JP5059343B2 - Stream generating method and broadcast receiving apparatus - Google Patents

Description

  The present invention relates to a stream encryption stream generation method and a broadcast receiving apparatus.

In recent years, digital broadcasting for portable terminals has been put into practical use. As a program data encryption method for digital broadcasting for mobile terminals, considering the processing capability of mobile terminals, the processing load is lighter than that of block encryption methods generally used in content distribution such as the Internet. A stream encryption method (for example, see Patent Document 1) that is easy to implement is considered preferable. In the stream encryption method, it is necessary to match the state of the stream encryption algorithm of both the encryption device and the decryption device, and it is necessary to initialize the algorithm periodically for normal decryption.
JP 2001-308846 A

  Broadcast programs encrypted (scrambled) using such a stream encryption method are charged for each program such that the user pays a fee for each program, obtains a decryption key, and uses this key to view the program. System broadcasting is assumed. Therefore, in the case of such a program-based billing system broadcasting, a key for an encrypted program desired to be viewed is purchased in advance by referring to a program guide or EPG of a newspaper, and broadcasting is started. I have to wait for it. For example, when broadcasting of a “paid encrypted program” for which the user has not purchased a key has started, even if the key was purchased after the program started, the fee was paid, but the beginning of the program was missed. In some cases, this is extremely inconvenient and disadvantageous for the user. Further, for the program provider, a slight timing shift may cause the program to be paid for viewing or to lose the opportunity to sell the program to potential users who are willing to pay.

  In addition, when purchasing a key in advance, the pay program may be missed, or the mobile broadcast receiving terminal may be moved, resulting in poor radio wave reception and poor reception. There is a risk that the user will be wasted, and it is difficult for the user to purchase the key in advance. In the fixed type broadcast receiving apparatus, the timer recording can be used for reliable viewing. However, as described above, a mobile broadcast receiving terminal, typically a mobile phone equipped with a one-segment broadcast receiving function, always moves with the user. Therefore, it is extremely difficult to ensure that timer recording can be performed reliably. The user has time and willingness to watch the pay program without fail, and a timing at which a sufficient time can be secured for the key acquisition work (generally, broadcasting of the program immediately before the pay program) Middle, that is, just before the start of the pay program)), it is only necessary to determine the willingness to purchase the key and smoothly purchase and view the key, but no such technique has been developed. .

In order to solve the above-mentioned problems, the stream generation method according to the first invention is:
A key identifier (identifier for the current program) for decrypting the stream encryption data of the current program (that is, data encrypted by the stream encryption method) is used as an initialization packet for initializing the stream encryption algorithm. Store and insert the initialization packet into a stream (such as a transport stream or a program stream), and a predetermined initialization packet among the initialization packets is followed by the next program (that is, the next program, and the subsequent program). A key identifier (identifier for a subsequent program) for decrypting stream cipher data of some programs) is stored;
(Furthermore, a stream including a packet including the stream encryption data of the current program and the initialization packet is generated)
It is characterized by that.

The stream generation method according to the second invention is
The method further includes storing a key identifier for decrypting the stream cipher data after the next program in the initialization packet at predetermined intervals.

The stream generation method according to the third invention is
The method further comprises a step of storing an identifier of a key (identifier for a subsequent program) for decrypting stream cipher data after the next program in an initialization packet inserted at the end of the stream. .
Here, it is preferable to store a start notice flag for notifying the start of a program after the next program in the predetermined initialization packet. The receiver can monitor the start notice flag and easily take a timing to confirm whether or not the key of the subsequent program has been acquired.

