1. Field of the Invention
The present invention relates generally to a method and an apparatus for encrypting information in computer communication and data broadcasting, and transmitting the encrypted information.
2. Description of the Background Art
In FIG. 25, a conventional information transmission apparatus is shown. The conventional information transmission apparatus 1900 includes a transmitting unit 1910, transmitter 1920, and receiving unit 1930. Description is now made by taking two types of specific examples, those are information transmission in the Internet as Example 1 and digital broadcasting as Example 2. A plurality of receiving units 1930 may correspond to one transmitting unit 1930.
The transmitting unit 1930 produces transmission information It obtained by subjecting an information unit Iu to multiplexing and encryption, and output thereof. The information unit Iu is a collection of electronic data having meanings for a user, for example, such as text information, voice information, still image information, moving image information, HTML (Hypertext Makeup Language) information, and their combination.
Transmitting Unit 1910
The transmitting unit 1910 contains an information unit generator 1911, a multiplexer 1912, a lower layer scrambler 1913, and a sender 1914.
The information unit generator 1911 generates a plurality of information units Iu, and outputs thereof. In Example 1, the information unit generator 1911 outputs the information units Iu which are, for example, a text the user entered with a keyboard or the like, and an image taken into a computer, and others already stored in the computer. The information unit generator 1911 is an input screen portion of electronic mail software, and a server in a broadcasting station on the Internet, for example.
On the other hand, in Example 2, all information units Iu generated are previously stored in the information unit generator 1911. A method for merely selectively outputting the information units Iu in accordance with a predetermined schedule is considered. The information unit generator 1911 is a broadcasting station system containing a program management system in a sending system of digital broadcasting, a cart machine of a VTR, an MPEG-2 encoder, an EPG (Electronic Program Guide) management sending system of digital broadcasting, and the like. Additional information such as EPG must be sent out with the same contents thereof maintained for a long time. Therefore, the same contents, in some cases, are repeatedly outputted in a period on the order of seconds in the information unit generator 1911.
The multiplexer 1912 receives the plurality of information units Iu outputted by the information unit generator 1911. Then, the multiplexer 1912 multiplexes the inputted information units Iu, and outputs the multiplexed information units Iu as multiple information Im. By the multiplexing, the plurality of information units Iu are converted into a format (multiple information lm) suitable for efficient transmission in the transmitter 1920.
In Example 1, the multiplexer 1912 is an MIME (Multi-purpose Internet Mail Extensions) encoder used for sending multimedia information by an electronic mail on the Internet, for example. In this case, the multiplexer 1912 respectively takes text information, image information, voice information, and so forth which are the plurality of information units Iu as parts. Then the multiplexer 1912 converts the parts into a multipartite message conforming to MIME for collecting the plurality of parts, and outputs the message. The formal specification of the MIME is defined by RFC (Request for Comments) 1521/1522.
On the other hand, in Example 2, the multiplexer 1912 is a service multiplexer for obtaining TS (Transport Stream) of an MPEG-2 systems from a plurality of stream data, for example. The MPEG-2 systems and the TS are standardized by ISO/IEC CD 13818-1. In this case, the multiplexer 1912 divides each of the plurality of information units Iu outputted by the information unit generator 1911 into packets called PES (Packetized Elementary Stream), and multiplexes the obtained packets on the basis of a certain rule.
The lower layer scrambler 1913 receives the multiple information Im outputted by the multiplexer 1912, and encrypts the multiple information Im in accordance with a predetermined encryption algorithm, and outputs the encrypted result as encrypted multiple information Ime. In Example 1, the lower layer scrambler 1913 may be software PGP (Pretty Good Privacy) on which an RSA cipher which is a public key cipher, for example, mounted therein is started with an encryption option. An output of the lower layer scrambler 1913 is a text of an electronic mail encrypted using the RSA cipher. The RSA cipher is described in detail in an article entitled by R. L. Rivest, A. Shamir, and L. Adleman which are contrivers themselves "A Method for Obtaining Digital Signatures and Public Key Cryptosystems" (Vol. 21, No. 2 issued on February, 1978 in Communications of the ACM). The PGP is described in detail in an article entitled by Simson Garfinkel "PGP: Pretty Good Privacy" (O'Reilly & Associates).
