JPH09149022A - Digital data communication system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To protect a copyright by inhibiting illegal use of digital data from a disk in a personal computer(PC) system including a disk driver and a reproduction board connecting to a CPU bus. SOLUTION: A drive 1 (reproduction board 2) is provided with a random number generator 9 (12) of the same system, a random number as an initial value is transferred from the reproduction board 2 to the drive 1, a random number resulting from ciphering only head data of a sector from the drive 1 is returned and a time required for return has a limit. Then sector data including the head data are transferred and a discrimination device 16 discriminates the coincidence with the head data to inhibit the use of illegal data thereby preventing copy of data with the copyright on the PC.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a digital data communication system which is effective in preventing unauthorized use of digital communication services, and particularly effective in preventing the copying of copyrighted digital data.

[0002]

2. Description of the Related Art With the recent development of recording technology, it has become possible to record several gigabytes of data on a small optical disk, and image compression technology makes it possible to digitally record a movie on the optical disk. It was On the other hand, with the development and popularization of personal computers (hereinafter abbreviated as PC), a method of playing a movie recorded on the optical disc on a monitor of the PC has appeared. In this usage mode, a drive device for reading an optical disk (hereinafter abbreviated as a drive) and a reproduction board for decompressing and displaying compressed and recorded image data are connected to a bus of a PC, and an image is transmitted via this bus. Data will be transferred.

Since the image quality of a digital copy does not deteriorate due to duplication, a function suitable for duplicating or altering data on a PC is used to drive a hard disk drive (hereinafter referred to as H
It is possible to copy the image data onto a magnetic tape (abbreviated as DD) or to another PC. However, since the movie software is copyrighted and is prohibited from being copied or altered, it is necessary to prevent the copying function of the PC from effectively functioning.

When playing a movie on a PC, image data is transmitted through a bus, so the problem of copy protection results in the problem of wiretapping prevention on a bus type transmission line. Since it is difficult to detect and prevent passive interception on the bus type transmission line, it is common to perform encrypted communication to encrypt the data so that the intercepted data cannot be used. , The sender and the receiver need to share secret information called a key.

The secret code number system, which is also called a password system, and the encryption system are the same in that secret information is requested. Japanese Unexamined Patent Publication No. 2-67067 proposes a method of requesting a personal identification number and rejecting the connection when the returned personal identification numbers do not match or there is no response within a fixed time. In Japanese Patent Laid-Open No. 3-109850, in order to reduce the probability that a correct personal identification number is accidentally input by trial and error, whether a correct personal identification number with the correct number of digits has been input when a certain time has elapsed from the start of input. Has been proposed only once. Neither patent gives detailed instructions on how to set the time,
It is reasonable to assume that the average user sets the maximum time required to input the personal identification number.

FIG. 2 is a block diagram of a conventional example. 21 is a CPU, 22 is a bus, 23 is a drive, 24 is a reproduction board, 25 is an HDD, and 26 is a bus monitoring board. In the operation of this conventional example, the CPU 21 inputs and updates the key to the drive 23 and the reproduction board 24 via the bus 22 according to the software, and the drive 23 uses the key to encrypt and transmit the data, and the reproduction board 24. Is to restore data using a key. In this method, data is stored in the HDD 25
Even if you try to transfer the data from the HDD 25 to the playback board 24 later, the key used for encryption cannot be input to the playback board 24 unless the software that generates the key performs exactly the same operation as the previous time. Normal playback cannot be performed. However, when the user connects the bus monitoring board 26 to the bus, the bus monitoring board 26 detects the writing of the key to the reproduction board 24, fetches the key, and records the data in the HDD 25, the bus monitoring board 2
If the key taken in by 6 is also recorded, when the data is transferred from the HDD 25 to the reproducing board 24 later, the key used at the time of encryption is given to the reproducing board 24, so that normal reproduction can be performed.

[0007]

As described above, in a system for reproducing a movie or the like based on copyrighted images and audio data on a PC, the encryption key must be kept secret. The PC user does not have the right to copy the image and audio data recorded with the movie or the like on the disc, but has the right to reproduce the movie or the like from the image and the voice data stored on the disc.

