JP2010119034A - Receiving apparatus, receiving method and program - Google Patents

Abstract

【Task】
Provided are a receiving device, a receiving method, and a program that can receive encrypted information and efficiently decrypt the information.
[Solution]
When the same viewing program continues to be viewed by the user for a predetermined period (for example, 10 seconds), the encryption / decryption processor 422 does not extract or set the work key Kw (does not perform ST804 to ST807 shown in FIG. 8). The encryption / decryption processor 422 generates the content key Ks by decrypting the ECM 5 using the work key Kw already stored in the key storage register 431 of the encryption / decryption processor 422, and uses the content key Ks. Thus, the encrypted video or audio stream is decrypted. As a result, it is possible to efficiently use the encryption / decryption processor 422 to reduce the load on the encryption / decryption processor 422 and to efficiently decrypt the encrypted broadcast data.
[Selection] Figure 8

Description

  The present invention relates to a receiving apparatus, a receiving method, and a program for receiving encrypted data.

  Conventionally, in IP (Internet Protocol) broadcasting, a receiving apparatus receives an ECM (Entiment Control Message) together with broadcast data from a broadcast server. This broadcast data includes, for example, a stream of video and audio. This broadcast data is encrypted with the content key Ks. The ECM is obtained by encrypting the content key Ks and the like with the work key Kw. That is, the work key Kw is required to decrypt the content key Ks.

  In IP broadcasting, the receiving device receives a license from a license server. In IP broadcasting, for example, a license exists for each program. The license includes various types of information (for example, work key Kw) based on a contract made between the user and the broadcaster.

  That is, the receiving device decrypts the ECM received from the broadcast server using the work key Kw in the license received from the license server, acquires the content key Ks, and uses the acquired content key Ks from the broadcast server. The received encrypted broadcast program data is decrypted.

  The license includes two types of keys: a work key Kw (odd) and a work key Kw (even). For example, the work key Kw (odd) is a key for decrypting the current ECM (for example, the ECM related to the program that the user is currently viewing). The work key Kw (even) is a key for decrypting the next ECM (the ECM related to the program that the user intends to view next). By alternately using these keys, the key for encrypting (decrypting) the ECM can be changed.

In normal operation, for example, the license is updated about once a month, and the ECM is updated once every 10 seconds. Thus, there is a large difference in update timing. (For example, refer to Patent Document 1).
JP 2006-148416 A (paragraph [0063], FIG. 1)

  However, in conventional terrestrial digital broadcasting and the like, it is necessary to decrypt the content key Ks from the ECM using an IC card. That is, it is necessary to register the work key Kw in the IC card from an EMM (Entitlement Management Message) corresponding to the license, and to decrypt the content key Ks from the ECM using the registered work key Kw. The receiving device and the IC card are independent, and it is not known when and which work key Kw is used in the IC card. For this reason, it is necessary to instruct from the outside which work key Kw is used when decrypting the ECM.

  In addition, in the processor that performs encryption / decryption of the receiving apparatus, setting the key every time is a process that requires much overhead. For example, even in the processing of an encryption processor, the process of setting a key (registering a key, performing pre-calculation inside, and generating an expanded key) is a process that accounts for a large proportion of encryption / decryption processes. .

  Usually, a cryptographic processor exists in order to perform cryptographic processing at a high speed, and once a key is set, it has a configuration suitable for performing a large amount of data encryption / decryption processing at high speed. For this reason, if the key to be set is changed each time or the encryption / decryption processing data is small, the encryption-dedicated processor cannot be used. That is, in general, the encryption processing time is shorter when the encryption processing is performed by the encryption dedicated processor than when the encryption processing is performed by the general-purpose CPU (Central Processing Unit). However, when the key changes each time or when the encryption / decryption processing data is small, the processing time is longer when the encryption dedicated processor is used than when the encryption processing is performed by the general-purpose CPU.

  Conventionally, the independence of IC cards has been enhanced due to the characteristics of commonly used IC cards. Further, the work key Kw itself may be changed. For these reasons, the encryption / decryption processor always obtains the work key Kw at the time of ECM decryption and sets it as the key of the encryption / decryption processor before performing ECM decryption.

  Therefore, even when the ECM is decrypted with the same work key Kw almost every time, the work key Kw is obtained and set as the key of the encryption / decryption processor every time. For this reason, overhead is applied to the encryption / decryption processor every time, and the processing time of the encryption / decryption processor is long.

  In view of the circumstances as described above, an object of the present invention is to provide a receiving apparatus, a receiving method, and a program that can receive encrypted information and efficiently decrypt the information.

In order to solve the above problems, a receiving apparatus of the present invention includes a first acquisition unit, a first storage unit, a second acquisition unit, a second storage unit, a third acquisition unit, A third storage unit, a retrieval unit, a key storage unit, a fourth storage unit, a determination unit, and a decryption unit;
The first acquisition means decrypts an encrypted first key obtained by encrypting a first key for decrypting the content for each encrypted content distributed from the first server. The first control information including the second key, identification information for identifying the second key, and the content viewing permission / inhibition information is acquired through the network in the first period. The first storage unit stores first control information acquired by the first acquisition unit. The second acquisition unit acquires the encrypted content from the first server through the network. The second storage unit stores the acquired content. The third acquisition means includes an encrypted first key obtained by encrypting a first key for decrypting the obtained content, and a second key for decrypting the encrypted first key. Second control information including identification information for identification is acquired from the second server through the network in a second period shorter than the first period. The third storage unit stores the acquired second control information. The extracting means compares the first control information for each content stored in the first storage unit with the second control information stored in the third storage unit, and the identification information is obtained. The second key and the viewing permission / inhibition information included in the first control information corresponding to the matching content are extracted. The key storage unit stores the extracted second key. The fourth storage unit stores the extracted viewing availability information. Each time the determination means acquires the second control information by the third acquisition means, the determination means is stored in the second storage section based on the viewing permission / inhibition information stored in the fourth storage section. It is determined whether or not the content can be viewed. The decryption means decrypts the encrypted first key by using the second key stored in the key storage unit when the determination means determines that viewing is possible, and decrypts the encrypted first key. The encrypted content is decrypted with the first key.

