JP4539646B2 - Data encryption, decryption or encryption / decryption method and apparatus - Google Patents

Description

  The invention described in the claims of the present application is a data encryption method for performing encryption processing on digital information data to obtain encrypted digital information data, and a data encryption device and encryption for use in the method. Decoding method for reproducing the original digital information data by performing a decoding process on the converted digital information data, a data decoding apparatus used for the implementation, and the above-described data encryption method and data decoding The present invention relates to a data encryption / decryption method combined with a method, and a data encryption / decryption device used for the implementation.

  When transmitting digital data representing various signal information, etc., to prevent eavesdropping on the data transmission path, the transmitting side encrypts the digital data to be transmitted and the receiving side decrypts the encrypted digital data. It has been proposed to obtain the original digital data by performing the above. DES (Data Encryption Standard) method promulgated by the US Bureau of Standards (NBS) in 1977 as a representative encryption algorithm for digital data encryption, and a researcher at Massachusetts Institute of Technology in 1978 The RSA (Rivest, Shamir, Adleman) method etc. announced by J.

  In encrypted transmission by the DES method, digital data is encrypted in accordance with a rule determined by separately prepared key data (encrypted key data), and encrypted digital data is separately prepared. Decryption is performed according to a rule defined by the key data (decryption key data). At this time, the encryption key data and the decryption key data are the same key data (common key data). The algorithm itself for encryption and decryption is open to the public, and the secret function is performed by keeping the common key data secret.

  In the encrypted transmission by the RSA system, the digital data is encrypted according to a rule defined by encryption key data (public key data) that is not kept in a secret state, and the encrypted digital data is Decryption is performed according to a rule defined by decryption key data (secret key data) that has a different content from the public key data and is kept in a secret state. Encryption is performed using public key data, but a confidentiality function is performed by performing decryption using private key data.

  FIG. 6 shows a basic configuration of an encrypted transmission system based on the DES method. In the basic configuration shown in FIG. 6, digital data to be transmitted is supplied to the DES system encryption unit 11 as original data. The common key data prepared in advance is also supplied to the DES system encryption unit 11, and the DES system encryption unit 11 performs the encryption process by the DES system according to the rules determined by the common key data on the original data. Encrypted data is formed. Then, the encrypted data is transmitted from the DES system encryption unit 11 and transmitted through the data transmission path 12 connected to the DES system encryption unit 11 at one end.

  The encrypted data transmitted through the data transmission path 12 is supplied to the DES system decryption unit 13 connected to the other end of the data transmission path 12. The same common key data as that supplied to the DES method encryption unit 11 is also supplied to the DES method decryption unit 13, and the DES method decryption unit 13 follows the rules determined by the common key data for the encrypted data. The original data is reproduced by performing a decryption process by the DES method.

  FIG. 7 shows a basic configuration of an encrypted transmission system based on the RSA method. In the basic configuration shown in FIG. 7, digital data to be transmitted is supplied to the RSA encryption unit 14 as original data. The RSA system encryption unit 14 is also supplied with public key data prepared in advance, and the RSA system encryption unit 14 performs the encryption process by the RSA system on the original data according to the rules determined by the public key data. Encrypted data is formed. Then, the encrypted data is transmitted from the RSA system encryption unit 14 and transmitted through the data transmission path 15 connected to the RSA system encryption unit 14 at one end.

  The encrypted data transmitted through the data transmission path 15 is supplied to the RSA system decryption unit 16 connected to the other end of the data transmission path 15. The RSA system decryption unit 16 is also supplied with secret key data having a different content from the public key data supplied to the RSA system encryption unit 14. The original data is reproduced by performing decryption processing by the RSA method in accordance with the rules defined by the secret key data.

  Regarding encryption and decryption by the DES method and encryption and decryption by the RSA method, generally, in the former case, the amount of calculation at the time of encryption and decryption is relatively small, and high-speed processing is performed. On the other hand, in the latter case, the amount of calculation at the time of encryption and decryption is relatively large, and therefore it is not suitable for high-speed processing.

On the other hand, in the field of video signals, digitization from the viewpoint of realizing diversification of transmission information and high quality of reproduced images has been attempted. A high definition television (HDTV) system for handling video signals has been proposed. A digital video signal (hereinafter referred to as HD signal) under the HDTV system is formed in accordance with a standard BTA S-002 established by BTA (Broadcasting Technology Association), for example, Y, P _B / There are _PR type and G, B, R type. Y, if the P _B / P _R format, Y denotes a luminance signal, the P _B / P _R means a color difference signal. In the case of G, B, and R formats, G, B, and R mean a green primary color signal, a blue primary color signal, and a red primary color signal, respectively.

Such an HD signal has, for example, a frame rate of 30 Hz (field rate is 60 Hz) with each frame period being divided into a first field period and a second field period, and the number of lines in each frame period is 1 125 lines, the number of data samples per line is 2,200 samples, and the sampling frequency is 74.25 MHz. Then, for example, Y, HD signals P _B / P _R format is intended to follow the data format as shown in FIG.

In the data format shown in FIG. 8, A in FIG. 8 shows a part for each line in the luminance signal data series (Y data series) representing the luminance signal component in the video signal, and B in FIG. It shows a part of each line in the color difference signal data sequence representing the color difference signal components (P _B / P _R data sequence) in. Each word data forming the respective Y data sequence and P _B / P _R data sequence, for example, is a 10-bit configuration. That, Y data sequence and P _B / P _R data series each are, for example, a 10-bit word sequence data formed by continuous 10-bit word, word transmission rate is, for example, a 74.25Mwps.

