1. Field of the Invention
The present invention relates to an encryption processing system used in a system (digital audio interactive system) for distributing software such as video authored works, etc. via a communication in response to a request from a client and intended to encrypt the software by specified keys.
2. Description of the Related Art
In recent years, there have been proposed services for distributing digitally software (which includes audio data, video data, etc. and is hereinafter referred to as xe2x80x9cdataxe2x80x9d) to individual houses, etc. against the background of architectures of a cable TV system and of a communication system using a communication satellite. This service system is a digital audio interactive system known as a video-on-demand system. In this digital audio interactive system, a service provider and a user communicate with each other via a telephone line or the like. Then, the service provider distributes, to a user, the data having a content requested by the user at a time designated by this user. At the same time, the service provider imposes a royalty on this set of data on the user through a credit card company or the like and returns a part of the royalty to a content provider.
What is important in terms of spreading the digital audio interactive system is that a server, a network and terminals be constructed as an infrastructure at low costs and that a great deal of data provided to the users through the infrastructure be prepared. That is, the data and the infrastructure function as the wheels of a making both indispensable to provide an environment wherein the data are easy to get transfer. For this purpose, the infrastructure has to incorporate a mechanism wherein the data provider can count on profits from providing the contents and there is no possibility of undergoing an unexpected damage due to providing the contents. Note that the above mechanism must be prepared irrespective of types (a broadband cable network, a satellite system, a mobile communication, an optical media package, etc.) of supply media intervening between the data providers and the users.
With such a standpoint, in a conventional system, the data have been encrypted during a distribution thereof so that the data are not intercepted and illegally used (reproduced) by a non-rightful third party (who does not pay the royalty of the data) during the distribution. An encryption processing method according to the conventional system will be explained with reference to FIG. 6.
Referring to FIG. 6, a first encryption circuit 103 in a service provider (which is defined as a system on the side of the service provider, and the following is the same as above) encrypts data in a packet format with only one key (Ks) and distributes the data to a service client (which is defined as a system on the user""s side, and the following is the same as above) via a transport layer transmission path. A first decryption circuit 106 of the service client receiving this item of encrypted data decrypts the data with the key (Ks) used for the encryption in the first encryption circuit 103. Thus, algorithms for encrypting and decrypting the data in the conventional system are based on one-stage system using one-key (Ks) and therefore feeble. It is consequently required that the key (Ks) be frequently changed to prevent the key (Ks) from being decoded. It is also required that a cipher synchronous signal be transmitted for an immediate restoration from an error and a disconnection of the communication path.
In the conventional system, for satisfying this condition, as illustrated in FIG. 6, the service provider is equipped with a random-number generator 100, a master key (K1) 101 and a second encryption circuit 102, while the service client is equipped with a master key (K1) 104 and a second decryption circuit 105. This random-number generator 100 continuously generates a random-number sequence at all times. Then, this random-number sequence is clipped out at intervals of several seconds on a key block unit (a predetermined number of digits for the key) and inputted as a key (Ks) updated at the intervals of several seconds to the first encryption circuit 103. The thus updated key (Ks) must be distributed also to the service client, and, therefore, the second encryption circuit 102 encrypts the key (Ks) clipped out of the random-number generator 100 with the master key (K1) 101 and distributes the encrypted key to the service client by making use of a part (session layer) of a packet of the transport layer allocated to a user. The second decryption circuit 105 of the service client decrypts the encrypted key (Ks) by use of the master key (K1) and inputs the thus decrypted key to the first decryption circuit 106.
Then, the first encryption circuit 103 and the first decryption circuit 106 are reset themselves each time a new key (Ks) is inputted and thus take synchronism. These circuits 103, 106 then encrypt and decrypt the data thereafter by the new key (Ks). Note that the master keys (K1) 101, 104 are fixed keys previously prepared as the same data both in the service provider and in the service client. According to the conventional data encryption processing method, the change of key and the cipher synchronizing process are thus conducted.