On the other hand, in Example 2, the lower layer scrambler 1913 may be, for example, a scrambler of a transport layer. The lower layer scrambler 1913 encrypts a payload portion of inputted TS of MPEG-2 using an encryption algorithm such as MULTI2 and DES(the Data Encryption Standard), and outputs the encrypted TS of the MPEG-2 which is the result thereof. Note that MULTI2 described in ARIB report No. 74 is developed by Hitachi Ltd. for the application of digital broadcasting system.
The sender 1914 receives the encrypted multiple information Ime outputted by the lower layer scrambler 1913, and converts the encrypted multiple information Ime into transmission information It which will be inputted to the transmitter 1920. In Example 1, the sender 1914 is a program for adding a mail header composed of a destination field, a sender field, and so forth to the text of the electronic mail. An output of the sender 1914 is the text of the electronic mail to which the mail header is added. On the other hand, in Example 2, the sender 1914 is an error-correcting encoder and a modulator for the TS of the MPEG-2.
Transmitter 1920
The transmitter 1920 transmits the inputted transmission information It to a physically distant point. Both inputs and outputs of the transmitter 1920 are the transmission information It. All the inputs of the transmitter 1920 may not appear in the outputs to the receiving unit 1930 without any error. In Example 1, the transmitter 1920 is a plurality of mail communication daemons which are connected to each other by a channel such as the Internet for interpreting and executing an SMTP (Simple Mail Transfer Protocol). Examples of the typical mail communication daemon include "sendmail". The formal specification of the SMTP is defined by RFC 821, RFC 822, and RFC 974. The sendmail is described in detail in an article entitled by E. Allman ""SENDMAIL--An Internetwork Mail Router" Unix Programmer's manual" (CSRG U. C. Berkeley issued on July, 1983).
On the other hand, in Example 2, the transmitter 1920 is constituted by an up-converter, a parabola antenna for sending data to a satellite, a communication satellite, and a ground receiving antenna.
Receiving unit 1930
The receiving unit 1930 receives the transmission information It transmitted by the transmitter 1920, and presents an information unit Iu to a user. The receiving unit 1930 includes a receiver 1931, a lower layer descrambler 1932, a demultiplexer 1933, a reproducer 1934, a storage 1935, and presenter 1936.
The receiver 1931 receives the transmission information It outputted by the transmitter 1920, and takes out the whole or a part of thereof. Then, the receiver 1931 reproduces an encrypted multiple information Ime based on the transmission information It taken out. In Example 1, the receiver 1931 is a front end program for mail transmission. On the other hand, in Example 2, the receiver 1931 is the connection of a satellite broadcasting tuner, a demodulator and an error-correcting decoder.
The lower layer descrambler 1932 receives the encrypted multiple information Ime outputted by the receiver 1931, and decrypts the encrypted multiple information Ime, and reproduces the multiple information Im. In Example 1, the lower layer descrambler 1932 is a PGP program which is started with a decryption option. On the other hand, in Example 2, the lower layer descrambler 1932 is a descrambler of the transport layer.
The demultiplexer 1933 separates each information unit Iu from the multiple information Im, takes out the separated information unit Iu, and outputs the information unit Iu taken out. In Example 1, the demultiplexer 1933 is an MIME decoder, and separates the text information, the image information, and so forth which are the respective parts included in the multipartite message as separate information, to take out the separate information. On the other hand, in Example 2, the demultiplexer 1933 is a demultiplexer for the TS of the MPEG-2. The demultiplexer 1933 separates a plurality of streams which are multiplexed by the MPEG-2 systems.
The reproducer 1934 receives the information unit Iu outputted by the demultiplexer 1933, and produces a reproduction information Ir1 which is reproducible information. In Example 1, the reproducer 1934 may be a text file viewer, image file presenting software, etc. On the other hand, in Example 2, the reproducer 1934 may be an MPEG-2 decoder for reproducing voices or images encoded by the MPEG-2, for example. In this case, the output is an NTSC (National Television System Standard Committee) signal or an analog voice signal.