As described above, the solving means of the present invention has been described as a method. However, the present invention can also be realized as a device (system), a program, and a storage medium storing the program, which are substantially equivalent to these. It should be understood that these are included in the scope of the invention.
For example, a broadcast receiving apparatus according to a fourth invention that realizes the present invention as an apparatus is as follows:
Stores an initialization packet that stores an initial value for initializing the stream encryption algorithm and a key identifier (identifier for the current program) for decrypting the stream encryption data of the current program, and the stream encryption data Receiving means (such as a circuit) for receiving the encrypted packet,
Storage means (memory) for storing a key for decrypting the stream cipher data;
A key for initializing the stream cipher algorithm using the initial value stored in the received initialization packet and decrypting the stream cipher data of the current program stored in the received initialization packet A key corresponding to the identifier of the current program (identifier for the current program) is obtained from the storage means, and using the key, the decryption means (circuit, software module) for decrypting the stream cipher data stored in the encrypted packet CPU that executes instructions)
(Monitoring means for monitoring whether or not the initialization packet stores a key identifier (identifier for a subsequent program) for decrypting stream cipher data after the next program)
When the initialization packet stores a key identifier for decrypting stream cipher data after the next program (an identifier for the subsequent program), a key corresponding to the identifier is stored in the storage means. Control means (i.e., a CPU that executes instructions of the software module) that controls the notification means (i.e., display means, audio output means, vibration means, etc.) to determine whether or not to notify the determination result;
Is provided.

A broadcast receiving apparatus according to a fifth invention is
Program information storage means for storing program information (such as an EPG included in a packet constituting a stream or acquired via a network using a communication means);
The control unit controls the notification unit to report the determination result in association with the program information corresponding to the identifier of the program information stored in the program information storage unit.
It is characterized by that.
Here, the program information storage means may be configured in common with the storage means.

  According to the present invention, there is time to watch a pay program, and a timing at which a sufficient time can be secured for key acquisition work (for example, during the broadcast of a program before the pay program, that is, It is possible to determine whether or not a key has been purchased immediately before the start), determine the willingness to purchase the key at that time, and provide the user with a framework that allows them to purchase and view the key smoothly. improves. In addition, the program provider (broadcaster or program production company) will be able to purchase a program that has been lost due to a slight timing gap, that is, a program that has not purchased a key. It is possible to provide an opportunity to sell a pay program to a “potential user who is highly likely”. In particular, since a mobile broadcast receiving device (typically, a mobile phone terminal device with a TV receiving function) moves, the broadcast receiving state cannot be determined unless it is just before viewing the program, or the location is changed. Regardless of the time, there are many cases where users can easily start watching broadcasts when there is enough time, and the benefits of being able to decide whether or not to purchase a key at the above timing are very large for both the user and the program provider. .

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. FIG. 1 is a block diagram of a broadcasting system composed of a broadcasting device (encryption device) and a broadcasting receiving device suitable for using the stream generation method according to the present invention. As shown in the figure, the broadcasting system of this embodiment includes a broadcasting device (encryption device) 100 and a broadcast receiving device (decryption device) 200. The broadcast device (encryption device) 100 includes a header conversion unit 110, an IV packet insertion unit 120, an encryption unit 130, a transmission unit 140, and an antenna ANT1. The header conversion unit 110 performs header conversion of the transport packet (TS packet). The TS packet conforms to ISO / IEC 13818-1 (MPEG-2 system standard). The header conversion unit 110 rewrites the value of the transport_scrambling_control field in the header of the TS packet. The values “01”, “10”, and “11” in the transport_scrambling_control field indicate that encryption is performed. A value “00” in the transport_scrambling_control field indicates that encryption is not performed.

  The IV packet insertion unit 120 generates an initialization packet (IV packet) that stores an initial value (IV: initialization vector) used for initialization of the stream encryption algorithm at an initialization interval of the stream encryption algorithm. Further, the IV packet insertion unit 120 stores the key ID in the IV packet. There are two types of key IDs, “Current” and “Next”. The key ID “Current” is an identifier of a key currently in use. The key ID “Next” is an identifier of a key to be used next. The IV packet insertion unit 120 inserts the generated IV packet into the TS packet sequence output from the header conversion unit 110.

