Along with the development of communication techniques in recent years, various techniques for efficient packet transmission have been proposed (see Patent Reference 1, for instance). As an example of such techniques, conventionally, a digital broadcast tuner and a DVHS-based video recorder may be interconnected by a digital interface based on the IEEE 1394, in a room of a ordinary household, and Moving Picture Experts Group/Transport Stream (MPEG-TS) signals, which is defined in IEC 61883-4, are transmitted between them. In such a case, when content protection, such as Copy One Generation, is applied to a broadcast content, the content is transmitted being encrypted in order to protect the content from unauthorized copying.
As an example of a method for transmitting encrypted A/V data, such as an MPEG-TS, which is obtained by receiving digital broadcasting and selecting a channel, Digital Transmission Content Protection (DTCP) method has been defined. The DTCP is a technique for protecting contents on transmission media such as IEEE1394 and USB. The DTCP method is a method standardized by Digital Transmission Licensing Administrator (DTLA), and is described at hyperlink “http://www.dtcp.com” http://www.dtcp.com, hyperlink “http://www.dtcp.com/data/dtcp#tut.pdf” http://www.dtcp.com/data/dtcp#tut.pdf, hyperlink “http://www.dtcp.com/data/wp#spec.pdf” http://www.dtcp.com/data/wp#spec.pdf, or in “Chapter 8: Copy Protection” of a book titled “IEEE 1394; A/V Kiki-eno-ouyou” (“IEEE 1394: Application to A/V devices”), supervised by Shinji Takada, Nikkankogyo Shinbun, pp. 133 to 149.
The MPEG-TS is described. A transport stream is a collection of a number of transport packets (TS packets). A TS packet is a fixed-length packet of 188 bytes, and the length has been determined in consideration of the consistency with the cell length of ATM as well as applicability in a case where error correcting encoding, such as Reed-Solomon code, is performed. The TS packet is made up of a fixed-length packet header of 4 bytes, an adaptation field of a variable length, and a payload. In the packet header, a PID (packet identifier) and/or various flags are defined. This PID identifies the type of the TS packet.
Either one or both of the adaptation_field and the payload may be present, and their presence/absence can be identified with a flag (adaptation_field_control) in the packet header. The adaptation_field has the functions of transmitting information, e.g., PCR (Program_Clock_Reference), and stuffing within a TS packet for making the length of the TS packet a fixed length of 188 bytes.
The PCR is a timestamp of 27 MHz, and the value of the PCR is referenced in order to reproduce the reference time at the time of encoding in a STC of a decoder. For a TS of MPEG-2, the System Time Clock (STC) of a decoder has PLL synchronization function based on PCR. To stabilize the PLL synchronization operation, the interval of PCR transmission is 0.1 ms at the maximum. An MPEG PES packet containing individual streams such as video and audio is transmitted being divided into payloads for a plurality of TS packets having the same PID number. In addition, the beginning of a PES packet is configured to start at the beginning of a TS packet.
Since a transport stream can transmit a number of programs, table information is used that represents the relationship between the programs contained in the stream and program elements that make up the programs, such as video and audio streams. This table information is called Program Specific Information (PSI), and uses such a table as a Program Association Table (PAT) and a Program Map Table (PMT). The PSI in a PAT or PMT is transmitted being placed in the payload of a TS packet in units called section.
In a PAT, the PID of an PMT corresponding to a program number and the like is designated, and in the PMT, PIDs of video, audio, and additional data contained in the corresponding program as well as the PID of PCR are described, so that only TS packets that constitute a target program can be retrieved from a stream by referencing the PAT and the PMT.
Reference documents on TS include CQ Publishing CO., Ltd., TECH I Vo. 4, “Gazou & Onsei asshuku gijutsu no subete (Internet/dejitaru TV, mobairu tsuushin jidaino hissu gijutsu)” (“All about image & audio compression techniques (essential techniques for the Internet/digital TV and mobile communication era)”, supervised by Hiroshi Fujiwara, Chapter 6 “Gazou ya onseiwo tajuukasuru MPEG sisutemu (MPEG system for image/audio multiplexing)”, for example, which provides commentary on TS.
Logical hierarchy structures, exemplary processing procedures, and exemplary channel selection processing relating to PSI and/or SI are described in Miyake et al., “Dejitaru housou jushinki ni okeru senkyoku gijutsu (Channel selection techniques for digital broadcast receivers), Sanyo Electric Gihou (technical journal) Vol. 36, June 2004, 74th issue, pp. 31 through 44.
