WO2006028094A1 - 通信装置 - Google Patents

通信装置 Download PDF

Info

Publication number
WO2006028094A1
WO2006028094A1 PCT/JP2005/016335 JP2005016335W WO2006028094A1 WO 2006028094 A1 WO2006028094 A1 WO 2006028094A1 JP 2005016335 W JP2005016335 W JP 2005016335W WO 2006028094 A1 WO2006028094 A1 WO 2006028094A1
Authority
WO
WIPO (PCT)
Prior art keywords
request
measurement
response
transmission
source
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2005/016335
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
Yasushi Ayaki
Hiroyuki Iitsuka
Naoshi Usuki
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Panasonic Holdings Corp
Original Assignee
Matsushita Electric Industrial Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Matsushita Electric Industrial Co Ltd filed Critical Matsushita Electric Industrial Co Ltd
Priority to US11/662,078 priority Critical patent/US8341701B2/en
Priority to EP05782216.5A priority patent/EP1788745B8/en
Priority to CN2005800298255A priority patent/CN101010906B/zh
Publication of WO2006028094A1 publication Critical patent/WO2006028094A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0852Delays
    • H04L43/0864Round trip delays
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/28Flow control; Congestion control in relation to timing considerations
    • H04L47/283Flow control; Congestion control in relation to timing considerations in response to processing delays, e.g. caused by jitter or round trip time [RTT]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/02Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
    • H04W8/04Registration at HLR or HSS [Home Subscriber Server]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Definitions