  FIG. 2 shows a configuration example of an IV packet used in the system of FIG. In this example, the IV packet is configured as a kind of TS packet. In FIG. 2, a value “0x889 (hexadecimal number)” representing an IV packet is stored in the PID field in the header. The value of the transport_scrambling_control field is “00”. That is, the IV packet is not encrypted. Further, in this example, the adaptation_field_control field is fixed to “01”, and the adaptation_field is absent.

  In FIG. 2, the data_byte field stores IV (iv), ID1 (id_current) indicating the identifier of the current key, and ID2 (id_next) indicating the identifier of the key of the next program. A plurality of IVs (iv [n]; n is an integer of 0 or more) can be stored. When storing a plurality of IVs, a set of iv_tsc_flag [n] and iv [n] is formed. Each iv [n] is used to initialize a stream encryption algorithm in the corresponding stream encryption process.

  Also, the initialization interval can be changed for each iv [n]. In this case, only iv [n] that is the initialization timing is stored in the IV packet. The initialization interval corresponding to each iv [n] corresponds to the corresponding stream encryption process. For example, an initialization interval corresponding to the media type of data to be encrypted is used. Examples of the media type include voice, image, and data.

  In the example of FIG. 2, the unused area in the data_byte field is filled with “0xff (hexadecimal number)”. Also, “Cyclic Redundancy Check: CRC” (CRC_32) for error detection is stored in the data_byte field. If an error is detected as a result of the CRC check on the IV packet receiving side, the IV packet is discarded.

  Returning to the description of FIG. 1, the encryption unit 130 performs stream encryption on the TS packet string after the IV packet is inserted. This encryption target is TS packets whose transport_scrambling_control field values are “01”, “10”, and “11”. Note that the header of the TS packet is not encrypted. The IV packet is not encrypted because the value of the transport_scrambling_control field is “00”.

  In the stream encryption process, when the encryption unit 130 finds an IV packet (PID field value is “0x889 (hexadecimal))” in the TS packet sequence, the encryption unit 130 reads the IV from the found IV packet. Then, the stream encryption algorithm is initialized using the read IV. That is, after the stream encryption algorithm is initialized at the position of the IV packet in the TS packet sequence, the stream encryption is performed on the TS packets to be encrypted after the IV packet. In the initialization of the stream encryption algorithm, the current program key identifier ID1 (id_current) and the next program key identifier ID2 (id_next) are read from the IV packet to prepare a key for stream encryption.

  In addition, the encryption unit 130 can have a plurality of stream encryption processes [n]. Each stream encryption process [n] initializes a stream encryption algorithm using a corresponding IV (iv [n]). In each stream encryption process [n], the TS packet to be encrypted is determined based on the PID field value. In addition, the encryption unit 130 outputs the TS packet sequence including the IV packet and the encrypted TS packet to the transmission unit 140 in the order in which the TS packet sequence is received from the IV packet insertion unit 120. The transmission unit 140 transmits (broadcasts) the TS packet sequence (stream cipher data) received from the encryption unit 130 via the antenna ANT1.

  Next, the configuration of the broadcast receiving device (decoding device) 200 will be described. As shown in FIG. 1, a broadcast receiving device (decoding device) 200 includes an ANT2, a receiving unit 210, a sensitivity detecting unit 212, a packet sorting unit 220, an IV packet reading unit 230, a decoding unit 240, a control unit 250, and a playback unit 260. A key acquisition unit 270, a memory M1, and a memory M2. The receiving unit 210 receives a TS packet sent from the broadcast device (encryption device) 100. The receiving unit 210 performs error detection and error correction processing on the received TS packet. At this time, the IV packet in which an error is detected by the CRC check is discarded. Further, the sensitivity detection unit 212 detects the reception sensitivity of the carrier wave that carries the stream cipher data received by the reception unit 210 and passes it to the control unit 250. Based on the reception sensitivity, the control unit 250 does not allow the key acquisition unit 270 to acquire a key when the reception sensitivity does not exceed a threshold value that can guarantee program viewing. When the control unit 250 permits the key acquisition, the key acquisition unit 270 acquires a decryption key from the key supply server KES via the network NE (such as the Internet).