Since the drive and the reproduction board need to share the same key, it is necessary to input the key to the drive and the reproduction board by some means. With the method in which the same key is input in advance at the time of shipment and it is not changed thereafter, even if the data output from the drive is once copied to the HDD and input from the HDD to the playback board, the data directly input from the drive to the playback board Since there is no way to distinguish it, the movie is played as in normal playback. If playback from the HDD is possible, another P that copied the data on the HDD
The method using a fixed key is not effective as copy protection because C can also be used for reproduction.

Even when the method of updating the key during the reproduction of the movie is used, the key is exchanged between the drive and the reproduction board by the PC.
The key can be obtained by monitoring the flow of data in the PC since it is performed inside the PC.

Therefore, in order to provide effective copy protection, it is not enough to simply encrypt the data. It is reproduced that the data input to the reproduction board is the same as the data output immediately before from the drive. A communication method that allows the board to be confirmed is required. Further, in the worst case, it is desirable that the reproduction board is extremely difficult to be tricked even if the secret about the encryption and the key is exposed to the PC user.

The present invention solves the above-mentioned conventional problems. Even when the key updating procedure is imitated, the time required for updating the key is checked to reject the communication and prevent the copying of the digital data. An object is to provide a digital data communication system to be realized.

[0012]

In order to solve the above-mentioned problems, in the digital data communication system of the present invention, initial values are determined for the first device and the second device connected via a line. After that, a first random number generator and a second random number generator that sequentially generate the same random number are arranged, and the random number generated by the second random number generator is set before the transmission of digital data. By the random number generated by the first random number generator based on the initial value in addition to the first random number generator as an initial value via the line,
The data of the head value of the sector data to be transmitted is encrypted and transmitted to the second device, and then the sector data including the data of the head portion of the sector data to be transmitted is first transmitted.
Encrypted by a random number sequentially generated by the random number generating device and transmitted to the second device, and in the second device, the received encrypted data of the head part is transmitted to the second random number. The encrypted sector data including the data of the head portion, which is decrypted by the random number sequentially generated by the generator and stored in the register, is received by the second unit.
When the number of non-coincidences reaches a predetermined number of times, it is determined by the random number of the random number generating device It is characterized in that communication between the first device and the second device is cut off.

According to the present invention, it is extremely difficult to judge the validity of data by using a part of the data to be transmitted and to illegally obtain the encryption key necessary for reproducing the data.
Effective in preventing duplication.

[0014]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS In the digital communication system according to claim 1 of the present invention, after the initial values are determined for the first device and the second device connected via the line, they are the same after that. A first random number generator for sequentially generating random numbers and a second random number generator
Prior to transmitting digital data, a random number generated by the second random number generator is added to the first random number generator as an initial value via the line, and its initial value is set. The data of the head value of the sector data to be transmitted is encrypted by the random number generated by the first random number generator based on the value and transmitted to the second device,
Subsequently, the sector data including the data of the leading part of the sector data to be transmitted is encrypted by a random number sequentially generated by a first random number generation device and transmitted to the second device, and the second device is transmitted. In the above, the received encrypted data of the head portion is decrypted by a random number sequentially generated by the second random number generator and stored in a register, and then the received data of the head portion is encrypted. The converted sector data is decrypted by the random number of the second random number generator, the head part data of the decoded sector data and the head part data stored in the register are judged to be coincident, and the number of times of disagreement is reached. When the number of times reaches a predetermined number, the communication between the first device and the second device is cut off, and the data used to judge the validity of the data is It is part of the transmission data, and because it is determined for each sector data, it is possible to increase the reliability of the determination of the valid data.