In the Y data series, each line is formed by linking the video blanking part to the video data part, and immediately before each video data part, each word is composed of 4 words (3FF (Y), 000 (Y), 000 (Y) and XYZ (Y); each of 3FF and 000 is a hexadecimal display, and “h” indicating a hexadecimal display is added, and 3FFh and 000h are written. In addition, timing reference code data (SAV: Start of Active Video) consisting of (Y) indicates a word in the Y data series.) And 10 immediately after each video data portion. Timing reference code data (EAV: End of Active Video) consisting of 4 words (3FF (Y), 000 (Y), 000 (Y), XYZ (Y)) having a bit structure is arranged. Similarly, P _B / P be in the _R data series, just before each image data unit, four words, each of which is a 10-bit configuration (3FF (C), 000 ( C), 000 (C), XYZ (C); (C) represents a word in the P _B / P _R data series.) SAV is arranged, and immediately after each video data portion, each is composed of 10 bits. EAV consisting of 4 words (3FF (C), 000 (C), 000 (C), XYZ (C)) is arranged. Of course, EAV and SAV Each of the in Y data sequence, is arranged in each line blanking section of the Y data sequence, also, P _B / P husband _R data EAV in series and SAV s is, P _B / P _R It is arranged in each line blanking part in the data series.

  For 4 words (3FF (Y), 000 (Y), 000 (Y), XYZ (Y) or 3FF (C), 000 (C), 000 (C), XYZ (C)), the first 3 words (3FF (Y), 000 (Y), 000 (Y) or 3FF (C), 000 (C), 000 (C)) is for establishing word synchronization or line synchronization, and last 1 word (XYZ (Y) or XYZ (C)) for identifying the first field and the second field in the same frame, or for identifying the timing reference code data EAV and the timing reference code data SAV. belongs to.

Y data sequence and P _B / P _R data sequence between the time reference code data EAV and the timing reference code data SAV of each line blanking section in each of the line portion of each of the numbers forming each frame ( Line number data LN0 (Y) and LN1 (Y) or LN0 (C) and LN1 (C), error detection code data YCR0 and YCR1 or CCR0 and CCR1, and auxiliary data YA0 including voice data , YA1,..., YA267 or CA0, CA1,.

In the HD signal consisting of the above-described Y data sequence and P _B / P _R data sequence is transmitted, and since the data transmission path is simplified, and transmitted is converted from word sequence data into serial data Serial transmission is desired. Then, Y data on the series and P _B / P _R serial transmission of data HD signal formed contains a sequence, is a standard established by the aforementioned BTA BTA S-004 in accordance HD SDI (High Definition Serial Digital Interface ) Is standardized (for example, see Non-Patent Document 1).

In the transmission conforming to HD SDI, Y data sequence and the P _B / P _R data sequence, word multiplexing process at Moto the line blanking section EAV and SAV was arranged in each was allowed to synchronization facilities Thus, a word multiplexed data sequence as shown in FIG. 9 is formed as 10-bit word string data with a word transmission rate of 74.25 MWps × 2 = 148.5 MWps. In this word multiplexed data series, 8 words (3FF (C), 3FF (Y), 000 (C), 000 (Y), 000) each having a 10-bit configuration are provided immediately before each video data portion. (C), 000 (Y), XYZ (C), and XYZ (Y)) are provided with multiple timing reference code data (multiplexed SAV), and each has a 10-bit configuration immediately after each video data portion. Multiple timing reference consisting of 8 words (3FF (C), 3FF (Y), 000 (C), 000 (Y), 000 (C), 000 (Y), XYZ (C), XYZ (Y)) Code data (multiple EAV) is arranged.

  The word multiplexed data sequence is converted from parallel data to serial data by sequentially sending out the least significant bit (LSB) to the most significant bit (MSB) for each 10-bit word constituting the word multiplexed data sequence, The serial data is scrambled into a serial transmission HD signal (hereinafter referred to as HD-SDI signal), and the HD-SDI signal is used for transmission through the data transmission path. Such an HD-SDI signal has a bit transmission rate of, for example, 148.5 MWps × 10 bits = 1.485 Gbps.

  Even when HD-SDI signals are used for transmission through the data transmission path, the HD-SDI signal is encrypted on the transmission side and encrypted on the reception side to prevent eavesdropping on the data transmission path. There may be a case where it is desired to decode the HD-SDI signal to obtain the original HD-SDI signal. In such encrypted transmission of HD-SDI signals, since high-speed processing is desired for encryption and decryption, it can be said that encryption and decryption by the DES method described above are suitable. it can. When encryption and decryption by the DES method are applied to the encrypted transmission of the HD-SDI signal, the principle is the same as the encrypted transmission system by the DES method whose basic configuration is shown in FIG. This can be done with a simple encrypted transmission system.

  For example, an HD signal is converted into an HD-SDI signal in conformity with HD SDI, transmitted through a data transmission path, and the HD-SDI signal is converted back into an HD signal in conformity with HD SDI, and the image is displayed. When an encrypted transmission applying encryption and decryption according to the DES method for an HD-SDI signal is performed when supplying to a video device such as a video projector performing the encryption, an encrypted transmission system as shown in FIG. Can be considered.

In the encrypted transmission system shown in FIG. 10, for example, an HD signal obtained from a video camera device or the like is sent from an HD-SDI signal sending unit 20 that converts the HD signal into an HD-SDI signal in conformity with HD SDI. The HD-SDI signal DHS is supplied to the DES HD-SDI encryption processing unit 21. The DES HD-SDI encryption processing unit 21 is supplied with common key data DEY prepared in advance. In the DES system HD-SDI encryption processing unit 21, the HD-SDI signal DHS is subjected to serial / parallel conversion (S / P conversion) processing, and once Y data each forms 10-bit word string data. returned to the original HD signal formed contains a sequence and P _B / P _R data sequence, encryption processing is performed by the DES in accordance with the rules determined by the common key data DEY to the HD signal, the cryptographic The encrypted HD signal is formed, and the encrypted HD signal is further subjected to parallel / serial conversion (P / S conversion) processing to form an encrypted HD-SDI signal DHSE.

And encryption processing is performed on the HD signal when the enciphered HD signal is formed, for example, it is formed to include a Y data sequence and P _B / P _R data sequence shown in A and B in FIG. 8, The portion of the HD signal as shown in FIG. 11 including the video data DVV arranged in the video data portion for each line and the timing reference code data EAV arranged at the beginning of the line blanking portion is encrypted. Processing is performed, whereby encrypted video data is formed. On the other hand, data other than the timing reference code data EAV among the various data arranged in each line blanking section, that is, line number data DLN, error code data CRCC that represents line numbers that change sequentially for each line. , The auxiliary data DAA and the timing reference code data SAV including the audio data and the like are combined with the encrypted video data without being encrypted. As a result, an encrypted HD signal including each data other than the timing reference code data EAV arranged in each line blanking unit and the subsequent encrypted video data is formed.