The storage 1935 receives the reproduction information outputted by the reproducer 1934, and stores the first reproduction information Ir1. Then, the storage 1935 also outputs the first reproduction information Ir1 therefrom as a second reproduction information Ir2 on demands for reproduction. This operation is hereinafter merely referred to as reproduction. It is to be noted that the first and second reproduction information Ir1 and Ir2 are identical with respect to the contents thereof, but different in time for the presentation, as described later.
In Example 1, the storage 1935 may be a file system in OS (operating System) or software for managing the classification of electronic mails. On the other hand, in Example 2, the storage 1935 may be a VTR (Video Tape Recorder) or VCR (Video Cassette Tape Recorder) for recording and reproducing an NTSC signal and an analog voice signal.
The presenter 1936 receives the first reproduction information Ir1 outputted by the reproducer 1934 and the second reproduction information Ir2 outputted by the storage 1935, and presents either one or both of the information to a user. In Example 1, the presenter 1936 may be a window system such as X-window or Microsoft Windows for presenting image and voice to a user. On the other hand, in Example 2, the presenter 1936 may be a television receiver for inputting and receiving an NTSC signal and an analog voice signal, for example.
In FIG. 26, an example of encrypted multiple information unit Ime0d produced by the information transmission apparatus 1900 is shown. According to this example, the encrypted multiple information unit Ime0d includes four information units Iu1d, Iu2d, Iu3d, and Iu4d each indicated by a circle in the drawing. A rectangle indicated by a dot line represents an encrypted multiple information unit Ime obtained by encrypting the information units Iu1d, Iu2d, Iu3d, and Iu4d once in the lower layer scrambler 1913. In other words, all the information units Iu1d, Iu2d, Iu3d, and Iu4d are encrypted with the same cipher, and are protected by the single encryption layer in the transportation level.
The information units Iu1d, Iu2d, Iu3d, and Iu4d represents a tourist resort guide considering the weather forecast, a weather forecast for the tourist resorts, a weather forecast for the entire country, and a weather forecast for a local area, respectively. These sub-tiles with respect to weather forecast are encrypted to generate a total weather forecast program Iue. Thus, there is no hierarchical order among these sub-tiles from the view point of encryption.
In Operation
With reference to FIGS. 27 and 28, the operation of the conventional information transmission apparatus 1900 is described below. In FIG. 27, a flow chart showing the operation performed by the transmitting unit 1910 and the transmitter 1920 is shown.
At step S2001, the information unit generator 1911 generates a plurality of information units Iu, and outputs the generated information units Iu. Examples of the generation of the information units Iu include a method in which a user enters information units Iu and designates a file as in Example 1, and a case where information units Iu are selectively outputted from stored information units Iu in accordance with a predetermined schedule as in Example 2.
At step S2002, the multiplexer 1912 multiplexes the information units Iu generated at step S2001, and outputs the result thereof as multiple information Im. The multiple information Im is multipartite data conforming to the MIME in the case of Example 1, while being data representing the TS of the MPEG-2 systems in the case of Example 2.
At step S2003, the lower layer scrambler 1913 encrypts the multiple information Im obtained by the multiplexing at step S2002, and produces the encrypted multiple information Ime. In Example 1, the multiple information Im is encrypted using the RSA cipher or the like. On the other hand, in Example 2, the payload portion of the TS of the MPEG-2 is encrypted using a MULTI2 cipher manufactured by Hitachi Ltd., for example.
At step S2004, the sender 1914 converts the encrypted multiple information Ime obtained by the encryption at step S2003 into a format which is transmittable or suitable for transmission by the transmitter 1920, and produces the transmission information It. In Example 1, information obtained by adding information, for example, "To:" field, "From:" field to the head of the text of the mail which is encrypted multiple information Ime is outputted as transmission information It. On the other hand, in Example 2, information obtained by encoding the TS of the MPEG-2 using an error-correcting code and then, modulating the encoded TS is outputted.
At step S2005, the transmitter 1920 transmits the transmission information It to a physically distant point. In Example 1, the mail communication daemons mounted on one or a plurality of computers connected are communicated to a computer network such as the Internet or a LAN (Local Area Network) on the basis of the SMTP. Thus, the mail is transmitted from the mail communication daemon on one of the computers to the mail communication daemon on the other computer.