  The packet distribution unit 220 distributes the TS packet output from the reception unit 210 to each destination according to the PID field value in the header. Here, the IV packet (PID field value “0x889 (hexadecimal number)”) is output to the packet distribution unit 230. The encrypted TS packet (transport_scrambling_control field values “01”, “10”, and “11”) is output to the decryption unit 240 corresponding to the PID field value. Other TS packets that are not encrypted are output from the broadcast receiving apparatus (decryption apparatus) 200 as they are.

  The packet reading unit 230 reads the IV and the key IDs “Current” (id_current) and “Next” (id_next) from the IV packet. From the read key IDs “Current” (id_current) and “Next” (id_next), a key to be used for decoding the stream cipher is prepared. Then, the prepared key and IV are output to the decryption unit 240. If a plurality of IVs (iv [n]) are stored in the IV packet, each iv [n] is output to the decoding unit 240 having the corresponding stream decoding process [n].

  The decryption unit 240 receives the encrypted TS packet from the packet sorting unit 220 and decrypts the stream cipher. In the decryption process of the stream cipher, when receiving the IV and the key from the packet reading unit 230, the decryption unit 240 initializes the stream cipher algorithm using the IV. Next, when the initialization is completed, a stream cipher decryption process is started using the key received from the packet reading unit 230. That is, after the stream cipher algorithm is initialized at the position of the IV packet in the received TS packet sequence, the stream cipher is decrypted for the encrypted TS packets after the IV packet.

  The decoding unit 240 includes an image decoding unit 240A, an audio decoding unit 240B, and a data broadcast decoding unit 240C, and outputs each decoded TS packet to the reproduction unit 260.

  In the reproduction unit 260, the decoded TS packet is reproduced. In the example of FIG. 1, the playback unit 260 includes an image playback control unit 260A, an audio playback control unit 260B, and a data broadcast display control unit 260C. The image reproduction control unit 260A, the audio reproduction control unit 260B, and the data broadcast display control unit 260C control reproduction of the TS packets output from the corresponding decoding units 240, respectively, and reproduction is performed by the display 260D and the speaker 260E. The configuration of the playback unit 260 shown in FIG. 1 is an example, and the media type and the like can be changed as appropriate. The control unit 250 controls the entire broadcast receiving apparatus 200.

  According to the above-described embodiment, the state of the stream encryption algorithm in the encryption process and the state of the stream encryption algorithm in the decryption process can be matched by the IV packet. Therefore, even if the encrypted TS packet is lost due to a transmission error or the like and the state of the stream encryption algorithm in both the encryption process and the decryption process is temporarily inconsistent, the encryption is performed when the next IV packet is received. The state of the stream encryption algorithm in both the process and the decryption process matches, and normal decryption can be resumed. As a result, in the stream encryption method, it is possible to enhance resistance to transmission data loss due to a transmission error or the like.

  FIG. 3 is a timing chart (arrangement order) of packets constituting a stream generated by the stream generation method (apparatus) according to the present invention. As shown in the figure, a stream for program A is first generated, and then a stream for program B is generated. An initialization vector IV1 including only id_current which is the identifier of the current program key is arranged at the beginning of the program A (that is, a packet storing IV1), and thereafter, a similar initialization vector is periodically inserted into the stream for initialization. N initialization vectors are arranged from vector IV1 to IVn. When the start of program B is approaching, a predetermined timing (below a predetermined time until the start of program B, or the number of remaining packets until packet transmission of program B becomes a predetermined number or less, or is encrypted (scrambled). The packet including two identifiers of id_current and id_next which is the identifier of the key of the next program is arranged as in the initialization vector IVn + 1. By monitoring the existence of the identifier id_next of the next program, the receiving device side can easily know that the start of the next program B is approaching. Whether or not the key has been purchased is inspected, the user is notified of whether or not the key has been purchased, and if the key has not been purchased, the user can be prompted to purchase.