In relation to an access control method used in digital broadcasting, specifications of scrambling and relevant information as well as associated specifications of a receiver are defined in the ARIB standard, ARIB STD-B25, and the operation thereof is defined in ARIB technical materials, ARIB TR-B14 and ARIB TR-B15.
FIG. 1(a) shows an example of MPEG-TS transmission by IEEE1394 using the DTCP method. In the DTCP method, the sending side (a packet transmitting device) is called a source 901 and the receiving side (a packet receiving device) is called a sink 902, where an encrypted content, such as an MPEG-TS, is transmitted from the source 901 to the sink 902 via a network 903. FIG. 1(b) provides examples of source and sink devices as additional information.
FIG. 2 is a diagram generally illustrating a conventional packet communication unit in the DTCP method, where both a packet transmitting unit of the source 901 and a packet receiving unit of the sink 902 shown in FIG. 1 are illustrated as a packet transmitting/receiving unit. First, authentication and key exchange (abbreviated as AKE) compliant with the DTCP method are performed. Setting information for the authentication and key exchange is inputted to an AKE unit 1001, from which the information is delivered to a packetization unit 1002 in which the information is packetized with a predetermined header added thereto, and is outputted to a network 1007.
Here, the packetization unit 1002 performs packetization and transmission of inputted data in accordance with transmission parameters determined by a transmission condition setting unit 1003. On the receiving side, a signal inputted from the network 1007 is filtered by the packet receiving unit 1004 by identifying packet headers and the like, and inputted to the AKE unit 1001. This enables the AKE unit of the sending side (i.e., the source) and the AKE unit of the receiving side (i.e., the sink) to communicate messages with each other via the network 1007. Specifically, they perform authentication and key exchange in accordance with the procedure of the DTCP method.
Once authentication and key exchange succeed between the sending side (the source) and the receiving side (the sink), A/V data transmission is then performed. In the source, after an MPEG-TS signal is inputted to an encryption unit 1005 to become encrypted, the encrypted MPEG-TS signal is inputted to the packetization unit 1002, from which the signal is outputted to the network 1007. In the sink, the signal inputted from the network 1007 is filtered by the packet receiving unit 1004 by identifying packet headers and the like, and is inputted to and decoded by a decoding unit 1006, which outputs the MPEG-TS signal.
Next, using FIG. 3, the above-mentioned procedure is additionally described. It is assumed in FIG. 3 that the source and the sink are connected by IEEE1394. First, a request for content transmission occurs on the source side. Then, an encrypted content and protection mode information for the content are transmitted from the source to the sink. The sink analyzes the copy protection information of the content, determines which of a full authentication method or a limited authentication method to use, and sends an authentication request to the source. The source and the sink seek sharing of an authentication key through predetermined processing of DTCP. Then, the source encrypts an exchanged key using the authentication key and sends it to the sink, and the sink decodes the exchanged key.
To make an encryption key change over time, the source generates seed information that temporally changes, and transmits the information to the sink. The source generates an encryption key from the exchanged key and the seed information, and encrypts an MPEG-TS in the encryption unit using the encryption key, and transmits the key to the sink. The sink receives the seed information, and reconstructs a decoding key from the exchanged key and the seed information. The sink uses the decoding key to decode the encrypted MPEG-TS signal.
FIG. 4 shows an example of an IEEE1394 isochronous packet for a case where an MPEG-TS signal is transmitted in FIG. 1. This packet is composed of a 4-byte (32-bit) header, a 4-byte (32-bit) header CRC, a 224-byte data field, and a 4-byte (32-bit) trailer. Out of a CIP header and a TS signal that constitute the 224-byte data field, only the TS signal is encrypted during transmission, other data not being encrypted. Here, information specific to the DTCP method is a 2-bit Encryption Mode Indicator (EMI), which is copy protection information, and O/E (Odd/Even), which is the LSB bit of seed information, and these are transmitted being unencrypted because they are present in the 32-bit header described above.
As has been described above, an MPEG-TS signal is transmitted in accordance with the conventional DTCP method over a transmission channel defined by IEEE1394 while seeking content protection.
Patent Reference 1: Japanese Unexamined Patent Application Publication No. 2000-59463