  • the present invention relates to a communication device that transmits or receives encrypted content data, and more particularly to a communication device in which the destination or source of content data is restricted based on the transmission time.
  • a router connects a home network and a network outside the home.
  • the AV server in the home stores various contents acquired from the network outside the home via this router and means other than the network, for example, various contents broadcast by digital broadcasting. It has a function to transmit various contents to the receiving device that requested it in response to a request for power.
  • AV data video / audio data
  • DTCP-IP Digital Transmission Protection over Internet Protocol
  • the DTCP-IP system has an authentication function and a key revocation function, and when transmitting AV data, it removes unauthorized devices and stores data that requires copyright protection, such as AV data. Copyright protection is realized by encrypting and transmitting.
  • TTL time to live
  • IPv4 Time To Live field value
  • IPv6 IPv6
  • Hop Limit field value the number of routers through which an IP packet can pass.
  • RTT Random Trip Time
  • a transmitting device that transmits AV data and a receiving device that receives AV data is measured to obtain a predetermined time limit.
  • a transmission / reception system that permits authentication when it is determined to be shorter has been proposed (see, for example, Patent Document 1).
  • FIG. 1 is a diagram showing a flow of processing from authentication processing to encryption transmission at the time of encryption transmission in the transmission device and the reception device.
  • the receiving apparatus transmits an authentication request to the transmitting apparatus to start the measurement authentication process S101, and the transmitting apparatus and the receiving apparatus measure the transmission time after the end of the authentication process S101.
  • Execute step S102 to measure the RTT of the receiver, and if RTT is below the reference value If the authentication process is successful, the key exchange authentication process S103 is executed.
  • the transmitting apparatus encrypts and transmits the AV data, and the receiving apparatus generates a decryption key using the exchange key received in the key exchange process, and the encrypted received data is transmitted. Perform decryption processing. (S105).
  • FIG. 2 is a diagram showing a detailed process flow of the transmission time measurement process S 102.
  • the transmission device generates transmission device measurement information, stores it in a measurement request, and transmits it (S 111).
  • the receiving device verifies the received transmitting device measurement information (S112), and if it is invalid, ends the error, and if it is correct, generates the receiver measurement information (S113), stores it in the measurement request response, and transmits it.
  • RTT is measured (S114).
  • the transmitting apparatus checks the measured value of RTT (S115), and if it is equal to or less than the reference value (Tmax), the measurement is terminated and the process proceeds to the next process. If it is larger than the reference value, the number of measurements is checked (S116). If the predetermined number has not been reached, the process returns to S111 and repeats the measurement. After receiving the measurement request response, the receiving apparatus is in a request reception waiting state. When receiving the measurement request, the receiving apparatus returns to S111 and repeats the measurement (S117).
  • the transmitting device verifies whether the receiving device measurement information stored in the received measurement request response is correct (S118). If it is correct, it is determined that the measured value is not more than the reference value and correct.
  • Patent Document 1 JP 2004-194295 A (page 11)
  • the reception device transmits the measurement request response after verifying the transmission device measurement information when receiving the measurement request.
  • the verification processing time is measured by adding to the transmission time, and there is a problem that accurate RTT measurement cannot be performed.
  • the conventional data transmission / reception system has a separate authentication process for transmission time measurement processing, the problem is that the processing is complicated, and even when only transmission time measurement is desired, unnecessary key exchange processing is executed. There is a problem of doing. Accordingly, the present invention provides a communication device, a communication system, a communication method, which can accurately measure the transmission time, can share the authentication process for encrypted transmission, and does not execute an unnecessary key exchange process, An object is to provide a medium and a program.
  • a communication device is (a) a communication device that responds to a request for transmission of content data, and (al) a request for requesting transmission of the content data.
  • An authentication means for sharing authentication information with the source;
  • a measurement request transmission means for transmitting a measurement request generated using the authentication information to the request source; and
  • Measurement response reception means for receiving a measurement response generated using the authentication information shared by the request source as a response to the measurement request; (a4) after transmitting the measurement request, A round-trip delay time measuring means for measuring a time until receiving a measurement response as a round-trip delay time; (a5) after the round-trip delay time is measured, the round-trip delay time is not more than a reference value, and the measurement response is correct. And the request source If the measurement request Te Contact 1 ⁇ it was confirmed that has been verified as positive ⁇ , the requestor Ru and a determining unit to be an eligible device as a transmission destination of the content data.
  • the communication device before transmitting the measurement request, transmits a measurement preparation request for requesting a preparation required for generating the measurement response to the request source.
  • a transmission means may be provided.
  • the determination means removes the first verification information generated using the authentication information and the second verification information generated using the authentication information at the request source. If they match, you may verify that the measurement response is correct.
  • the communication device is (b) a communication device that requests transmission of content data, and (bl) corresponds to transmission of the content data.
  • (B2) receiving a measurement request generated using the authentication information shared by the request destination from the request destination.
  • a measurement request receiving means receiving a measurement request generated using the authentication information shared by the request destination from the request destination.
  • a measurement request receiving means receiving a measurement request generated using the authentication information shared by the request destination from the request destination.
  • a measurement request receiving means (b3) a measurement response transmitter that returns a measurement response generated using the authentication information to the request destination as a response to the measurement request.
  • determination means for verifying whether the measurement request is correct.
  • (b5) before receiving the measurement request it may further comprise a measurement preparation request receiving means for receiving a measurement preparation request for requesting a preparation required for generating the measurement response from the request destination.
  • a measurement preparation request receiving means for receiving a measurement preparation request for requesting a preparation required for generating the measurement response from the request destination.
