1. Related Applications
The present application claims priority to Japanese Patent Application Number 2008-000610, filed Jan. 7, 2008, the entirety of which is hereby incorporated by reference.
2. Field of the Invention
The present invention relates to a method and an apparatus for high-speed encrypted authentication of digital devices connected to a network during the transmission or reception of content.
3. Description of the Related Art
The recent rapid spread of digital-data communication technology enables the transmission and reception of data without degradation between devices, which greatly increases convenience, allowing many devices to transmit or receive data by digital communications. However, as shown in FIG. 4, in a system configuration having a source device A 101 and a source device B 102 that transmit digital data and a sink device C 103 and a sink device D 104 that receive and use the digital data, which are connected with a bus line 105, wherein the source device A 101 may be a DVD player, the source device B 102 may be a digital TV tuner, the sink device C 103 may be a monitor, and the sink device D 104 may be a HDD, such digital-data transmission and reception technology allows digital data from AV-data source devices, such as a DVD player and a digital TV tuner, to be used without degradation by the HDD and the like. Thus, data whose copyright is claimed is provided, with prohibition of processing, to a sink device that processes the data, or with restriction, such as permission of one recording, to a recording medium such as a HDD.
For example, when the source device A 101 is a DVD player and the sink device C 103 is a monitor, the system has the internal configuration shown in FIG. 5. The DVD player of a source device A 111 extracts audio and image data from a DVD. The data is output via a bus connecting section 113 and received by a bus connecting section 114 of the monitor of a sink device C 112. The monitor divides the received data into image data and audio data again, whose signals are processed so that an image is output to an LCD 115 for display and voice is output from a speaker 116.
When devices are connected via a bus so as to exchange data by the method of IEEE1394 in consideration of the limit of data exchange, such a system and device configuration conducts device authentication to verify whether the devices connected to the bus are genuine. Then a public key is generated to each device so that only an authenticated device can receive content data such as AV data with or without the above-mentioned restriction. Content is encrypted using the public key and sent to the authenticated device. The authenticated device receives the encrypted data and deciphers or decrypts it with the public key into the original AV data for use.
Examples of the public key include an authentication key based on the Diffie-Hellman (DH) key exchange which was used at an early stage and, for more reliable encryption, an exchange key that is generated by the sender of data. The exchange key is encrypted using the authentication key and sent to the authenticated receiving device. The content data can also be encrypted by the exchange key and sent. The receiving device first decrypts the exchange key using the authentication key first obtained, and decrypts the encrypted content data using the exchange key obtained.
In encrypting content data, the sending device encrypts the content data using the exchange key and a specific value, as a seed, that is, a seed key, and sends the encrypted content data. The receiving device decrypts the content data using the exchange key thus decrypted and the seed key shared by the sending device.
A technique for efficient authentication of a device connected on a bus by distributing the time of execution according to the condition of communication is disclosed in Japanese Unexamined Patent Application Publication No. 2005-64825.
The above-described device authentication using encrypted keys for transmission and reception of data is performed by the number of signals handled in the devices. Thus, for example, audio and image signals recorded in the same DVD are subjected to device authentication individually, when separately sent over the network.
For example, a monitor that receives and displays data recorded in a DVD processes an image and voice separately in parallel by its signal processing function. Therefore, its signal processing circuit uses two LSIs, an image processing LSI and an audio processing LSI. Of the AV data received, images are processed by the image processing LSI, and voice is processed by the audio processing LSI, thus allowing high-speed processing.
For example, as shown in FIG. 6, suppose that a source device 121 generates image and audio signals by a DVD signal processing LSI 123, and a sink device 122 receives the image and audio signals. The sink device 122 has an image processing LSI 124 and an audio processing LSI 125 to allow individual processing. In this case, authentication, such as device authentication, which is first performed in transmitting and receiving data, the generation of authentication keys, and the decryption of exchange keys encrypted by a received authentication key, is performed by an image processing LSI 124 and an audio processing LSI 125.
Even when a receiving device of the related art receives two or more signals using only one LSI, device authentication is performed for each signal. Accordingly, two instances of authentication are needed to handle two signals, an image signal and an audio signal, as described above. In particular, when a receiving device uses two or more LSIs, authentication is performed for each LSI as in separate devices.
As a result, with the system configuration as shown in FIG. 4, when the monitor of the sink device C 103 switches from displaying a playback signal of the DVD player of the source device A 101 to the reception of the digital TV tuner of the source device B 102, two instances of authentication for an image and voice is needed, as described above, thus taking some time to output the image and voice received by the digital TV tuner. This makes the user feel uneasy or irritated in operating the devices and uncertain about the operation and performance of the devices.