of the data delivery apparatus in the said data transmission system. It is a block diagram which shows the other specific example of the data receiver in the said data transmission system. It is a schematic block diagram which shows an example of the encryption data transmission apparatus which encrypts the data on a transmission line with a common key encryption system.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 10 Data delivery apparatus, 18 Content provider, 19 Service provider, 21 Encryptor, 25 TS packet preparation part, 26 Encryptor, 30 Data receiver, 37 Descrambler, 45 Depacketizer, 47 Decryptor

Claims (1)

An encryption means for a transmission data provider that performs a first encryption process using a first encryption key after digital data is converted into an Internet protocol packet for converting into an Internet protocol packet format;
Header addition for adding a header including a destination IP address to an Internet protocol packet that has been subjected to a first encryption process using a first encryption key by the encryption means for the transmission data provider Means,
An Internet protocol packet that has been subjected to a first encryption process using a first encryption key by the encryption means for the transmission data provider and to which a header including a destination IP address is added, What is for the transmission data provider that performs a second encryption process using a second encryption key that is different from the first encryption key after being converted into a transport stream packet to be included in a transport stream packet? Encryption means for different transmission line providers,
A transmission role for transmitting double encrypted data obtained by two independent encryption processes by the encryption means for the transmission data provider and the encryption means for the transmission path provider;
First encryption processing is performed by receiving the double encrypted data transmitted from the transmission means via the data transmission path and performing decryption processing using a decryption key corresponding to the second encryption key. using a decryption key corresponding to the first encryption key to obtain a header corresponding to the destination IP address in the header including a destination IP address that is not the Internet protocol packets and encryption processing performed information transmission device Ru and receiving means for decoding.

Images