  • the present invention is not limited to being realized as a communication device, but is connected to each other via a data communication network, and a request-destination communication device (server) and a request-source communication device (client).
  • server request-destination communication device
  • client request-source communication device
  • a communication method for controlling a communication device (server or client), a communication program for causing a computer system or the like to execute the communication method, and a recording medium recording the communication program may be realized.
  • the present invention executes verification processing on the receiving device side when the measured value is equal to or less than the reference value, and performs authentication processing for transmission time measurement as authentication for encrypted transmission.
  • the transmission time can be measured accurately by executing only the measurement process and the registration process, and the existing authentication process can be shared and an unnecessary key is used. It is possible to provide a transmission time measurement method, a data transmission / reception system, a medium, and an information aggregate that do not execute an exchange process.
  • FIG. 1 is a diagram showing a processing sequence at the time of encryption transmission in a conventional data transmission / reception system.
  • FIG. 2 is a diagram showing a processing sequence of transmission time measurement processing in a conventional data transmission / reception system.
  • FIG. 3 is a diagram showing a configuration of a data transmission / reception system according to Embodiment 1 and Embodiment 2 of the present invention.
  • FIG. 4 is a diagram showing a configuration of a transmitting apparatus according to Embodiment 1 of the present invention.
  • FIG. 5 is a diagram showing a configuration of a receiving apparatus in the first embodiment of the present invention.
  • FIG. 6 is a diagram showing a processing sequence at the time of encrypted transmission in Embodiment 1 of the present invention.
  • FIG. 7 is a diagram showing a processing sequence of transmission time measurement processing in Embodiment 1 of the present invention.
  • FIG. 8 is a diagram showing a configuration of a transmission apparatus according to Embodiment 2 of the present invention.
  • FIG. 9 is a diagram showing a configuration of a receiving apparatus in Embodiment 2 of the present invention.
  • FIG. 10 is a diagram showing a processing sequence when the transmitting apparatus starts transmission time measurement in the second embodiment of the present invention.
  • FIG. 11 is a diagram showing a processing sequence when the receiving apparatus starts transmission time measurement in the second embodiment of the present invention.
  • Embodiment 1 of the present invention will be described in detail with reference to FIGS.
  • a communication device that responds to a request for content data transmission (hereinafter referred to as a transmission device) authenticates with (al) a request source that requests transmission of content data.
  • A2 Send a measurement request generated using authentication information to the requestor, and (a3) Measure a measurement response generated using authentication information shared by the requestor.
  • Request response as a response to the request, (a4) Measure the time from sending the measurement request to receiving the force measurement response as a round-trip delay time, and (a5) Measuring response before sending the measurement request (A6) After measuring the round-trip delay time, it is verified that the round-trip delay time is less than the reference value and the measurement response is correct, and The requester verified that the measurement request was correct If the requestor and judging that an eligible device as a transmission destination of the content data.
  • a communication device that requests transmission of content data (hereinafter referred to as a receiving device;) transmits authentication information to a request destination that responds to a request for transmission of content data (bl).
  • a receiving device transmits authentication information to a request destination that responds to a request for transmission of content data
  • B2 A measurement request generated using the authentication information shared by the request destination is received from the request destination, and (b3) the measurement response generated using the authentication information is This is characterized in that a response to the request is sent back to the request destination, and (b4) before receiving the measurement request, a measurement preparation request for requesting a preparation for generating a measurement response is received.
  • a transmission time measurement method In a communication system (hereinafter referred to as a data transmission / reception system) including a transmission device and a reception device connected to each other via a data communication network, a transmission time measurement method according to the present embodiment Therefore, if the measurement value measured in the measurement process is less than the predetermined value, the other party's device power verifies whether the received measurement information is correct, and if it is correct, the measurement value is an accurate value. Judge that there is.
  • the data transmitting / receiving system measures the round trip delay time by the measuring unit and the measuring unit by the measuring unit when the receiving device is not registered. When it is determined that the value is an accurate value, the key exchange process is executed. When the receiving apparatus is registered, the key exchange process is subsequently executed.
  • FIG. 3 is a diagram showing a transmission device and a reception device that constitute the data transmission / reception system of the present embodiment, and is a connection diagram of an AV server as a transmission device, a PC as a reception device, a digital television, and a router.
  • an AV server 1, a digital television 2, a PC 3, and a router 4 are installed in the home.
  • Router 4 and AV server 1 and digital television 2 are connected by Ethernet (registered trademark), and router 4 and PC3 are connected by wireless media (IEEE802.ib).
  • the router 4 is connected to a router 5 outside the home via the Internet.
  • the router 5 is connected to the PC 6 and the digital television 7 that are receiving devices.
  • the router 5 and the PC 6 are connected by Ethernet (registered trademark), and the router 5 and the digital television 7 are connected by wireless media (IEEE802.ib).
  • FIG. 4 shows a configuration of AV server 1 that is a transmission device.
  • the AV server 1 includes a transmission / reception unit 21, an encryption processing unit 22, a key exchange processing unit 23, an authentication processing unit 24, a transmission time measurement processing unit 25, and a reception device registration unit 26.
  • the transmission time measurement processing unit 25 is a receiving device in the measurement preparation request transmission means, measurement preparation response reception means, measurement preparation means, measurement request transmission means, measurement response reception means, measurement means and determination means in the present invention.
  • the registration unit 26 corresponds to a registration means and a registration confirmation means.
  • the transmission / reception unit 21 is a digital interface for transmitting AV data to the network and transmitting / receiving commands to / from other devices connected to the network.
  • the encryption processing unit 22 encrypts the AV data reproduced by the content recording unit (not shown). Turn into.
  • the key exchange processing unit 23 generates an exchange key that is used by the receiving device to decrypt the encryption of the AV data, and uses the authentication information received from the authentication processing unit 24 to encrypt and transmit / receive Output via section 21.
  • the authentication processing unit 24 receives the authentication request from the receiving device and performs authentication processing.