  FIG. 4 is a flowchart showing each process of the stream generation method according to the present invention. As shown in the figure, in step S10, the ID (identifier) of the key of the current program is stored in the IV packet. After storing, the IV packet is inserted into the stream (S12). In step S14, it is determined whether or not the start time of the next program is within 5 minutes, and steps S10 and S12 are repeated until the condition is satisfied. If it is determined in step S14 that the next program is within 5 minutes before the start of the next program, the process proceeds to step S16, and the ID of the key of the next program is stored in the IV packet in addition to the ID of the key of the current program. An IV packet including one ID is inserted into the stream (S18).

  FIG. 5 is a diagram showing a screen configuration example of the broadcast receiving apparatus according to the present invention. As shown in the figure, the video of the current program “Sunday Golf” is displayed in the video display area P1. It is displayed in the current program field D1 in the data display area D that the current program is a program that requires a key (regardless of whether it is paid or free) and the key K1 has already been acquired). In this example, the screen display after the start of the next program “cooking ordinary person” is approaching and a packet including the key identifier of the next program is detected. It is displayed in the next program field D2 that the key K2 of the next program has not been acquired. Further, it is displayed in the next program field D3 that the key K3 of the next program “Quiz Special Q” has been acquired. In the video display area P1, a message C1 is displayed that notifies the user that the key of the next program has not been acquired and prompts the user to acquire (purchase) the key. A user who decides to purchase a key by looking at this display presses the soft key SK1, and a user who does not purchase presses the soft key SK2.

  FIG. 6 is a block diagram showing a configuration of a digital broadcasting system for mobile terminals to which the present invention is applied. In FIG. 6, the user acquires in advance a decryption key corresponding to the content to be viewed from the pseudo license purchase server 500 via the network NE. In the mobile terminal 400, the key acquisition module 410 accesses the pseudo license purchase server 500 via the network NE such as the Internet and downloads the decryption key. The decryption key is supplied to the content decryption module 420. The decryption key may be paid or free.

  In the broadcasting station 300, the TS stream generation tool 310 with the IV TS packet inserted inserts the generated IV packet (IV TS packet) into the TS packet sequence (TS stream) composed of TS packets storing the content. To do. The TS stream into which the IV packet is inserted (the TS stream into which the IV TS packet has been inserted) is subjected to stream encryption by the TS stream encryption tool 320. The encrypted TS stream with the IV TS packet inserted is transmitted on the digital broadcast wave by the broadcast wave transmission device group 330.

  In the portable terminal 400, the digital TV (television) application 440 receives the “encrypted TS stream with IV TS packet inserted” on the digital broadcast wave. The content decryption module 420 performs stream cipher decryption on the received “TS stream into which the encrypted IV TS packet has been inserted”. The content included in the decrypted TS stream is reproduced by each media decoder 430 for each media type.

  Next, the processing procedure of the content decryption module 420 will be described. As shown in FIG. 6, the decoding module processing procedure includes an initialization step T1 and a decoding step K2. First, in the initialization step T1, initialization is performed using the decryption key received from the key acquisition module 410 and the IV in the IV packet included in the received “TS stream with IV TS packet inserted after encryption”. Undecrypted decoding module 420A is initialized to obtain initialized decoding module 420B. The decryption modules 420A and 420B have a stream encryption algorithm.

  Next, in the decryption step T2, the encrypted text of the stream cipher system is decrypted by the initialized decryption module 420B, and the plaintext of the decryption result is output in the stream format. The ciphertext of the stream cipher system is acquired from the encrypted TS packet included in the received “TS stream into which the encrypted IV TS packet has been inserted”. If an IV is acquired by receiving a new IV packet during the execution of step K2, the process returns to the initialization step T1, and the decoding module 420A is initialized again.

  According to the present embodiment, the TS packet for storing the stream cipher data is lost due to a transmission error of the broadcast data in digital broadcasting, and the state of the stream cipher algorithm on both the broadcasting station side and the portable terminal side becomes inconsistent. Even if the reception status of the digital broadcast becomes unstable, the status of the stream encryption algorithm on both the broadcasting station side and the portable terminal side is matched by the subsequent IV packet, so that the reception status of the digital broadcast is good Can be recovered. Thereby, it becomes possible to contribute to the quality improvement of the digital broadcasting for portable terminals.