In the conventional encryption processing system described since the new key (Ks) has to be distributed or provided from the service provider to the service client at the intervals of several seconds as a result, a large amount of packets for key distribution other than an addition to the packets used for the data distribution must be transmitted. As a result, there remarkably declines an data transfer efficiency between the service provider and the service client.
It is a first object of the present invention to provide an encryption processing system capable of reducing the necessity for frequently changing a key by enhancing an encryption algorithm and improving a data transfer efficiency between a service provider and a service client.
Further, it is a second object of the present invention to provide an encryption processing system capable of making it difficult to decode the data by converting the data having the same content into encrypted data having a different content depending on a generation time, wherein program clock reference in a packet header used for a data transfer is used as an initial value for the encryption.
According to a first aspect of the present invention, the above first object is accomplished between a service provider and a service client. More specifically, that is an encryption processing system for encrypting data distributed between a service provider for providing the data and a service client for receiving the data. This service provider comprises a key generating element for generating two keys on the basis of random numbers, a first encrypting element for encrypting the data with the two keys generated by the key generating element, a data distributing element for distributing the data encrypted by the first encrypting element to the service client, a second encrypting element for encrypting the two keys with master keys having specified contents and a key distributing element for distributing the two keys encrypted by the second encrypting element to the service client. On the other hand, the service client comprises a first decrypting element for decrypting the two encrypted keys distributed by the key distributing element with the master keys having the specified contents and a second decrypting element for decrypting the encrypted data distributed by the data distributing element with the two keys decrypted by the first decrypting element.
According to a second aspect of the present invention, the above first and second objects are accomplished on the side of the service provider. More specifically, that is an encryption processing system in a service provider for distributing data stored in a packet to a service client. This system comprises a key generating element for generating first and second keys on the basis of random numbers, a first encryption circuit encrypting input data with the first key, an extracting element extracting time information from a header of the packet and inputting this item of time information to the first encryption circuit as an initial value of the input data, a second encryption circuit encrypting a value of result of the encryption by the first encryption circuit with the second key and inputting a value of result of this encryption to the first encryption circuit as the input data and an exclusive OR circuit outputting an exclusive OR of the data stored in the packet and the value of result of the encryption by the second encryption circuit.
According to a third aspect of the present invention, the above first and second objects are accomplished between the service provider and the service client. More specifically, that is an encryption processing system for encrypting data distributed while being stored in a packet between a service provider for providing the data and a service client for receiving the data. This service provider comprises a key generating element for generating first and second keys on the basis of random numbers, a key distributing element for distributing the first and second keys to the service client, a first encryption circuit encrypting input data with the first key, a first extracting element for extracting time information from a header of the packet and inputting this item of time information to the first encryption circuit as initial values of the input data, a second encryption circuit encrypting a value of result of the encryption by the first encryption circuit with the second key and inputting a value of result of this encryption to the first encryption circuit as the input data, a first exclusive OR circuit outputting an exclusive OR of the data stored in the packet and the value of result of the encryption by the second encryption circuit and a data distributing element for distributing the packet stored with the data outputted from the exclusive OR circuit to the service client. On the other hand, the service client comprises a third encryption circuit encrypting the input data with the first key distributed by the key distributing element, a second extracting element for extracting the time information from the header of the packet and inputting this item of time information to the third encryption circuit as initial values of the input data, a fourth encryption circuit encrypting a value of result of the encryption by the third encryption circuit with the second key distributed by the key distributing element and inputting a value of result of this encryption to the third encryption circuit as the input data and a second exclusive OR circuit outputting an exclusive OR of the data stored in the packet and a value of result of the encryption by the fourth encryption circuit.