  • the authentication processing unit 24 shares the authentication information with the receiving device, and also displays flag information indicating the presence or absence of the RTT measurement function of the receiving device as proof information. Receive with.
  • the transmission time measurement processing unit 25 generates a measurement preparation request and a measurement request, transmits the measurement preparation request and the measurement request via the transmission / reception unit 21, and processes the received measurement preparation request response and the measurement request response. Also, RTT, which is the round-trip delay time from sending the measurement request to receiving the force measurement request response, is measured. If the RTT is less than the predetermined reference value, a verification request is generated and sent via the transceiver 21. Send and process the received verification request response to determine if the measured RTT is correct.
  • the reception device registration unit 26 stores the device ID of the reception device that has been determined by the transmission time measurement processing unit 25 that the RTT is equal to or less than the reference value.
  • the device ID is given in advance by the key management center and is information for specifying a device.
  • FIG. 5 shows the configuration of the data transmission / reception unit of a receiver (such as Digital TV 2).
  • the receiving device (such as digital television 2) includes a transmission / reception unit 31, a decryption processing unit 32, a key exchange processing unit 33, an authentication processing unit 34, and a transmission time measurement processing unit 35.
  • the transmission time measurement processing unit 35 corresponds to the measurement preparation request receiving means, the measurement preparation response transmitting means, the measurement preparation means, the measurement request receiving means, the measurement response transmitting means, and the verification means in the present invention.
  • the transmission / reception unit 31 is a digital interface for receiving AV data transmitted via a network and transmitting / receiving commands and the like to / from other devices connected to the network.
  • Decryption processing unit 32 receives the exchange key transmitted from key exchange processing unit 33, generates a decryption key using the received exchange key, and receives AV data via transmission / reception unit 31. ,Recieved Decrypt AV data encryption.
  • the AV data decrypted by the decryption processing unit 32 into plain text is decoded by a decoder (not shown) and displayed on a monitor (not shown).
  • the key exchange processing unit 33 receives the exchange key via the transmission / reception unit 31, receives the authentication information transmitted from the authentication processing unit 34, and uses the received authentication information to receive the received exchange information. Process the key and send it to the decryption processor 32.
  • the authentication processing unit 34 requests the authentication processing unit 24 of the AV server 1 to start authentication via the transmission / reception unit 31, executes authentication processing, and sends authentication information to the authentication processing unit of the AV server 1. Share with 24. Also, flag information indicating the presence or absence of the RTT measurement function of the receiving device is transmitted to the AV server 1 through the transmitting / receiving unit 31 together with the certification information.
  • the transmission time measurement processing unit 35 receives and processes the measurement preparation request, measurement request, and verification request transmitted from the AV server 1 via the transmission / reception unit 31, and performs the measurement preparation request, measurement request response, and verification.
  • a request response is generated and transmitted to the AV server 1 via the transmission / reception unit 31.
  • FIG. 6 is a diagram showing a flow of processing from authentication processing to encryption transmission at the time of encryption transmission in the transmission device (AV server 1) and the reception device (digital television 2).
  • the authentication processing unit 34 of the receiving device transmits an authentication request to the transmitting device and starts the authentication processing (S41).
  • the transmission time measurement processing unit 25 of the transmission device After completion of the authentication process (S41), the transmission time measurement processing unit 25 of the transmission device performs the authentication process (S41
  • the receiving device registration unit 26 of the transmitting device determines whether or not the receiving device is registered (S43), and if not registered, proceeds to the next transmission time measurement process (S45). If registered, proceed to key exchange processing (S47).
  • the receiving apparatus After the authentication process (S41) is completed, the receiving apparatus is in a request reception waiting state, checks the received request (S44), and if a measurement preparation request is received, the transmission time measurement process (S4
  • the transmitting device checks whether the transmission time measurement process has completed normally (S46), and if it has completed normally, executes the key exchange process (S47). If it is not completed successfully, the transmission process ends in error.
  • the receiving apparatus After receiving the transmission time measurement process (S45), the receiving apparatus is in a request reception waiting state, and when receiving the exchange key, executes the key exchange process (S47).
  • the transmitting apparatus encrypts and transmits the content data, and the receiving apparatus receives the encrypted content data and decrypts it (S48). .
  • FIG. 7 is a diagram showing a detailed process flow of the transmission time measurement process (S45).
  • the transmission device and the reception device execute a measurement preparation request transmission step (S51) to a measurement preparation step (S53) as measurement preparation steps.
  • the transmission device transmits a measurement preparation request storing the measurement number N to the reception device (S51), and generates transmission device measurement information.
  • the receiving apparatus transmits a measurement preparation request response to the transmission apparatus as a response to the measurement preparation request (S52).
  • the transmission device prepares for measurement processing, and after receiving the measurement preparation response, the reception device generates reception device measurement information and prepares for measurement processing (S53).
  • the transmitter measurement information and the receiver measurement information are generated by the following procedure.
  • common verification information Kvrfy 160bit
  • Kauth 96bit
  • N initial value 0
  • Kvrfy 160bit
  • the transmitting device prepares Kvrfy (upper 8 Obit) as transmitting device measurement information and Kvrfy (lower 80 bit) as verification information for receiving device measurement information.
  • the receiving device prepares Kvrfy (lower 80 bits) as receiving device measurement information and Kvrfy (upper 80 bits) as verification information for transmitting device measurement information.
  • the transmission device and the reception device execute a measurement request transmission step (S54) and an RTT measurement step (S55) as measurement steps.
  • the transmission device stores the transmission device measurement information in the measurement request and transmits it
  • the reception device stores the reception device measurement information in the measurement request response and transmits it as a measurement process (S54).
  • the transmitting device receives the measurement request response responded by the receiving device and measures the RTT (S55).
  • the transmission device and the reception device execute a reference value determination step (S56) to a reception device verification information verification step (S64) as determination steps.