Next, in the digital data communication system according to the second aspect, the second random number generator does not have means for inputting an initial value, and the random number generated by the second random number generator is Sector head data encrypted by random numbers generated based on the initial value from the first device to the second device after being sent as an initial value to the first random number generation device via the line. The time required to generate the random number used for encryption of the sector head data is defined as the allowable range obtained from the difference between the time required to return the encrypted data and the time required to generate the random number. It is a feature that it is set to less than half of the
Unless a random number generator that generates a random number at a clock frequency twice as fast is prepared, data cannot be decoded normally, and since the second random number generator does not have an initial value input means, the initial value is forged. , A secure random number generator can be obtained, and highly reliable data can be reproduced. Embodiments of the invention described in claims 1 and 2 of the present invention will be described below with reference to FIG. In FIG. 1, 1 is a drive, 2 is a reproduction board, 3 is a bus,
4, 5 are bus interfaces, 6 and 7 are clock circuits, 8 is an encryptor, 9 and 12 are 32-bit random number generators, 10 are drive circuits, 11 is a decoder, 13 is a timer, and 14 is a register. , 15 is a counter, 16 is a determiner,
17 is a gate circuit, 18 is a moving image display circuit, 19 is a CPU
It is.

The operation of each part of the video reproducing system configured as above will be described. The drive 1 and the reproduction board 2 are connected to the bus 3. The bus interfaces 4 and 5 operate in synchronization with the clocks generated by the clock circuits 6 and 7, respectively. The clock circuits 6 and 7 operate at the same oscillation frequency. The drive-side bus interface 4 has an encryptor 8 and a random number generator 9. The encryptor 8 encrypts the data input from the drive circuit 10 according to the random number generated by the random number generator 9, and outputs the encrypted data to the bus 3. The random number generator 9 sets the 32-bit random number input via the bus 3 as an initial value, and keeps 1 for 64 clocks after the initial value is input.
The random number to be output is sequentially updated once every clock, and once every other time when the encryptor 8 is read out.

The bus interface 5 of the reproduction board is
It has a decoder 11 for recovering encrypted data, a random number generator 12, a timer 13, a register 14, a counter 15, and a determiner 16. The decryptor 11 restores the encrypted data written from the bus 3 to the original data according to the random number generated by the random number generator 12, and outputs it to the register 14, the determiner 16 and the gate circuit 17. The gate circuit 17 is the determiner 1
The input from the decoder 11 is output to the moving image display circuit 18 as it is while the prohibition signal is not output from 6, but the data is not output while the prohibition signal is output.

Data transfer from the drive 1 to the reproduction board 2 is performed in units of blocks of a fixed length called sectors. The random number generator 12 is of the same generation method as the random number generator 9 on the drive 1 side, and after the initial values of both match, both of them sequentially generate the same random number. Further, the random number generator 12 outputs the initial value, and in synchronization with the random number generator 9, the period until 64 clocks after reading the random number is 1
The random number is updated once every clock, and once every other time when the data is written to the decoder 11, the random number is updated.
However, unlike the random number generator 9 of the drive 1, the random number generator 12 of the reproduction board 2 does not have a means for inputting the initial value of the random number. Therefore, it is necessary to externally control the random number generator from the specific initial value. I can't. The timer 13 measures the time from when the random number generator 12 reads the initial value until the encrypted data of the data at the head of the sector sent from the drive 1 side is written to the decoder 11. The register 14 stores the result of the decoder 11 decoding the 32 bits of the encrypted data at the beginning. The number of bits of the data of the head portion is not limited to 32 bits, but 16 bits or 8 bits may be determined in consideration of the bus width of the PC.

The determiner 16 outputs an inhibit signal to the gate circuit 17 from the time when the random number of the random number generator 12 is read. The timer 13 measures the time it takes for the random number generator 12 to send a random number and the data at the beginning of the drive 1 to be returned, and monitors the time-out. The counter 15 monitors the time-out of the timer 13 and the data at the beginning. If the counter value is less than 8 when the values do not match, the output of the inhibition signal to the gate circuit 17 is stopped at the clock next to the time when the decoder 11 outputs the data of the head portion.
When the value of the counter 15 is 8, the prohibition signal continues to be output. The head decoded data after reading from the random number generator is not output to the moving image display circuit 18 regardless of the value of the counter 15, that is, the head data of the sector is used for data check once each time the sector is transferred. To be When the second data is output from the decoder 11, the determiner 16 determines that the output of the decoder 11 and the output of the register 14 match the data at the beginning of the sector, and the value of the timer 13 is 80 or less. If it is, the counter 15 is cleared to 0, but otherwise, if the value of the counter 15 is less than 8, the value is incremented by 1. The timer 13 is cleared to 0 at the next clock at this point.