  Then, an encrypted HD-SDI signal DHSE is transmitted from the DES HD-SDI encryption processing unit 21, and one end is transmitted through a data transmission path 22 connected to the DES HD-SDI encryption processing unit 21.

The encrypted HD-SDI signal DHSE transmitted through the data transmission path 22 is supplied to the DES HD-SDI decryption processing unit 23 connected to the other end of the data transmission path 22. The same common key data DEY as that supplied to the DES HD-SDI encryption processor 21 is also supplied to the DES HD-SDI decryption processor 23. The DES HD-SDI decryption processing unit 23 performs S / P conversion on the encrypted HD-SDI signal DHSE, each of which forms 10-bit word string data, and has an encrypted video data portion. Y data sequence and P _B / P _R data enciphered HD signal sequence is a comprise formation is obtained, the facilities decoding processing by DES method in accordance with the rules determined by the common key data DEY to the encrypted HD signal is, HD signal formed including the original Y data sequence and P _B / P _R data sequence is reproduced.

In HD signal is subjected to decoding processing to the enciphered HD signal is formed to include the original Y data sequence and P _B / P _R data sequence is reproduced, each line blanking section of the enciphered HD signal The encrypted video data is decrypted and the original video data DVV and the timing reference code data EAV are reproduced. On the other hand, data other than the timing reference code data EAV, that is, line number data DLN, error code data CRCC, auxiliary data DAA, and timing reference code data SAV are extracted as they are. Thus, it is combined with the reproduced video data DVV and timing reference code data EAV. As a result, the original HD signal as shown in FIG. 11 is obtained.

Further, in the DES scheme HD-SDI decoding unit 23, reproduced in the HD signal, Y data sequence and P _B / P _R data sequence multiplexed and word multiple data sequence obtained thereby of conforming to HD SDI P / S conversion is performed on the original HD-SDI signal DHS. Then, the HD-SDI signal DHS obtained from the DES HD-SDI decoding processing unit 23 is supplied to the video device 24, and the HD signal based on the HD-SDI signal DHS is reproduced in the video device 24. The signal is used for image display or the like.

Broadcast Technology Development Council Standard BTA S-004 1125/60 Standard HDTV Signal Bit Serial Interface Standard

  As described above, when the encrypted transmission of the HD-SDI signal is performed by applying the encryption and decryption by the DES method, the DES method HD-SDI encryption processing unit 21 and the DES method HD-SDI decryption process. The common key data DEY is required to be supplied to both the unit 23 and the unit 23. Therefore, the common key data DEY supplied to the DES HD-SDI encryption processing unit 21 and used for encryption of the HD-SDI signal DHS is transferred to the DES HD-SDI decryption processing unit 23 by some means. Then, the DES HD-SDI decoding processing unit 23 is supplied.

  Therefore, the common key data DEY is sent from the DES HD-SDI encryption processing unit 21 to the DES HD-SDI decryption processing unit 23 side. It can be considered that the data is transmitted through the data transmission path 22 together with the HD-SDI signal DHSE. FIG. 12 shows the DES HD-SDI decryption process through the data transmission path 22 together with the encrypted HD-SDI signal DHSE sent from the DES HD-SDI encryption processor 21 in this way. The encryption transmission system for transmitting to the part 23 side is shown.

  In the encrypted transmission system shown in FIG. 12, the HD-SDI signal DHS sent from the HD-SDI signal sending unit 20 is subjected to encryption processing by the DES method according to the rules defined by the common key data DEY. Thus, a key data insertion unit 25 is provided on the output side of the DES HD-SDI encryption processing unit 21 that forms the encrypted HD-SDI signal DHSE, and an input side of the DES HD-SDI decryption processing unit 23 In addition, a key data extraction unit 26 is provided. The key data insertion unit 25 is supplied with the encrypted HD-SDI signal DHSE and the common key data DEY from the DES HD-SDI encryption processing unit 21. Then, the key data insertion unit 25 inserts the common key data DEY into the encrypted HD-SDI signal DHSE, and the encrypted HD-SDI signal DHSE accompanied by the common key data DEY is extracted through the data transmission path 22. Is transmitted to the unit 26 side.

  In the key data extraction unit 26, the common key data DEY is extracted from the encrypted HD-SDI signal DHSE accompanied by the common key data DEY transmitted through the data transmission path 22. Then, the encrypted HD-SDI signal DHSE that has passed through the key data extraction unit 26 and the common key data DEY extracted by the key data extraction unit 26 are supplied to the DES system HD-SDI decryption processing unit 23, and the DES system HD -SDI decryption processing unit 23 decrypts the encrypted HD-SDI signal DHSE by the DES method according to the rule defined by the common key data DEY to reproduce the original HD-SDI signal DHS, It is supplied to the video equipment 24.

  However, when the common key data DEY is transmitted from the DES HD-SDI encryption processing unit 21 side to the DES HD-SDI decryption processing unit 23 side through the data transmission path 22 in this way, the data transmission path 22 The common key data DEY through the network is stolen by a malicious person, and the encrypted HD-SDI signal DHSE sent from the DES HD-SDI encryption processing unit 21 may be undesirably decrypted. There is a problem of becoming. Such a problem seriously hinders the implementation of encrypted transmission by applying encryption and decryption according to the DES method for HD-SDI signals.

  In view of such a point, the invention described in the claims of the present application is to encrypt and decrypt digital information data such as an HD-SDI signal using common key data or data corresponding to the common key data. Is equivalent to the common key data or common key data to be transmitted when transmitting the common key data or the data corresponding to the common key data from the encryption processing unit side to the decryption processing unit side. Data encryption method that can significantly reduce the risk that the encrypted digital information data (hereinafter referred to as encrypted information data) sent from the encryption processing unit side will be undesirably decrypted after the data to be stolen is stolen And the data encryption device provided for the implementation, and the encrypted information data obtained from the data encryption device for which the data encryption method is implemented A data decryption method capable of reproducing digital information data, a data decryption apparatus provided for the data decryption method, and a data encryption / decryption method combined with such a data encryption method and a data decryption method. A decryption method and a data encryption / decryption device provided for the implementation are provided.

