This application is based on applications No. 11-167899 and 11-167898 filed in Japan, the content of which is hereby incorporated by reference.
1. Field of the Invention
The present invention relates to cryptographic technology and in particular to a cryptographic apparatus for performing cryptography (cryptographic processing) on a specified area of data that has been transmitted, or recorded on a recording medium. Here, cryptography is a concept including both encryption and decryption, and a cryptographic apparatus is a concept encompassing both an encryption apparatus and a decryption apparatus.
2. Description of the Prior Art
Cryptography, or the art of securing data in a secret form, has come to be used increasingly in recent years to protect digital audio and video signals and the like (hereafter referred to as content data) from illegal use.
Content data containing audio, video and the like is encrypted before being transmitted or recorded onto a recording medium. This means that such data can only be used by an authorized user.
The content data may be organized in various ways, i.e in a variety of formats, which are determined by the access requirements of a particular piece of data, or other reasons. Examples of data format types are MPEG (Motion Picture Expert Group) 1 video, and Layer 1, Layer 2, and Layer 3 audio (known as MP3); MPEG2 video, AAC (Advanced Audio Coding) audio, and system streams such as TS (Transport Stream) and PS (Program Stream); MPEG4 video, audio such as AAC and TwinVQ (Transform-domain Weighted Interleave Vector Quantization) and system streams; as well as Dolby-AC3 audio and audio and video in DV format. The content data may also be in a transmission format or in one of the various formats used to record data onto CD-ROM, DVD-ROM, IC cards and the like.
When the content data is in such a format, it may be necessary to perform cryptography only on certain sections of the content data. For example, in digital broadcasting, program data for a pay-per-view program is transmitted in broadcast units known as packets. The payload section of each packet, but not the header, is encrypted. A digital broadcast receiving apparatus receives the packets for the broadcast program and decrypts the encrypted sections only, thereby enabling the pay-per-view program to be viewed.
Various encryption algorithms are used in such encryption and decryption. These include the RSA (Rivest, Shamir Adleman) encryption algorithm, the DES (Data Encryption Standard) encryption algorithm and the FEAL (Fast Data Encipherment Algorithm) encryption algorithm. The DES encryption algorithm can be further divided into a plurality of algorithms in modes such as ECB (electronic codebook) mode, OFB (output feedback) mode and CBC (cipher block chaining) mode, which differ according to the application of the basic algorithm.
The following is an explanation of an example showing how cryptography is performed on content data.
FIGS. 1A to 1C show methods of performing cryptography on content data.
In FIG. 1A, content data is formed from packets of a fixed length and the sections on which cryptography is to be performed are shaded diagonally. A conventional cryptographic apparatus performing cryptography on content data with fixed- length packets detects a preset sync pattern, shown by the black areas in FIG. 1A, and performs cryptography on a section of a preset length starting from, but not including, the preset sync pattern.
In FIG. 1B, content data is formed from variable-length packets, and the sections on which cryptography is to be performed are shaded diagonally. A conventional cryptographic apparatus performing cryptography on content data with variable-length packets detects a preset sync pattern, shown by the black areas in FIG. 1B, detects the length of the packet by extracting a packet length code positioned a preset distance away from the sync pattern, and performs cryptography on a section having a length determined based on the packet length.
FIG. 1C shows a situation in which cryptography is repeatedly performed for a constant period on content data. A conventional cryptographic apparatus performing repeated cryptography in a constant cycle on content data performs cryptography on sections of a same length, shown by the contrasting shaded lines in FIG. 1C, using a preset encryption algorithm.
When many types of cryptography have been used, as when audio and video content data is encrypted and recorded on a recording medium, it is desirable that the content data be played back at high speed by randomly accessing an arbitrary point on the recording medium. To achieve this, encryption is implemented in a predetermined way on each basic data unit in the content data to be accessed at random, so that areas including management data for random access are not encrypted, but other areas are encrypted. The encryption algorithm used for encryption is also predetermined. The size of the basic data unit used for random access may also vary according to the type of recording medium used.
Therefore, conventional cryptographic apparatuses perform cryptography on content data according to a method in which the sections of the content data on which cryptography is to be performed and the encryption algorithm that is to be used are predetermined according to the format of the content data and other such conditions.
Conventionally, a paired encryption apparatus and decryption apparatus implement encryption and decryption according to predetermined corresponding methods. In other words, content data that has been encrypted by a conventional encryption apparatus using a fixed method is transmitted via a communications path, or conveyed recorded on a recording medium, and this transmitted or recorded content data is then decrypted by a conventional decryption apparatus using a corresponding decryption method.
This kind of conventional cryptographic apparatus has the following problems.
1. As mentioned above, content data comes in various formats, and it is likely that new transmission formats and new types of recording medium, along with content data with a new kind of data construction, will appear in the future. However, a conventional cryptographic apparatus performs cryptography according to a predetermined method, so that the content data which can be processed by such a cryptographic apparatus is limited, and it is not universally applicable.
2. Content data encrypted by an encryption apparatus using a certain method can only be decrypted using a specific decryption apparatus that has been constructed to implement decryption according to a corresponding method.