That is, the timer 13 counts the number of clocks, and the timer counts 6 before the transfer of the data at the head of the sector.
After counting four clocks, counting is performed until the encrypted data of the data at the head of the sector is received, and when the count value exceeds 80, it is timed out and the counter 15 is counted up.

Next, the operation for transferring the data of one sector from the drive 1 to the reproduction board 2 will be described in order according to the flow of time. The CPU 19 intervenes in the data transfer. First, the data transfer procedure starts when the CPU 19 determines that one sector of data has already been read into the buffer memory of the drive circuit 10 and that the buffer memory of the moving image display circuit 18 has free space to accept one sector of data. . The CPU 19 reads a random number from the random number generator 12 and inputs it to the random number generator 9 as an initial value of the random number.
When the random number is read from the random number generator 12, the timer 13 starts counting up, and the random number generator 12 updates the random number continuously for 64 clocks from this point.

The random number generator 9 receives 64 when the initial value is input.
The random number is updated continuously with the clock and output to the encryption device 8. Since the head data of the sector is output from the drive circuit 10 to the encryption device 8, the output of the encryption device 8 is the result of encrypting the data of the beginning of a predetermined number of bits of one sector. . The CPU 19 waits for the completion of updating the random number, reads the output of the encryption device 8, and writes the encrypted first data to the decryption device 11. Since the reading at this time is not the original data transfer, the state of the buffer memory of the drive circuit 10 does not change.

When the encrypted data is written in the decryptor 11, the timer 13 stops counting up. CPU
The value of the timer 13 is not much larger than 64 unless 19 performs an extra operation in the interval of transferring the random number from the reproduction board 2 to the drive 1 and the encrypted data from the drive 1 to the reproduction board 2. Should be. At this point, the random number generator 9 and the random number generator 12 repeat the state transition from the same initial state by the same number of steps, and therefore should output the same random number. Therefore, the decryptor 11 performs the operation opposite to the operation performed by the encryptor 8 according to the output of the random number generator 9 according to the output of the random number generator 12, and as a result, outputs the first data of one sector. However, since this data is not the original data transfer, it is not output to the moving image display circuit 18, and is stored only in the register 14.

Next, the transfer of data for one sector including the leading data is started. The sector data is encrypted by the encryptor 8 according to the new random number generated by the random number generator 9, transferred to the decoder 11 by the CPU 19, and restored according to the output of the random number generator 12. The discriminator 16 collates the data at the head of the sector with the output of the register 14, and if they do not match, determines that the data sending side is not a genuine drive and counts up the counter 15. Even if they match, the timer 13 Also, when the value of is 80 or more, it is determined that the random number generator on the sending side is a counterfeit product, and the counter 15 is counted up.
When the value of the counter 15 reaches 8, the gate circuit stops outputting data, so that the reproduction is stopped. Of course, an integer value other than 8 may be selected as the value of the counter that stops the reproduction.

Finally, the main points when the present invention is applied will be described. First, a random number is sent from the receiving side to the sending side, the minimum time required to send encrypted data from the sending side to the receiving side is obtained, and this and the random number input at the sending side (random number generator 9 at the sending side (The initial value of) is set to the allowable range of the difference from the time required to generate the random number used for the return to less than half of the time required to generate the random number. The number of clocks of the delay time allowed by the determiner is set to 1.5 times or less the number of clocks of continuous update.

When a person who attempts to reproduce illegally duplicated data attempts to construct a random number generator and an encryption device by combining commercially available ICs, his own circuit is operated at the same clock frequency as the dedicated IC. Is extremely difficult, but it is relatively easy to operate at a clock frequency lower than half. Also, if the response time limit is loose,
It is also possible to perform random number calculation by software. Unnecessarily increasing the response time limit in this way facilitates illegal use. In the present invention, the time required for returning the random numbers is strictly limited to 1.5 times or less the time required for the dedicated random number generator to generate the random numbers, so that the receiving side is deceived by the software or the self-made random number generator. To prevent that.