  The data encryption method according to the invention described in any one of claims 1 to 7 in the claims of the present application is based on the digital information data according to the data that changes sequentially with the counting operation. Encrypted information data is formed by performing encryption processing using random number data sent from a random number data generation unit that generates random data that changes sequentially or data based on the random number data as common key data. The key data is subjected to encryption processing using public key data to form encrypted common key data (hereinafter referred to as encrypted common key data), and encrypted information data, encrypted common key data, Is a data encryption method in a data encryption device for transmitting data to a data decryption device, and when the transmission of encrypted information data is started, the data decryption device Encrypted information data performed by the data decryption apparatus during the period when the common key data is not obtained, which is required for the decryption process using the secret key data for the encrypted common key data for obtaining the common key data The encryption processing unit in the data encryption device performs encryption processing on the digital information data using preset initial common key data instead of the common key data used for the decryption processing of It is supposed to be.

Data encryption device according to the invention described in any one of claims 8 in the claims of the present application to claims 1 to 4 is sequentially changed in accordance with data sequentially changes with counting A common key data sending unit for sending random data sent from a random number data generating unit that generates random data or data based on the random number data as common key data used in common for encryption processing and decryption processing The digital information data is subjected to an encryption process according to the common key data from the common key data sending unit to form encrypted information data, and from the common key data sending unit The common key data is subjected to an encryption process using the public key data to form encrypted common key data, and the encrypted information data and the encrypted common key data are decrypted. A data encryption device including a data sending unit for transmission to the data decryption device, wherein the first decryption unit performs the data decryption device when transmission of the encrypted information data is started. About the encrypted information data performed by the data decryption apparatus during the period when the common key data is not obtained, which is required for the decryption process using the secret key data for the encrypted common key data for obtaining the common key data. Instead of the common key data used for the decryption process, the initial common key data set in advance is used to perform the encryption process for the digital information data.

As described above, the data encryption method according to the invention described in any one of claims 1 to 7 in the claims of the present application, or claims 8 to 1 in the claims of the present application. In the data encryption device according to the invention described in any one of Items 4 to 4 , the data encryption device sequentially changes in accordance with the data that is sequentially changed with the counting operation, which is used for forming the encrypted information data. The random key data or the common key data that is the data based on the random number data is converted into the encrypted common key data by the encryption process using the public key data, and is encrypted separately from the encrypted information data or encrypted. It is transmitted to the data decoding device together with the information data. As a result, in the data decryption device, a random number that sequentially changes according to the data that sequentially changes with the counting operation by performing a decryption process using the secret key data for the encrypted common key data Data or data based on the random number data can be obtained and used for the decryption processing of the encrypted information data, and the common key data is stolen and the encrypted information data is invalid. The possibility of being decrypted as desired is significantly reduced.

  When the transmission of the encrypted information data is started, the encryption processing unit in the data encryption device uses the secret key data for the encrypted common key data for obtaining the common key data performed by the data decryption device. Encryption using the initial common key data set in advance instead of the common key data for decrypting the encrypted information data during the period when the common key data required for the decryption process cannot be obtained. Processing is performed. As a result, when transmission of encrypted information data is started in the data decryption device, until the original common key data is obtained by performing a decryption process using the secret key data for the encrypted common key data In this period, the initial common key data is used in place of the common key data, and the decryption process for the encrypted information data can be performed. That is, when transmission of encrypted information data is started, the data decryption apparatus performs the decryption process of the encrypted information data without waiting time, and the original digital information data is obtained.

  The best mode for carrying out the invention described in the claims of the present application will be described with reference to the following embodiments.

  FIG. 1 is a block diagram showing a data encryption method according to any one of claims 1 to 7 in the claims of the present application. An example of the data encryption device according to the invention described in any one of up to 17 and the data decryption method according to the invention described in claim 8 or 9 in the claims of the present application are implemented. The invention described in claim 10 in the claims of the present application configured to include an example of a data decoding device according to the invention described in claim 18 or claim 19 of the claims of the present application. An example of a data encryption / decryption device according to the invention described in claim 20 in the scope of claims of the present application in which such a data encryption / decryption method is implemented will be described.

  In the example of the data encryption / decryption device shown in FIG. 1, an HD-SDI signal transmission unit 31 that transmits an HD-SDI signal DHS is provided, and is transmitted from the HD-SDI signal transmission unit 31. The HD-SDI signal DHS is claimed in the claims of the present application in which the data encryption method according to any one of claims 1 to 7 in the claims of the present application is implemented. The data is supplied as input digital information data to an encryption device 32 which is an example of a data encryption device according to the invention described in any one of claims 11 to 17.

  In the encryption device 32, the HD-SDI signal DHS from the HD-SDI signal transmission unit 31 that is digital information data is supplied to the HD-SDI encryption processing unit 33. Further, the encryption device 32 is provided with a common key data sending unit 34 for sending the encryption / decryption common key data DEY, and the encryption / decryption common key data DEY from the common key data sending unit 34 is provided. Is supplied to the HD-SDI encryption processing unit 33.

  The HD-SDI encryption processing unit 33 performs encryption processing according to the encryption / decryption common key data DEY on the HD-SDI signal DHS, and encrypts encryption information data based on the HD-SDI signal DHS. An HD-SDI signal DHSE is formed and supplied to the encryption key data insertion unit 35. The encryption of the HD-SDI signal DHS in the HD-SDI encryption processing unit 33 is performed as follows, for example.