According to the first aspect of the present invention, in the service provider, the key generating element generates the two keys on the basis of the random numbers. The first encrypting element executes a predetermined encryption algorithm on input data on the basis of the two keys generated by this key generating element, thereby encrypting the data. Further, the second encrypting element encrypts these two keys with the master keys having specified contents. After the above processes, the data distributing element distributes the data encrypted by the first encrypting element to the service client, and the key distributing element distributes the two keys encrypted by the second encrypting element to the service client. On the other hand, in the service client, the first decrypting element decrypts the two encrypted keys distributed by the key distributing element by use of the master keys having the specified contents. The second decrypting element executes the decryption algorithm corresponding to the above encryption algorithm on the encrypted data distributed by the distributing element on the basis of the two keys decrypted by the first decrypting element, thereby decrypting the encrypted data. Thus, the encryption is carried out by use of the two keys, and a degree of the encryption is thereby enforced.
According to the second aspect of the present invention, the key generating element generates the first and second keys on the basis of the random numbers. The first encryption circuit encrypts the input data with the first key. Initial values of this item of input data are time information extracted by the extracting element from the header of the packet. After completing the encryption of the initial values, a result of the encryption by the second encryption circuit turns out the input data for the first encryption circuit. This second encryption circuit encrypts a value of result of the encryption by the first encryption circuit with the second key. The exclusive OR circuit outputs an exclusive OR of the data stored in the packet and the value of result of the encryption by the second encryption circuit. Thus, in this encryption processing system, the first and second keys and the time information are employed for the encryption. The degree of the encryption is therefore enhanced, correspondingly. Besides, since the time information is used, even if the first and second keys are fixed for a short while, the data with the same contents can be converted into the encrypted data with different contents, and hence the third part correspondingly becomes harder to decode.
According to the second aspect of the present invention, the packet may contain the storage position information about the storage positions of the data stored in the packet, and the system may further comprise an encryption control circuit performing the control to enable the first and second encryption circuits to encrypt only when the data are inputted to the exclusive OR circuit on the basis of this item of storage position data. If done in this way, the data exclusive of the data storage part of the packet may remain intactly in the form of the plain text. Accordingly, the service client is capable of reading the time information from this plain text and decrypting the data.
According to the second aspect of the present invention, the system further comprises an initializing element for initializing the statuses of the first and second encryption circuits by detecting the time information from the packet. If done in this way, the service client is capable of autonomically taking the encryption synchronism by detecting this item of time information without taking trouble to transmit a special synchronous signal to the service client.
According to the third aspect of the present invention, in the service provider, the key generating element generates the first and second keys on the basis of the random numbers. The key distributing element distributes the first and second keys to the service client. Further, the first encryption circuit encrypts the input data with the first key. Initial values of this item of input data are time information extracted by the first extracting element from the header of the packet. After completing the encryption of the initial values, a result of the encryption by the second encryption circuit turns out the input data for the first encryption circuit. This second encryption circuit encrypts a value of result of the encryption by the first encryption circuit with the second key. The first exclusive OR circuit outputs an exclusive OR of the data stored in the packet and the value of result of the encryption by the second encryption circuit. The distributing element distributes the packet stored with the thus encrypted data to the service client.
On the other hand, in the service client, the third encryption circuit encrypts the input data with the first key distributed by the key distributing element. Initial values of this item of input data are time information extracted by the second extracting element from the header of the packet. After completing the encryption of the initial values, a result of the encryption by the fourth encryption circuit turns out to be the input data for the third encyption circuit. This fourth encryption circuit encrypts a value of result of the encryption by the third encryption circuit. The second exclusive OR circuit outputs an exclusive OR of the data stored in the packet and the value of result of the encryption by the fourth encryption circuit. Thus, in this encryption processing system, the first and second keys and the time information are used for the encryption. Therefore, the degree of the encryption is enhanced, correspondingly. Besides, since the time information are employed, even when the first and second keys are fixed for a short while, the data having the same contents can be converted into the encrypted data having different contents, and, therefore, the third party correspondingly becomes harder to decode.