The bus of the PC system is not necessarily an integral one, but is a complicated transmission line in which buses operating at different speeds are relayed via a bridge and data is transferred between various devices via an interface. In addition to static delay factors such as bridges and interfaces, there are dynamically changing delay factors such as interrupts and memory refresh, and even delays between genuine devices may not always respond within the shortest time. Does not always return. However, if the time limit is relaxed in consideration of variations in delay time, it becomes weak against illegal use. In the present invention, in order to prevent interruption of communication due to time-out or data transmission error due to dynamic factors, the counter is counted up when the response is incorrect or the time is over, and the counter reaches the upper limit. A method of interrupting communication when it reaches is used. If the probability that a large delay is caused by a dynamic factor is sufficiently small and the upper limit value of the counter is sufficiently large, the probability that communication is interrupted by a dynamic factor can be regarded as zero from a practical point of view. On the other hand, since the delay time due to the limitation of the operation speed of the self-made random number generating means is a static delay factor, a time-out occurs each time, the counter reaches the upper limit value in a short time, and the communication is surely interrupted. It is important that the random number generator on the receiving side cannot input an initial value. If an initial value can be input, it is possible to control the random number sent to the transmitting side to have a specific value. Since the response to a specific initial value input is another specific value, it is easy to write a program that responds to the other specific value and trick the receiving side to process the illegally copied data. is there.
The random number generator on the receiving side should not be provided with means for inputting an initial value, and if it is provided, it should be sufficiently concealed.

[0028]

As described above, according to the digital data communication system of the present invention, by limiting the generation time of the random number and the coincidence of the head data of the sector for each transfer of the sector, it is possible to distinguish from the original device. It is possible to refuse the processing of the data copied to the device, and in particular, even when the secret regarding the encryption is broken, it is possible to make the illegal use of the data extremely difficult due to the limitation of the random number generation time.

[Brief description of the drawings]

FIG. 1 is a block configuration diagram showing a digital data communication system according to an embodiment of the present invention.

FIG. 2 is a block diagram of a conventional data communication system.

[Explanation of symbols]

 1, 23 Drive 2, 24 Playback Board 3, 22 Bus 4, 5 Bus Interface 6, 7 Clock Circuit 8 Encoder 9, 12 Random Number Generator 10 Drive Circuit 11 Decoder 13 Timer 14 Register 15 Counter 16 Judgmentor 17 Gate Circuit 18 Video display circuit 19, 21 CPU 25 HDD 26 Bus monitoring board

Claims (2)

[Claims] 1. A first random number generator and a second random number that sequentially generate the same random numbers after initial values are determined for the first device and the second device connected via a line. A random number generated by the second random number generator is added to the first random number generator as an initial value via the line before the digital data is transmitted, and the initial value is set to the initial value. Based on the random number generated by the first random number generator, the data of the head value of the sector data to be transmitted is encrypted and transmitted to the second device,
Subsequently, the sector data including the data of the leading part of the sector data to be transmitted is encrypted by a random number sequentially generated by a first random number generation device and transmitted to the second device, and the second device is transmitted. In the above, the received encrypted data of the head portion is decrypted by a random number sequentially generated by the second random number generator and stored in a register, and then the received data of the head portion is encrypted. The converted sector data is decrypted by the random number of the second random number generator, the head part data of the decoded sector data and the head part data stored in the register are judged to be coincident, and the number of times of disagreement is reached. The digital data communication system is characterized in that the communication between the first device and the second device is interrupted when the number of times reaches a predetermined number. 2. The second random number generator does not have means for inputting an initial value, and the random number generated by the second random number generator is used as an initial value via the line as the initial value. The time required from sending to the generating device to returning the encrypted data of the sector head data encrypted from the first device to the second device by the random number generated based on the initial value. And an allowable range of the difference between the time required to generate a random number used to encrypt the sector head data and the time required to generate the random number is set to half or less. The digital data communication method described in 1.