First, HD-SDI signal DHS is, it is subjected to S / P conversion, for example, is formed to include a Y data sequence and P _B / P _R data series as shown in A and B in FIG. 8, It is converted into an HD signal as shown in FIG. Next, as shown in FIG. 11, a portion including video data DVV arranged in the video data portion for each line of the HD signal and timing reference code data EAV arranged in the beginning portion of the line blanking portion. Is subjected to encryption processing in accordance with a rule defined by the encryption / decryption common key data DEY, thereby forming encrypted video data. The data other than the timing reference code data EAV among the data arranged in each line blanking section, that is, the line number data DLN, the error code data CRCC, the auxiliary data DAA, and the timing reference code data SAV are encrypted. It is combined with the encrypted video data without being processed. As a result, an encrypted HD signal including each data other than the timing reference code data EAV arranged in each line blanking section and the subsequent encrypted video data is formed. Subsequently, P / S conversion is performed on the obtained encrypted HD signal to form an encrypted HD-SDI signal DHSE.

  Further, the encryption device 32 is provided with a public key data transmission unit 36 for transmitting public key data DOY. The public key data DOY from the public key data transmission unit 36 is supplied to the encryption processing unit 37. The The encryption processing unit 37 is also supplied with the encryption / decryption common key data DEY from the common key data sending unit 34.

  In the encryption processing unit 37, an encryption process using the public key data DOY from the public key data sending unit 36 for the encryption / decryption common key data DEY from the common key data sending unit 34, that is, Encrypted according to the rules defined by the public key data DOY to form encrypted encryption / decryption common key data DXY based on the encryption / decryption common key data DEY and encrypt it This is supplied to the key data insertion unit 35.

  In the encryption key data insertion unit 35, the encrypted HD-SDI signal DHSE from the HD-SDI encryption processing unit 33 is added to the encrypted encryption / decryption common key data from the encryption processing unit 37. The DXY is inserted to form an encrypted HD-SDI signal DHSE + DXY, which is multiplexed data with the encrypted encryption / decryption common key data DXY, and is transmitted for transmission. Therefore, the encryption key data insertion unit 35 forms a data transmission unit that transmits the encrypted HD-SDI signal DHSE and the encrypted encrypted / decrypted common key data DXY.

  In this way, the encrypted HD-SDI signal DHSE + DXY accompanied by the encrypted encryption / decryption common key data DXY sent from the encryption key data insertion unit 35 is transmitted from the encryption device 32, and One end is transmitted to the other end through a data transmission path forming unit 38 connected to the encryption device 32. The data transmission path forming unit 38 is configured using, for example, a coaxial cable.

  The other end of the data transmission line forming unit 38 is provided with the data decoding method according to the invention described in claim 8 or claim 9 in the claims of the present application. 18 or 19 is connected to a decoding device 40 as an example of a data decoding device according to the invention.

  In the decryption device 40, the encrypted HD-SDI signal DHSE + DXY, which is multiplexed data accompanied by the encrypted encryption / decryption common key data DXY transmitted through the data transmission path forming unit 38, is encrypted. Supplied to the key generation data extraction unit 41. The encryption key data extraction unit 41 receives the encrypted HD-SDI signal DHSE + DXY accompanied by the encrypted encryption / decryption common key data DXY, and then encrypts the encrypted / decryption common key data DXY. And the extracted encrypted encryption / decryption common key data DXY is supplied to the decryption processing unit 42, and the encrypted HD-SDI signal DHSE is supplied to the HD-SDI decryption processing unit 43. Therefore, the encryption key data extraction unit 41 forms a data receiving unit that receives the encrypted encryption / decryption common key data DXY and the encrypted HD-SDI signal DHSE.

  In addition, the decryption device 40 is provided with a secret key data transmission unit 44 that transmits the secret key data DSY having a corresponding relationship with the public key data DOY transmitted from the public key data transmission unit 36 in the encryption device 32. The secret key data DSY sent from the secret key data sending unit 44 is supplied to the decryption processing unit 42. In the decryption processing unit 42, the secret key data DSY from the secret key data sending unit 44 is added to the encrypted encryption / decryption common key data DXY received by the encryption key data extraction unit 41. The original encryption / decryption common key based on the encrypted encryption / decryption common key data DXY by performing the decryption process used, that is, the decryption process according to the rule defined by the secret key data DSY Data DEY is reproduced and supplied to the HD-SDI decoding processing unit 43.

  In the HD-SDI decryption processing unit 43, the encrypted / decrypted common key data reproduced by the decryption processing unit 42 is added to the encrypted HD-SDI signal DHSE received by the encryption key data extraction unit 41. A decryption process according to DEY is performed to reproduce the original HD-SDI signal DHS based on the encrypted HD-SDI signal DHSE. The decryption of the encrypted HD-SDI signal DHSE in the HD-SDI decryption processing unit 43 is performed as follows, for example.

  First, the encrypted HD-SDI signal DHSE is subjected to S / P conversion to be converted into an encrypted HD signal. Next, with respect to the encrypted video data including the encrypted video data for each line of the encrypted HD signal and the subsequent encrypted timing reference code data EAV, the encrypted / decrypted common key data DEY is used. Encryption processing is performed in accordance with a predetermined rule, whereby the original video data DVV and timing reference code data EAV are reproduced. And, the data other than the timing reference code data EAV among the various data arranged in each line blanking section, that is, not encrypted, that is, line number data DLN, error code data CRCC, auxiliary data DAA and timing reference code Data SAV is combined with reproduced video data DVV and timing reference code data EAV. Thereby, the timing reference code data EAV, the line number data DLN, the error code data CRCC, the auxiliary data DAA and the timing reference code data SAV are arranged in each line blanking unit, and the video data unit in which the video data DVV is arranged is provided. The subsequent HD signal is formed. Further, the HD signal is subjected to P / S conversion to obtain an HD-SDI signal DHS.

  In this way, the HD-SDI signal DHS reproduced by the HD-SDI decoding processing unit 43 is transmitted from the decoding device 40.

  FIG. 2 shows a first specific configuration example of the common key data transmission unit 34 included in the encryption device 32 in FIG. When the first specific configuration example shown in FIG. 2 is adopted in the common key data sending unit 34, the encryption device 32 in FIG. 1 is described in claim 4 in the claims of the present application. An example of the data encryption device according to the invention described in claim 14 in the scope of claims of the present application in which the data encryption method according to the invention is implemented will be shown.