  • the transmitter checks the measurement value (RTT) (S56), and if it is equal to or less than the reference value (Tmax) (S56: YES), terminates the measurement and proceeds to the next process. If it is larger than the reference value (S56: NO), check the number of measurements (S57). If the specified number is reached (S57: YES), return to the measurement preparation request transmission step (S51) and measure. repeat. At this time, after receiving the measurement request response, the receiving apparatus is in a request reception waiting state, and when receiving the measurement preparation request, returns to the measurement preparation request response step (S52). Then, repeat measurement is met (S58).
  • the transmitting device compares the receiving device measurement information stored in the received measurement request response with the prepared verification information (S59). NO), error ends. If they match (S59: YES), a verification request is sent (S60). Upon receiving the verification request, the receiving device compares the transmitter measurement information stored in the measurement request with the prepared verification information (S61). If the search is completed and the two match (S61: YES), the authentication information Kauth is generated and the receiving device verification information is generated (S62), and the receiving device verification information is stored in the verification request response and transmitted (S63).
  • the transmitting device verifies the received receiving device verification information and finally verifies that the measured value is correct (S64). If it is invalid (S64: NO), the transmitting device terminates with an error and corrects. If so (S64: YES), proceed to the next registration process.
  • the transmission apparatus registers the device ID of the reception apparatus that is determined to be correct in the determination process with the measured value being equal to or less than the reference value in the reception apparatus registration unit 26 (S65).
  • the round-trip delay time of Ethernet (registered trademark) is 0.02 ms (milliseconds)
  • the round-trip delay time of wireless (802. ib) is 3 ms
  • the processing delay time is 0.5 ms
  • the Internet round-trip delay time is 10 ms
  • the processing delay time of the receiver is 0.2 ms.
  • RTT transmission time between the AV server 1 as the transmitting device and each receiving device
  • the following (3) and (4) are provided between the home device and the home exterior device.
  • the transmission time measurement method verifies whether the measurement information received by the partner device is correct when the measurement value measured in the measurement process is equal to or less than a predetermined value. To do. For this reason, since the receiving apparatus does not execute the verification process during the measurement request process, the verification processing time is not added to the transmission time, and an accurate round-trip delay time can be measured. In this way, an effect unique to the present embodiment can be obtained.
  • the transmitting apparatus measures the round trip delay time by the measuring means when the receiving apparatus is not registered, and determines the determining means.
  • the key exchange process is executed.
  • the receiving device is registered, the key exchange process is executed subsequently, so it can be shared as an authentication process for transmission time measurement without changing the authentication process for executing the key exchange. .
  • common verification information is generated from authentication information, and the common verification information is The reception device measurement information and the transmission device measurement information are divided and generated.
  • the measurement information may be generated using other means.
  • the transmission device generates transmission device measurement information after transmitting the measurement preparation request. However, it may be generated at another timing before the measurement request is transmitted.
  • the present invention is not limited to this, and any other arbitrary number may be connected.
  • Ethernet registered trademark
  • IEEE802.ib as the network transmission media
  • the reference value is 7 ms.
  • the present invention is not limited to this, and other reference values may be set.
  • the transmission device or the reception device transmits a measurement start request
  • the transmission time is measured by the measurement unit, and the measurement value is accurate by the determination unit. If it is determined to be a value, the receiving device is registered and the key exchange process is not executed.
  • the transmission device and the reception device constituting the data transmission / reception system of the present embodiment are shown in FIG. 3 as in the first embodiment.
  • FIG. 8 shows a configuration of AV server 1 that is a transmission device according to the present embodiment.
  • the AV server 1 includes a transmission / reception unit 21, an encryption processing unit 22, a key exchange processing unit 23, an authentication processing unit 24, a transmission time measurement processing unit 25, a receiving device registration unit 27, and a measurement start processing unit 28.
  • the transmission time measurement processing unit 35 is a measurement preparation unit, a measurement unit and a determination unit in the present invention
  • the receiving device registration unit 27 is a registration unit, a registration confirmation unit and a deregistration unit
  • the measurement start processing unit 28 is a measurement start.
  • Each means corresponds.
  • the configuration of the transmitting apparatus in the present embodiment is different from that of the first embodiment in the receiving apparatus registration unit 27 and the measurement start processing unit 28, and the other components are the same, and the description thereof is omitted. .
  • the receiving device registration unit 27 registers the receiving device by storing the device ID of the receiving device determined by the transmission time measurement processing unit 25 that RTT is equal to or less than the reference value. In addition, the registration is canceled when the specified valid time has elapsed after registration.
  • the measurement start processing unit 28 checks the remaining time of the valid time, and when the remaining time becomes 0, transmits a measurement start request and starts an authentication process for the measurement process. Also, when a measurement start request is received, authentication processing for measurement processing is started.
  • FIG. 9 shows the configuration of the data transmitting / receiving unit of the receiving device (digital television 2).
  • the receiving apparatus includes a transmission / reception unit 31, a decryption processing unit 32, a key exchange processing unit 33, an authentication processing unit 34, a transmission time measurement processing unit 35, and a measurement start processing unit 36.
  • the transmission time measurement processing unit 35 is a measurement preparation request receiving unit, a measurement preparation response transmission unit, a measurement preparation response unit, a measurement preparation reception unit, a measurement request transmission unit, a verification unit, and a measurement start processing unit in the present invention.
  • measurement start determination means, measurement start request transmission means, and measurement start response reception means are a measurement start determination means.
  • the configuration of the receiving apparatus in the present embodiment is different from the configuration in the first embodiment in the measurement start processing unit 36, and the other components are the same, and thus the description thereof is omitted.
  • the measurement start processing unit 36 ends the reception of the encrypted data or when the transmission time measurement process is not executed between the authentication process and the key exchange process.