On the other hand, in Example 2, transmission information It obtained by the conversion in the up-converter is transmitted to the communication satellite by the parabolic antenna. The communication satellite transmits the received transmission information It to the ground by a transponder. The transmission information It from the communication satellite is received by the ground receiving antenna.
With reference to FIG. 28, the operation performed by the receiving unit 1930 is described next. In FIG. 28, the operations oftaking out an information unit Iu in real time from the transmission information It, presenting the information unit Iu to the user, storing the information unit Iu as required by the user, and later viewing the information unit Iu again are specifically shown.
At step S2101, when the user views the information unit Iu in real time from the transmission information It, the procedure advances to step S2102. When the user views the information unit Iu previously stored in the storage 1935, the procedure advances to step S2109.
At step S2102, the receiver 1931 receives the transmission information It from the transmitter 1920, and takes out a part or the whole of the encrypted multiple information Ime from the inputted transmission information It. In Example 1, processing for taking out one electronic mail data addressed to a specific user is performed. On the other hand, in Example 2, processing for filtering a particular packet storing information to be found by a PID (Packet ID), and selecting and extracting the packet is performed by tuning to a predetermined frequency.
At step S2103, the lower layer descrambler 1932 receives the encrypted multiple information Ime outputted by the receiver 1931, and decrypts the encrypted multiple information Ime, and outputs multiple information Im. In Example 1, the lower layer descrambler 1932 is the PGP program started with a decryption option. Decryption is performed using the RSA cipher by the PGP program, and the result of the decryption is outputted. On the other hand, in Example 2, the multiple information Im encrypted using the MULTI2 cipher is decrypted, to obtain multiple information Im.
At step S2104, the demultiplexer 1933 separates each information unit Iu from the multiplexed information units Im and takes out the information unit Iu. In Example 1, the demultiplexer 1933 separates for each part the multipartite message obtained by multiplexing on the basis of the MIME. As a result, the text information, the image information, the voice information, and so forth which are the respective parts are separated as discrete information units Iu.
On the other hand, in Example 2, the demultiplexer 1933 separates the plurality of streams multiplexed by the MPEG-2 systems on the basis of a PID (Packet ID, a packet identifier). As a result, additional information such as an MPEG-2 video stream, an MPEG-1 audio stream, and EPG are separated as discrete information units Iu. An MPEG-2 video is standardized by ITU-T H. 262, and a MPEG-1 audio is standardized as ISO/IEC 11172-3 Standard.
At step S2105, the reproducer 1934 receives the information unit Iu outputted by the demultiplexer 1933, and produces the first reproduction information Ir1 which is reproducible information. In Example 1, when the information unit Iu is text information, for example, fonts corresponding to respective character codes are selected and listed, to generate a bitmap format as the reproduction information Ir1. When the information unit Iu is in an image information format such as JPEG (Joint Photographics Experts Group), it is expanded into the bitmap format, and the result of the expansion is outputted as reproduction information. The JPEG is standardized by ISO/IEC 10918. When the information unit Iu is voice information, it is converted into an analog voice signal by the same function as that of a digital-to-analogue (D/A) converter. And the analog voice signal is also outputted as reproduction information.
On the other hand, in Example 2, when the information unit Iu obtained at step S2104 is the MPEG-2 video stream, the MPEG-2 video is decoded, and the NTSC is outputted signal as reproduction information. When the information unit Iu is a voice stream, it is converted into an analog voice signal by D/A conversion, and the analog voice signal is outputted.
At step S2106, the presenter 1936 presents the first reproduction information Ir1 obtained at step S2105 to the user in accordance with the format of the reproduction information. In Example 1, when the reproduction information obtained at step S2105 is in the bitmap format, the presenter 1936 arranges and presents the reproduction information Ir1 on a display screen. Thus, the reproduction information Ir1 is presented to the user. When the reproduction information obtained at step S2105 is an analog voice signal, the analog voice signal is converted into sound by being sent to a speaker, and is visually presented to the user.
On the other hand, in Example 2, an NTSC signal as the reproduction information which is obtained at step S2105 is received on a display, the analog voice information is sent to a speaker, and the reproduction information is presented to the user.
