A digital interface installed on a digital versatile disc (DVD) player or the like includes an IEEE1394 high performance serial bus performing copyright management, data encryption, and communication.
In an encryption method applied in encryption and communication, authentication is performed first between a transmitter and a receiver. Two types of authentication are formulated, namely, full authentication based on a public key encryption method and restricted authentication based on a secret key method. The restricted authentication handles two types of data (content), namely, no more copy data and copy one generation data. The full authentication handles copy never data in addition to the no more copy data and the copy one generation data. Once authentication of any type has been successfully completed, a transmitter 100 and a receiver 200 share the similar authentication key Kauth. The transmitter 100 produces an exchange key Kx on a per data type basis (such as no more copy, copy one generation, and copy never). The transmitter 100 then encrypts the exchange key Kx with the authentication key Kauth into an encryption exchange key Ksx, and then transmits the encryption exchange key Ksx to the receiver 200. Upon receiving the encryption exchange key Ksx, the receiver 200 decrypts the encryption exchange key Ksx with the shared authentication key Kauth into the original exchange key Kx. The receiver 200 has thus successfully performed the authentication process, and commonly shares the similar exchange key Kx with the transmitter 100.
The transmitter 100 prepares another public key, namely, nonce for content channel (Nc). The transmitter 100 performs a calculation process using two keys, i.e., the exchange key Kx and the public key Nc, thereby producing a content key Kc. The transmitter 100 encrypts data to be transmitted using the content key Kc (encryption key) and then transmits the encrypted data to the receiver 200. The receiver 200 produces the content key Kc using the two keys, i.e., the public key Nc and the shared exchange key Kx, and decrypts the encrypted data from the transmitter 100 using the content key Kc.
Through the encryption method described above, the receiver 200, once successfully authenticated, can check the content of the encrypted data. A receiver which has not undergone the authentication process cannot recognize the value of the content key Kc (the exchange key Kx). Even if the transmitted encrypted data has been successfully acquired, the receiver cannot decrypt the encrypted data. Unauthorized copying is thus prevented.
A similar technique is discussed in the paper entitled “High-speed Interface, Application to IEEE1394 AV Devices” authored by Shinji TAKADA, and published by Nikkan Kogyo Shimbun Ltd., January 2000, pp. 133-149.
In order to transfer data, the authentication process needs to be performed between the transmitter and the receiver using one of the full authentication and the restricted authentication. The full authentication and the restricted authentication undergo a complex calculation process, and take time. In particular, the full authentication includes an extremely complex calculation process that is based on a digital signature algorithm (DSA) and a Deffie-Hellman (DH) key exchange algorithm based on elliptic curve cryptographic technique. A long period of time is needed to perform the authentication process.
If noise is induced on an IEEE1394 bus, a bus reset can be initialized. The authentication process needs to be performed again subsequent to the bus reset. For this reason, the encrypted data cannot be decrypted on the receiver until the authentication process and key exchanging subsequent to the authentication process are completed. Data communication is thus suspended for a long period of time.