  • a measurement start request is transmitted to start an authentication process for the measurement process. Also, when a measurement start request is received, authentication processing for measurement processing is started.
  • FIG. 10 shows an operation sequence when the transmission apparatus starts the measurement process in the present embodiment.
  • the measurement start processing unit 28 of the transmission device is registered in the reception device registration unit 27.
  • the effective time is checked (S81), and it is determined whether the remaining effective time is 0. If it is 0, a measurement start request is transmitted to the receiving device (S83).
  • the measurement start processing unit 36 of the receiving device clicks the received request (S82), and upon receiving the measurement start request, sends a response (S84), requests the authentication processing unit 34 to start authentication,
  • the authentication processing unit 34 issues an authentication request and executes authentication processing (S85). This authentication process (S85) shares the same process as the authentication process (S41) when executing the key exchange process.
  • the transmission time measurement processing unit 25 of the transmission device executes the transmission time measurement process (S86), and determines that the measurement value is equal to or less than the reference value and the measurement value is correct. If so, the receiver is registered and the process is terminated. When measurement is started by sending a measurement start request, key exchange processing is not executed.
  • the detailed operation of the transmission time measurement process (S85) is the same as the transmission time measurement process (S45) in the first embodiment shown in FIG.
  • FIG. 11 shows an operation sequence when the receiving apparatus starts the measurement process in the present embodiment.
  • the measurement start processing unit 36 of the receiving device checks the received data, and performs transmission time measurement processing at the end of reception of encrypted data or between authentication processing and key exchange processing. If not, when the exchange key is received by the key exchange process, the measurement start is determined (S91), and the measurement start request is transmitted to the transmission device (S93). The measurement start processing unit 28 of the transmission device clicks the received request (S92), and upon receiving the measurement start request, transmits a response (S94). When receiving the response, the receiving device requests the authentication processing unit 34 to start authentication. The authentication processing unit 34 issues an authentication request and executes authentication processing (S95). This authentication process (S95) shares the same process as the authentication process (S41) when executing the key exchange process.
  • the transmission time measurement processing unit 35 of the transmission device executes the transmission time measurement process (S96), and determines that the measured value is not more than the reference value and the measured value is correct. If so, the receiver is registered and the process is terminated. When measurement is started by sending a measurement start request, key exchange processing is not executed.
  • the detailed operation of the transmission time measurement process (S96) is the same as the transmission time measurement process (S45) in the first embodiment shown in FIG.
  • the registration of the receiving device can always be validated. For this reason, it is not necessary to execute the transmission time measurement process when executing the key exchange process for encrypted transmission.
  • the transmission apparatus or the reception apparatus transmits a measurement start request
  • the transmission time is measured by the measurement means after executing the authentication process.
  • the determination means determines that the measured value is an accurate value
  • the receiving device is registered.
  • the transmission apparatus in the data transmission / reception system of this embodiment checks the remaining time of the registration valid time and activates transmission time measurement, the registration is not invalidated.
  • the receiving device in the data transmission / reception system of the present embodiment when the reception of the encrypted data is completed, or when the transmission time measurement process is not executed between the authentication process and the key exchange process, Since the transmission time measurement is activated when the exchange key is received, it is necessary to execute the transmission time measurement process when performing the authentication process and key exchange process to perform encrypted transmission without invalidating the registration. Therefore, an effect peculiar to the present embodiment that the delay time at the start of transmission can be shortened can be obtained. Furthermore, when the transmission time measurement is activated when the exchange key is received, it is possible to obtain an effect unique to this embodiment that the measurement start process and the measurement process can be executed using the same connection as the authentication key exchange process. Monkey.
  • the transmitting apparatus assumes that the remaining time of the registration valid time has become 0.
  • the transmission time measurement is activated at this time, but it can be activated if the remaining time is less than the predetermined value, or it can be activated by combining the remaining time with other conditions! /.
  • the receiving device starts transmission time measurement at the end of reception of encrypted data or when an exchange key is received. If the remaining time is estimated and it is estimated that there is a margin in the remaining time, the transmission time measurement need not be activated.
  • a medium carrying a program and Z or data for causing a computer to execute the functions of the data transmission / reception system of the present invention, which can be processed by the computer also belongs to the present invention.
  • an information aggregate that is a program and Z or data for causing a computer to execute the function of the data transmission / reception system of the present invention also belongs to the present invention.
  • the data of the present invention includes a data structure, a data format, a data type, and the like.
  • the medium of the present invention includes a recording medium such as a ROM, a transmission medium such as the Internet, and an optical medium.
  • the medium carried by the present invention includes, for example, a recording medium on which a program and Z or data are recorded, a transmission medium on which the program and Z or data are transmitted, and the like.
  • being able to be processed by the computer of the present invention means that it can be read by a computer, for example, in the case of a recording medium such as a ROM, and is a transmission target in the case of a transmission medium.
  • a computer for example, in the case of a recording medium such as a ROM, and is a transmission target in the case of a transmission medium.
  • the program and Z or data can be handled by a computer as a result of transmission.
  • the information aggregate of the present invention includes, for example, a program and software such as Z or data.
  • the configuration of the present invention may be implemented in software or hardware.
  • the present invention relates to a transmission / reception system for transmitting / receiving encrypted data and a transmission time measurement method It is useful for AV data transmission in home networks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Databases & Information Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Computer And Data Communications (AREA)
  • Information Transfer Between Computers (AREA)
PCT/JP2005/016335 2004-09-07 2005-09-06 通信装置 Ceased WO2006028094A1 (ja)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US11/662,078 US8341701B2 (en) 2004-09-07 2005-09-06 Communication apparatus
EP05782216.5A EP1788745B8 (en) 2004-09-07 2005-09-06 Communication apparatus
CN2005800298255A CN101010906B (zh) 2004-09-07 2005-09-06 通信装置、通信系统及通信方法