At step S2107, the procedure advances to step S2108 in a case where an attempt to store information in the current transmission information It is made by presenting the intention of the user, while proceeding to step S2101 in theother case. Specific examples of a case where the intention of the user is presented include a case where it is designated while being viewed and a case where it is previously set by a timer or the like.
At step S2108, the reproduction information generated at step S2105 is stored in the storage 1935. Thereafter, the procedure advances to step S2101. Reproduction information Ir1 may be additionally stored in the storage 1935, or the information Ir1 already stored may be overwritten by the additionally stored information Ir1. Alternatively, in a case where information with an old version has already been stored in the storage 1935, the information with an old version may be replaced.
In Example 1, the reproduction information is stored and arranged in a file system. The information units Iu are arranged in the order of arrival, by sending person, and by topic, for example. On the other hand, in Example 2, the reproduction information such as images and voices is recorded on a video tape or the like. For example, additional information other than images and voices which are multiplexed in a NTSC vertical blanking period may be simultaneously stored. In a case where digital information is recorded as it is, a plurality of streams other than images and voices may be simultaneously recorded.
At step S2109, the first reproduction information Ir1 stored in the storage 1935 is outputted therefrom as the second reproduction information Ir2. In Example 1, the reproduction information Ir2 (Ir1) selected by the user out of the reproduction information Ir1 arranged and stored in the file system is outputted. On the other hand, in Example 2, images and voices are reproduced from the video tape or the like. Although the selection of the reproduction information Ir2 (Ir1) which the user desires to select may be automated by being realized as the function of the storage 1935, the user himself or herself may also select the video tape or the like and set the selected video tape in the storage 1935.
At step S2110, the presenter 1936 presents the reproduction information outputted at step S2109 to the user. Thereafter, the procedure returns to step S2101. The operation at step S2110 may be the same as that at step S2106 except that the procedure returns to step S2101.
However, as described in the above description, the conventional information transmission apparatus 1900 faces the following two main problems. The first problem is that there is a restriction on the degree of freedom to setting the resistance of a cipher against unfair decryption. In general, the higher the resistance of the cipher to unfair decryption is, the more resources such as computer resources and processing time are required for decryption processing performed by a fair decrypting method. Therefore, encryption using a cipher having necessary and sufficient resistance is required depending on secrecy required of an object to be encrypted.
For example, when an encryption higher in secrecy is required of an information unit Iu which is a part of information to be transmitted, the information unit Iu which is the part must be subjected to encryption using a cipher having higher resistance. For example, when in a weather forecast program, a weather forecast for the entire country is free and is not encrypted. However, a detailed forecast for the local area is charged, and a weather forecast custom-maid for each user is charged extra. Therefore, the detailed forecast for the local area must be subjected to an encryption higher in secrecy than the weather forecast for the entire country, and the custom-made weather forecast must be subjected to an encryption higher in secrecy than the detailed forecast for the local area.
Although in many of the ciphers, the resistance of the cipher can be theoretically adjusted by increasing the size of a key of cryptanalysis, the resistance of the cipher does not necessarily have a sufficient degree of freedom due to the restriction on hardware for decryption generally used, for example.
The second problem is that the information unit Iu must be decrypted before it is stored. In general, when charged information is sent in a media which can be accessed by all people, for example, such as broadcasting. In such a charged broadcasting, information is transmitted in an encrypted state in a transmitting unit 1910, and fees are charged at the time point where the information is decrypted in a receiving unit 1930 in many cases. This is for preventing unfair viewing of users who do not pay fees.
It is necessary for the conventional information transmission apparatus 1900 to store the reproduction information Ir which is generated by decrypting the transmission information It produced by encrypting the information unit Iu sent from the transmitting unit 1910 before the user views the information unit Iu not in real time but some time after transmission. Considered next is a case where information units Iu which may be viewed are previously stored and are later viewed.
On the other hand, a method of changing the structure of the receiving unit and storing transmission information It as it exists is also considered. In this method, when a additional information such as EPG having the same content are repeatedly sent, such information is overlapped with each other. Furthermore, the information units Iu including old and new contents are both stored regardless the version thereof, even though the newest one of them, for example, the number of survivors in a plane accident and software whose version is updated, is worthwhile. Therefore, the capacity of the storage is wasted, which is not realistic, and excess processing is required in taking out the newest information unit Iu.