  The first specific configuration example of the common key data transmission unit 34 shown in FIG. 2 includes a timer unit 45 and a random number data generation unit 46 to which timer output data DTM from the timer unit 45 is supplied. . The random number data generation unit 46 generates the random number data DZ that changes sequentially according to the timer output data DTM that changes sequentially with the counting operation of the timer unit 45, and encrypts / decrypts the common key Send out as data DEY. That is, from the first specific configuration example of the common key data sending unit 34 shown in FIG. 2, the random number data that sequentially changes in accordance with the counting operation of the timer unit 45 and is therefore sequentially updated. DZ is obtained as encryption / decryption common key data DEY.

  FIG. 3 shows a second specific configuration example of the common key data transmission unit 34 included in the encryption device 32 in FIG. When the second specific configuration example shown in FIG. 3 is adopted in the common key data sending unit 34, the encryption device 32 in FIG. 1 is described in claim 5 in the claims of the present application. An example of the data encryption device according to the invention described in claim 15 in the scope of claims of the present application in which the data encryption method according to the invention is implemented will be shown.

  The second specific configuration example of the common key data sending unit 34 shown in FIG. 3 is employed when initial common key data is set in advance in each of the encryption device 32 and the decryption device 40. For example, when the transmission of the encrypted HD-SDI signal DHSE + DXY from the encryption device 32 to the decryption device 40 is started, the initial common key data is encrypted by the decryption processing unit 42 of the decryption device 40. When a predetermined time is required for reproduction of the original encryption / decryption common key data DEY based on the encryption / decryption common key data DXY, the encryption / decryption common key data DEY is obtained from the decryption processing unit 42. Instead of this, the HD-SDI decryption processing unit 43 uses the decryption process for the encrypted HD-SDI signal DHSE during the period when it cannot be obtained.

  In the second specific configuration example of the common key data transmission unit 34 shown in FIG. 3, in addition to the timer unit 45 and the random number data generation unit 46 similar to those shown in FIG. An initial common key data transmission unit 47 and an update common key data generation unit 48 for transmitting the set initial common key data DKI are provided. The update common key data generation unit 48 includes initial common key data DKI from the initial common key data transmission unit 47, and random number data DZ that sequentially changes in accordance with the timer output data DTM from the random number data generation unit 46. Is supplied.

  Then, the updated common key data generation unit 48 forms updated common key data DKX that will be sequentially updated with the random number data DZ based on the initial common key data DKI. The common key data sending unit 34 including the timer unit 45, the random number data generating unit 46, the initial common key data sending unit 47, and the update common key data generating unit 48 is formed in the update common data generating unit 48. The updated common key data DKY is sent as encrypted / decrypted common key data DEY. That is, from the second specific configuration example of the common key data sending unit 34 shown in FIG. 3, the random number data DZ obtained by using the initial common key data DKI and the random number data DZ from the random number data generating unit 46 are used. The updated common key data DKY that is updated according to the above is obtained as the encrypted / decrypted common key data DEY.

  FIG. 4 shows a third specific configuration example of the common key data transmission unit 34 included in the encryption device 32 in FIG. When the third specific configuration example shown in FIG. 4 is adopted in the common key data transmission unit 34, the encryption device 32 in FIG. 1 is described in claim 6 in the claims of the present application. An example of the data encryption device according to the invention described in claim 16 in the scope of claims of the present application in which the data encryption method according to the invention is implemented will be shown.

  The third specific configuration example of the common key data transmission unit 34 shown in FIG. 4 includes a counter register 71 from which register value data DR1 is obtained, a first clock signal generation unit 72 that supplies the clock signal CL1 to the counter register 71, and a counter. It includes a register 73 to which register value data DR1 obtained in the register 71 is supplied, and a second clock signal generator 74 that supplies a clock signal CL2 to the register 73. The clock signal CL1 generated by the first clock signal generator 72 has a shorter cycle than the clock signal CL2 generated by the second clock signal generator 74.

  The register value data DR1 obtained in the counter register 71 corresponds to the count value obtained by counting the clock signal CL1 supplied from the first clock signal generator 72. In the register 73, the register value data DR1 supplied from the counter register 71 is latched according to the clock signal CL2 supplied from the second clock signal generator 74, and the latched register value data DR1 is stored in the register 73. Is register value data DR2.

  At that time, the first clock signal generation unit 72 and the second clock signal generation unit 74 may be in a situation where the clock signal generation operation is always constant due to individual differences of a large number of circuit elements constituting them, differences in temperature characteristics, and the like. However, it will fluctuate slightly at each operation. Such subtle fluctuations in the clock signal generation operations of the first clock signal generator 72 and the second clock signal generator 74 are caused by fluctuations in the register value data DR1 obtained in the counter register 71, and further in register values in the register 73. This causes fluctuations in the data DR2. As a result, the register value data DR2 in the register 73 represents a complex value without regularity. In particular, after the counter register 71 is operated for a long period of time, the randomness of the value represented by the register value data DR2 in the register 73 becomes significant. In this way, the register value data DR2 in the register 73 lacks reproducibility composed of random number data of the number determined by the configuration of the register 73, which is generated according to the clock signal CL2 generated by the second clock signal generation unit 74. A random data series is formed.

  The common key data sending unit 34 including the counter register 71, the first clock signal generating unit 72, the register 73, and the second clock signal generating unit 74 is a random data series as described above obtained in the register 73. Random number data included in the register value data DR2 forming the data is sent as encrypted / decrypted common key data DEY. That is, from the third specific configuration example of the common key data sending unit 34 shown in FIG. 4, the encryption / decryption common key data DEY has a reproducibility consisting of a predetermined number of random number data issued in response to a request. The random number data included in the missing random data series is obtained as it is sequentially updated.

  FIG. 5 shows a fourth specific configuration example of the common key data transmission unit 34 included in the encryption device 32 in FIG. When the fourth specific configuration example shown in FIG. 5 is adopted in the common key data sending unit 34, the encryption device 32 in FIG. 1 is described in claim 7 in the scope of claims of the present application. An example of the data encryption device according to the invention described in claim 17 in the scope of claims of the present application in which the data encryption method according to the invention is implemented will be shown.