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2004-259213 2004-09-07
JP2004259213A JP4665465B2 (ja) 2004-09-07 2004-09-07 通信装置、通信システム、通信方法

Publications (1)

Publication Number Publication Date
WO2006028094A1 true WO2006028094A1 (ja) 2006-03-16

Family

ID=36036375

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2005/016335 Ceased WO2006028094A1 (ja) 2004-09-07 2005-09-06 通信装置

Country Status (5)

Country Link
US (1) US8341701B2 (enExample)
EP (1) EP1788745B8 (enExample)
JP (1) JP4665465B2 (enExample)
CN (1) CN101010906B (enExample)
WO (1) WO2006028094A1 (enExample)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1737179A1 (en) * 2005-06-20 2006-12-27 Thomson Licensing Method and devices for secure measurements of time-based distance between two devices
JP4919795B2 (ja) 2005-12-28 2012-04-18 パナソニック株式会社 無線通信基地局装置、無線通信端末装置及び通信方法
JP5156636B2 (ja) 2006-10-06 2013-03-06 パナソニック株式会社 データ送信装置、データ受信装置及びデータ送受信システム
US20080212773A1 (en) * 2007-03-02 2008-09-04 Houlberg Christian L Parallel data stream decryption device
JP2009050004A (ja) * 2007-08-21 2009-03-05 Samsung Electronics Co Ltd 挑戦応答基盤のrtt検査方法、装置及びその方法を記録したコンピュータで読み取り可能な記録媒体
JP5361031B2 (ja) * 2008-01-07 2013-12-04 アルパイン株式会社 暗号認証処理方法及び装置
JP2010045535A (ja) * 2008-08-11 2010-02-25 Buffalo Inc 暗号キー管理システム、外部機器及び暗号キー管理プログラム
JP5614016B2 (ja) * 2009-09-09 2014-10-29 ソニー株式会社 通信システム、通信装置及び通信方法、コンピューター・プログラム、並びに、コンテンツ提供装置及びコンテンツ提供方法
DE102009045133A1 (de) 2009-09-29 2011-03-31 Robert Bosch Gmbh Verfahren zum Manipulationsschutz von Sensordaten und Sensor hierzu
JP5659226B2 (ja) * 2010-04-23 2015-01-28 日立マクセル株式会社 コンテンツ受信機、コンテンツ出力方法
JP6170774B2 (ja) * 2013-08-08 2017-07-26 任天堂株式会社 測定システム、測定装置の測定方法、測定装置および測定装置の制御プログラム
CN112492586B (zh) * 2020-11-23 2023-05-23 中国联合网络通信集团有限公司 加密传输方案优化方法及装置

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH05284499A (ja) * 1992-04-02 1993-10-29 Nec Corp 有料テレビジョン・オーディオプログラム放送再生方式
JP2001285283A (ja) * 2000-03-30 2001-10-12 Toshiba Corp 通信装置およびその通信方法
JP2002108819A (ja) * 2000-09-29 2002-04-12 Toshiba Corp 企業内通信システムおよび認証サーバ
JP2004194295A (ja) * 2002-10-17 2004-07-08 Matsushita Electric Ind Co Ltd パケット送受信装置

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3078666B2 (ja) 1992-08-27 2000-08-21 ケイディディ株式会社 相互認証/暗号鍵配送方式
JP2002247029A (ja) * 2000-02-02 2002-08-30 Sony Corp 認証装置、認証システムおよびその方法、処理装置、通信装置、通信制御装置、通信システムおよびその方法、情報記録方法およびその装置、情報復元方法およびその装置、その記録媒体
JP2001352579A (ja) 2000-06-07 2001-12-21 Nec Corp 携帯電話機のセキュリティシステム及びセキュリティ方法
JP2002084338A (ja) * 2000-07-07 2002-03-22 Matsushita Electric Ind Co Ltd データ送信装置、データ受信装置、およびデータ通信システム
WO2002095584A2 (en) * 2001-05-22 2002-11-28 Imagine Broadband Limited Broadband communications
US20030061304A1 (en) * 2001-09-10 2003-03-27 Tenereillo Peter A. Method and apparatus for discovering client proximity using in-line translations
JP2003101533A (ja) * 2001-09-25 2003-04-04 Toshiba Corp 機器認証管理システム及び機器認証管理方法
EP1973297B1 (en) * 2002-07-26 2011-08-31 Koninklijke Philips Electronics N.V. Secure authenticated distance measurement
AU2003259563A1 (en) * 2002-08-28 2004-03-29 Matsushita Electric Industrial Co., Ltd. Content-duplication management system, apparatus and method, playback apparatus and method, and computer program
JP2004104295A (ja) 2002-09-06 2004-04-02 Toshiba Eng Co Ltd 電気機器起動システム
TW200414737A (en) * 2002-09-27 2004-08-01 Matsushita Electric Industrial Co Ltd Contents transmission system
DE60321368D1 (de) * 2002-09-30 2008-07-10 Koninkl Philips Electronics Nv Verifizieren eines knotens auf einem netzwerk
CN1729660B (zh) 2002-10-17 2011-06-08 松下电器产业株式会社 分组发送接收装置
JP2004180010A (ja) * 2002-11-27 2004-06-24 Canon Inc 無線通信端末装置
JP3826100B2 (ja) * 2002-11-27 2006-09-27 株式会社東芝 通信中継装置、通信システム及び通信制御プログラム
JP4214807B2 (ja) * 2003-03-26 2009-01-28 パナソニック株式会社 著作権保護システム、送信装置、著作権保護方法、及び記録媒体
JP4881538B2 (ja) * 2003-06-10 2012-02-22 株式会社日立製作所 コンテンツ送信装置およびコンテンツ送信方法
JP4647903B2 (ja) * 2003-07-09 2011-03-09 株式会社東芝 情報通信装置、通信システム及びデータ伝送制御プログラム
JP4102290B2 (ja) * 2003-11-11 2008-06-18 株式会社東芝 情報処理装置
JP4608886B2 (ja) * 2004-01-16 2011-01-12 株式会社日立製作所 コンテンツ送信装置および方法
JP4982031B2 (ja) * 2004-01-16 2012-07-25 株式会社日立製作所 コンテンツ送信装置、コンテンツ受信装置およびコンテンツ送信方法、コンテンツ受信方法
JP4645049B2 (ja) * 2004-03-19 2011-03-09 株式会社日立製作所 コンテンツ送信装置およびコンテンツ送信方法
GB0410608D0 (en) * 2004-05-12 2004-06-16 Nokia Corp Locating mobile terminals
JP4264035B2 (ja) * 2004-06-25 2009-05-13 株式会社東芝 情報処理装置、情報処理プログラム及び情報処理方法
US7584294B2 (en) * 2007-03-12 2009-09-01 Citrix Systems, Inc. Systems and methods for prefetching objects for caching using QOS