  Although the present invention has been described based on the drawings and examples, it should be noted that those skilled in the art can easily make various modifications and corrections based on the present disclosure. Therefore, it should be noted that these variations and modifications are included in the scope of the present invention. For example, functions included in each member, each means, each step, etc. can be rearranged so as not to be logically contradictory, and a plurality of means, steps, etc. can be combined or divided into one. Is possible.

It is a block diagram of a broadcasting system composed of a broadcasting device (encryption device) and a broadcasting receiving device suitable for use with the stream generation method according to the present invention. It is a figure which shows the structural example of IV packet used with the system of FIG. It is a timing chart of the packet which comprises the stream produced | generated by the stream production | generation method (apparatus) by this invention. It is a flowchart which shows each process of the stream production | generation method by this invention. It is a figure which shows the example of a screen structure of the broadcast receiver by this invention. It is a block diagram which shows the structure of the digital broadcasting system for portable terminals to which this invention is applied.

Explanation of symbols

100 Broadcast equipment (encryption equipment)
110 Header converter
120 packet insertion part
130 Encryption section
140 Transmitter
200 Broadcast receiver (decoder)
210 Receiver
212 Sensitivity detector
220 Packet sorter
230 Packet reading part
240 Decryption unit
240A image decoder
240B audio decoder
240C Data broadcasting decoder
250 Control unit
260 Playback section
260A Image playback controller
260B audio playback controller
260C Data Broadcast Display Control Unit
260D display
260E Speaker
270 Key acquisition part
KES key supply server
M1, M2 memory
ANT1, ANT2 antenna
ID1, ID2 Key identifier A Current program B Next program
IV1-n, n + 1 initialization vector
P1 video display area
C1 message
D Data display area
D1 Current program field
D2 next program field
D3 Next program field
SK1, SK2 soft key
K1, K2, K3 key
300 broadcast station
310 Stream generation tool
320 Stream encryption tool
330 Broadcast wave transmission device group
400 mobile devices
410 Key acquisition module
420 Content decryption module
420A decryption module (no initialization)
420B decryption module (initialized)
430 Media decoder
440 Digital TV app
500 pseudo license purchase server
NE network

Claims (5)

An identifier of a key for decrypting the stream encryption data of the current program is stored in an initialization packet for initializing the stream encryption algorithm, the initialization packet is inserted into the stream, and among the initialization packets A key identifier for decrypting stream cipher data after the next program is stored in a predetermined initialization packet.
A stream generation method characterized by the above. The stream generation method according to claim 1,
A stream generation method comprising storing an identifier of a key for decrypting stream cipher data after the next program in the initialization packet at predetermined intervals. The stream generation method according to claim 1,
A stream generation method comprising storing an identifier of a key for decrypting stream cipher data after the next program in an initialization packet inserted at the end of the stream. An initialization packet storing an initial value for initializing the stream encryption algorithm, and an identifier of a key for decrypting the stream encryption data of the current program, and an encryption packet storing the stream encryption data; Receiving means for receiving
Storage means for storing a key for decrypting the stream cipher data;
A key for initializing the stream cipher algorithm using the initial value stored in the received initialization packet and decrypting the stream cipher data of the current program stored in the received initialization packet A decryption unit that obtains a key corresponding to the identifier of the stream encryption data stored in the encrypted packet using the key;
If the initialization packet stores an identifier of a key for decrypting stream cipher data after the next program, it is determined whether or not a key corresponding to the identifier is stored in the storage means; Control means for controlling the notification means so as to notify the determination result;
A broadcast receiving apparatus comprising: The broadcast receiving device according to claim 4,
Program information storage means for storing program information;
The control unit controls the notification unit to report the determination result in association with the program information corresponding to the identifier of the program information stored in the program information storage unit.
A broadcast receiver characterized by that.

Images