  The fourth specific configuration example of the common key data transmission unit 34 shown in FIG. 5 is employed when the initial common key data as described above is preset in each of the encryption device 32 and the decryption device 40. The

  In the fourth specific configuration example of the common key data sending unit 34 shown in FIG. 5, the counter register 71, the first clock signal generating unit 72, the register 73, and the like shown in FIG. In addition to the random number data generation unit 75 configured to include the second clock signal generation unit 74, an initial common key data transmission unit 76 and an update common key data generation unit 77 that transmit preset initial common key data DKI are provided. Provided. The update common key data generation unit 77 is issued upon request as described above, obtained in the initial common key data DKI from the initial common key data sending unit 76 and the register 73 from the random number data generation unit 75. Random number data included in the register value data DR2 is supplied, which forms a random number data series that is composed of a predetermined number of random number data and lacks reproducibility.

  Then, in the update common data generation unit 77, update common key data DKZ that is sequentially updated with random number data included in the register value data DR2 is formed based on the initial common key data DKI. The common key data sending unit 34 including the random number data generating unit 75, the initial common key data sending unit 76, and the update common key data generating unit 77 receives the update common key data DKZ formed in the update common data generation unit 77. And sent as encrypted / decrypted common key data DEY. That is, from the fourth specific configuration example of the common key data sending unit 34 shown in FIG. 5, the encryption / decryption common key data DEY is the request from the initial common key data DKI and the random number data generation unit 75. Random number data included in the register value data DR2 obtained by using the random number data included in the register value data DR2 that forms a random number data sequence lacking reproducibility composed of a predetermined number of random number data issued according to Thus, it is obtained as updated common key data DKZ that is updated according to the above.

  In the example of the data encryption / decryption device shown in FIG. 1 described above, the encryption device 32 includes the encryption key data insertion unit 35 and the encryption from the HD-SDI encryption processing unit 33. Encryption with encrypted encryption / decryption common key data DXY by inserting encrypted encryption / decryption common key data DXY from encryption processing unit 37 into encrypted HD-SDI signal DHSE The encrypted HD-SDI signal DHSE + DXY is formed and transmitted to be transmitted through the common data transmission path forming unit 38, and the decryption device 40 includes the encryption key data extraction unit 41. Received encrypted HD-SDI signal DHSE + DXY with encrypted encryption / decryption common key data DXY transmitted through data transmission path forming unit 38, and then encrypted encryption / decryption common key Extract data DXY However, separately from this, the encryption device 32 performs the encrypted HD-SDI signal DHSE from the HD-SDI encryption processing unit 33 and the encrypted encryption / transmission from the encryption processing unit 37. It is assumed that a data sending unit for sending the decrypted common key data DXY to be transmitted separately, and the decryption device 40 transmits the encrypted encrypted / decrypted common key data individually transmitted. A data receiving unit that receives DXY and the encrypted HD-SDI signal DHSE may be provided.

  According to the encryption device 32 constituting the example of the data encryption / decryption device shown in FIG. 1, the encryption / decryption common key data DEY used for forming the encrypted HD-SDI signal DHSE is provided. Is the encryption / decryption common key data DXY encrypted by the encryption process using the public key data DOY, and the encrypted HD-SDI signal DHSE or the encrypted HD-SDI signal DHSE Are sent separately. Therefore, the encrypted encryption / decryption common key data DXY is subjected to decryption processing using the secret key data DSY to reproduce the original encryption / decryption common key data DEY and Under the assumption that the HD-SDI signal DHSE can be used for decryption, the encrypted / decrypted common key data DEY is stolen and the encrypted HD-SDI signal DHSE is undesirably decrypted. The fear is significantly reduced.

  In addition, according to the decryption device 40 constituting the example of the data encryption / decryption device shown in FIG. 1, the encryption / decryption common key data DXY encrypted by using the public key data DOY is The decryption process using the secret key data DSY is performed to reproduce the original encryption / decryption common key data DEY, which is used for the decryption process of the encrypted HD-SDI signal DHSE. As a result, the original HD-SDI signal DHS can be reliably reproduced from the encrypted HD-SDI signal DHSE transmitted in a state where the possibility of undesired decryption is significantly reduced.

  As is apparent from the above description, the data encryption method according to any one of claims 1 to 7 and any one of claims 11 to 17 in the claims of the present application. A data encryption device according to the invention described in claim 8, a data decryption method according to the invention described in claim 8 or claim 9, a data decryption device according to the invention described in claim 18 or claim 19, Each of the data encryption / decryption method according to the invention described in claim 10 and the data encryption / decryption device according to the invention described in claim 20 is configured such that the digital information data is shared key data or a common key. Data corresponding to the common key data or the common key data for performing encrypted transmission using encryption and decryption using data corresponding to the data, and further receiving and decrypting processing. The transmitted common key data or the data corresponding to the common key data is stolen while being transmitted from the encryption processing unit side to the decryption processing unit side. The possibility that the digital information data is undesirably decrypted can be remarkably reduced, and can be widely applied to encrypted transmission / reception decoding processing of digital information data such as HD-SDI signals.

Any of claims 11 to 17 in the claims of the present application in which the data encryption method according to any of claims 1 to 7 in the claims of the present application is implemented. An example of a data encryption device according to the invention described in claim 1, and a claim of the present application in which the data decryption method according to the invention described in claim 8 or claim 9 in the claim of the present application is implemented The data encryption according to the invention described in claim 10 in the claims of the present application, comprising one example of the data decryption device according to the invention described in claim 18 or claim 19 It is a block connection diagram showing an example of a data encryption / decryption device according to the invention described in claim 20 in the scope of claims of the present application in which the decryption method is implemented. It is a block block diagram which shows the 1st specific structural example of the common key data transmission part contained in the encryption apparatus in FIG. It is a block block diagram which shows the 2nd specific structural example of the common key data transmission part contained in the encryption apparatus in FIG. It is a block block diagram which shows the 3rd specific structural example of the common key data transmission part contained in the encryption apparatus in FIG. It is a block block diagram which shows the 4th example of a specific structure of the common key data transmission part contained in the encryption apparatus in FIG. It is a block block diagram which shows the basic composition of the encryption transmission system by a DES system. It is a block block diagram which shows the basic composition of the encryption transmission system by a RSA system. It is a conceptual diagram with which an example of the data format of HD signal is provided. It is a conceptual diagram with which an example of the data format of HD signal is provided. It is a block block diagram which shows the example of the encryption transmission system considered in the case of the encryption transmission about an HD-SDI signal. It is a conceptual diagram which shows the data format of HD signal. It is a block block diagram which shows the example of the encryption transmission system considered in the case of the encryption transmission about an HD-SDI signal.