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH05284499A (ja) * 1992-04-02 1993-10-29 Nec Corp 有料テレビジョン・オーディオプログラム放送再生方式
JP2001285283A (ja) * 2000-03-30 2001-10-12 Toshiba Corp 通信装置およびその通信方法
JP2002108819A (ja) * 2000-09-29 2002-04-12 Toshiba Corp 企業内通信システムおよび認証サーバ
JP2004194295A (ja) * 2002-10-17 2004-07-08 Matsushita Electric Ind Co Ltd パケット送受信装置

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"DRM Dai 2 Bu Network o Zentei ni Secure no Wa o Hirogeru", NIKKEI ELECTRONICS, 5 GATSU 10 KAGO, no. 873, 10 May 2004 (2004-05-10), pages 88 - 95, XP002998170 *

Also Published As

Publication number Publication date
US8341701B2 (en) 2012-12-25
EP1788745B8 (en) 2018-09-12
US20080072046A1 (en) 2008-03-20
CN101010906B (zh) 2010-05-12
EP1788745A4 (en) 2014-04-16
JP2006080587A (ja) 2006-03-23
EP1788745B1 (en) 2018-07-18
JP4665465B2 (ja) 2011-04-06
CN101010906A (zh) 2007-08-01
EP1788745A1 (en) 2007-05-23

Similar Documents

Publication Publication Date Title
JP4861327B2 (ja) 近接性チェックサーバ
KR100593768B1 (ko) 콘텐츠 송신 장치, 콘텐츠 수신 장치 및 콘텐츠 전송 방법
JP4214807B2 (ja) 著作権保護システム、送信装置、著作権保護方法、及び記録媒体
CN100495962C (zh) 内容发送装置、内容接收装置和内容传送方法
US20050259824A1 (en) Information processing apparatus, information processing method, and information processing program
EP2329621B1 (en) Key distribution to a set of routers
US20110179497A1 (en) Data transmission and reception control apparatus, and data transmission and reception system, method, and program
CN113411190B (zh) 密钥部署、数据通信、密钥交换、安全加固方法及系统
JP4608886B2 (ja) コンテンツ送信装置および方法
JP4270033B2 (ja) 通信システムおよび通信方法
JP4665465B2 (ja) 通信装置、通信システム、通信方法
US20030188012A1 (en) Access control system and method for a networked computer system
JP2005228028A (ja) コンテンツ転送制御装置、コンテンツ配信装置およびコンテンツ受信装置
JP4772119B2 (ja) 2装置間の時間ベース距離のセキュアな管理のための方法及び装置
KR20040099429A (ko) 데이터 송신기의 익명 인증을 위한 방법
JP4725070B2 (ja) 正規コンテンツ確認方法、コンテンツ送受信システム、送信機、および受信機
JP4181951B2 (ja) コンテンツ配信システム
CN100583732C (zh) 信息处理设备,信息处理方法和信息处理程序
JP2005295297A (ja) 認証方法、通信装置及び認証装置
JP2006197094A (ja) 通信システム
JP2011139189A (ja) コンテンツ送信装置、コンテンツ受信装置、及び認証方式
JP2004320727A (ja) デジタル証明書管理システム、デジタル証明書管理装置、デジタル証明書管理方法およびプログラム
JP2005311747A (ja) サーバ装置、要求発行機器、要求受諾機器、通信システム及びプログラム

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS KE KG KM KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2005782216

Country of ref document: EP

Ref document number: 200580029825.5

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 11662078

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

WWP Wipo information: published in national office

Ref document number: 2005782216

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 11662078

Country of ref document: US