Explanation of symbols

  31: HD-SDI signal transmission unit, 32: Encryption device, 33: HD-SDI encryption processing unit, 34: Common key data transmission unit, 35: Insertion of encryption key data 36, public key data sending unit, 37 ... encryption processing unit, 38 ... data transmission path forming unit, 40 ... decryption device, 41 ... encryption key data extraction unit, 42 ... Decryption processing unit, 43 ... HD-SDI decryption processing unit, 44 ... Secret key data transmission unit, 45 ... Timer unit, 46, 75 ... Random number data generation unit, 47 76... Initial common key data sending unit 48. 77. Update common key data generating unit 71... Counter register 72. First clock signal generating unit 73. ... Second clock signal generator

Claims (14)

Random number data sent from a random number data generator that generates random data that changes sequentially according to data that changes sequentially with the counting operation, or data based on the random data is used as the common key data. To form encrypted digital information data, and
The common key data is subjected to an encryption process using public key data to form encrypted common key data,
A data encryption method in a data encryption device for transmitting the encrypted digital information data and the encrypted common key data to a data decryption device,
Decryption process using secret key data for the encrypted common key data to obtain the common key data performed by the data decryption apparatus when transmission of the encrypted digital information data is started Instead of the common key data used for the decryption process for the encrypted digital information data performed by the data decryption device during the period in which the common key data is not obtained. A data encryption method, wherein an encryption processing unit in the data encryption device performs encryption processing on the digital information data using the initial common key data.   2. The data encryption method according to claim 1, wherein the encrypted digital information data and the encrypted common key data are transmitted to be transmitted through a common data transmission path.   2. The data encryption method according to claim 1, wherein the encrypted common key data is inserted into the encrypted digital information data to obtain multiplexed data, and the multiplexed data is transmitted.   2. The data encryption method according to claim 1, wherein the random number data generation unit generates random number data that changes in accordance with timer output data, and uses the random number data as the common key data.   The random number data generation unit generates random number data that changes according to timer output data, obtains updated common key data that is updated according to the random number data using the random number data and the initial common key data, and the update 2. The data encryption method according to claim 1, wherein the common key data is the common key data.   The random number data generation unit generates a random number data sequence lacking reproducibility composed of a predetermined number of random number data issued upon request, and the random number data included in the random number data sequence is used as the common key data The data encryption method according to claim 1.   The random number data generation unit generates a random number data sequence lacking reproducibility consisting of a predetermined number of random number data issued upon request, and uses the random number data and the initial common key data to generate the random number data sequence. 2. The data encryption method according to claim 1, wherein updated common key data that is updated according to the included random number data is obtained, and the updated common key data is used as the common key data. Random number data sent from a random number data generation unit that generates random number data that changes sequentially according to data that changes sequentially with the counting operation, or data based on the random number data is encrypted and decrypted A common key data sending unit for sending common key data used in common,
A first encryption processing unit that performs encryption processing on the digital information data according to the common key data from the common key data sending unit to form encrypted digital information data;
A second encryption processing unit that performs encryption processing using public key data on the common key data from the common key data sending unit to form encrypted common key data;
A data sending unit for transmitting the encrypted digital information data and the encrypted common key data to a data decryption device;
A data encryption device comprising:
When the first encryption processing unit starts transmission of the encrypted digital information data, the encrypted common key data for obtaining the common key data performed by the data decryption apparatus Commonly used for the decryption process for the encrypted digital information data performed by the data decryption apparatus during the period when the common key data is not obtained, which is required for the decryption process using the private key data of A data encryption apparatus for performing encryption processing on the digital information data using preset initial common key data instead of key data. 9. The data encryption according to claim 8 , wherein the data sending unit sends the encrypted digital information data and the encrypted common key data to be transmitted through a common data transmission path. apparatus. The data sending unit includes an encrypted key data inserting unit that inserts the encrypted common key data into the encrypted digital information data to obtain multiplexed data, and sends the multiplexed data 9. The data encryption device according to claim 8, wherein The common key data transmission unit includes a timer unit and a random number data generation unit that obtains random number data that changes in accordance with timer output data from the timer unit, and the random number data obtained from the random number data generation unit 9. The data encryption apparatus according to claim 8, wherein the common key data is used. The common key data transmission unit includes an initial common key data transmission unit that transmits the initial common key data, a timer unit, and a random number data generation unit that obtains random number data that changes according to timer output data from the timer unit; An updated common key that obtains updated common key data that is updated according to the random number data using the initial common key data sent from the initial common key data sending unit and the random number data obtained from the random number data generating unit 9. The data encryption device according to claim 8 , further comprising a data generation unit, wherein the update common key data obtained from the update common key data generation unit is the common key data. The common key data sending unit is configured to include a random number data sequence generating unit that generates a random number data sequence lacking reproducibility consisting of a predetermined number of random number data in response to a request, and is issued from the random number data sequence generating unit 9. The data encryption apparatus according to claim 8, wherein random number data included in the random number data series is used as the common key data. The common key data sending unit generates the random number data sequence that generates the non-reproducible random number data sequence composed of a predetermined number of random number data upon request and the initial common key data sending unit that sends the initial common key data And the initial common key data transmitted from the initial common key data transmission unit and the random number data sequence generated from the random number data sequence are updated according to the random number data included in the random number data sequence. is configured to include an update common key data generating portion for obtaining an updated common key data, according to claim 8, wherein the to the update common key data obtained from the update common key data generation unit and the common key data Data encryption device.