  In the present invention, the decrypting means decrypts the encrypted first key using the second key stored in the key storage unit when the judging means determines that viewing is possible. The encrypted content is decrypted with the decrypted first key. That is, it is possible to prevent the second key from being extracted and stored in the key storage unit of the extracted second key every time before the encrypted first key is decrypted by the decryption means. As a result, the load on the receiving device can be reduced, and encrypted information can be received and decrypted efficiently.

  The determination unit may determine whether or not the other content can be viewed when another content different from the content is selected by the user. Thereby, when other content is selected by the user, it is possible to reduce the load on the receiving device and efficiently decrypt the encrypted information.

  The apparatus further comprises second determining means for determining whether or not the encrypted first key has been normally decrypted by the decrypting means, and the second key when the encrypted first key is not decrypted normally. A new key different from the key may be taken out by the taking-out means and stored in the key storage unit. Thereby, even when the encrypted first key is not normally decrypted, a new key can be set as a key for extracting the encrypted first key by the extracting means.

  The receiving method according to the present invention is a first method for decrypting an encrypted first key obtained by encrypting a first key for decrypting the content for each encrypted content distributed from a first server. The first control information including the second key, the identification information for identifying the second key, and the content viewing permission / inhibition information includes being acquired through the network in the first period. The acquired first control information is stored. The encrypted content is acquired from the first server through the network. The acquired content is stored. An encrypted first key obtained by encrypting a first key for decrypting the acquired content, and identification information for identifying a second key for decrypting the encrypted first key. The included second control information is acquired from the second server through the network in a second cycle shorter than the first cycle. The acquired second control information is stored. The first control information for each of the stored contents is compared with the stored second control information, and the first control information included in the first control information corresponding to the content with the matching identification information is included. The key 2 and the viewing permission / inhibition information are extracted. The extracted second key is stored. The extracted viewing availability information is stored. Each time the second control information is acquired, it is determined whether the stored content is viewable based on the stored viewability information. When it is determined that viewing is possible, the encrypted first key is decrypted using the stored second key, and the encrypted content is decrypted by the decrypted first key. Is decrypted.

  A program according to the present invention decrypts an encrypted first key obtained by encrypting a first key for decrypting the content for each encrypted content distributed from a first server. The first control information including the identification key for identifying the second key, the identification information for identifying the second key, and the content viewing permission / inhibition information is acquired through the network in the first period, and the acquired first Control information is stored, the encrypted content is acquired from the first server through the network, the acquired content is stored, and a first key for decrypting the acquired content is encrypted Second control information including the encrypted first key and identification information for identifying the second key for decrypting the encrypted first key is shorter than the first period. Second sir in period And acquiring the acquired second control information from the network, comparing the stored first control information with the stored second control information for each of the contents, and identifying the identification information. The second key and the viewing availability information included in the first control information corresponding to the content with the matching information are extracted, the extracted second key is stored, and the extracted viewing Whenever the availability information is stored and the second control information is acquired, it is determined whether or not the stored content can be viewed based on the stored viewing availability information, and the viewing is possible. When it is determined, the encrypted content is decrypted using the stored second key, and the encrypted content is decrypted using the decrypted first key. Causing a computer to operate as.

  As described above, according to the present invention, encrypted information can be received and efficiently decrypted.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
[Reception system configuration]
FIG. 1 is a diagram showing a configuration of a receiving system according to an embodiment of the present invention.
As shown in the figure, the receiving system 1 includes a broadcast server 2, a license server 3, and a receiving device 4. The broadcast server 2, the license server 3, and the receiving device 4 are connected via a network including the Internet, for example.

  The broadcast server 2 distributes broadcast data, a program table, and an ECM (Entitlement Control Message) 5 to the receiving device 4. Broadcast data, a program table, and ECM 5 are distributed as a set for each program, for example. The broadcast data, the program table, and the ECM 5 are encrypted with a predetermined encryption method (for example, AES: Advanced Encryption Standard). For example, the ECM 5 is distributed from the broadcast server 2 to the receiving device 4 at a predetermined cycle (for example, 10 seconds). In addition, this predetermined period is not specifically limited, For example, it is good also as shorter several seconds.

  Broadcast data includes streams such as video and audio. The encrypted video or audio stream is decrypted with a content key Ks as a first key, for example.

  The program table includes a plurality of PIDs (Packet Identification). PID is 13-bit stream identification information added to the head of a TS packet to be distributed, and is a packet identifier representing what kind of data the TS packet contains.

  The ECM 5 includes an encrypted content key Ks and the like. The license server 3 distributes the license 6 including the contract information between the user and the broadcaster to the receiving device 4 at a predetermined period (for example, one month). The predetermined period is not particularly limited, and the license server 3 may distribute the license 6 to the receiving device 4 when, for example, a contract is updated between the user and the broadcaster. The license 6 includes a work key Kw as a second key for decrypting the ECM 5 (the encrypted content key Ks therein).

  Work for decoding ECM 5 distributed to receiving device 4 at a predetermined cycle (for example, 10 seconds) as long as the user is watching the same program or as long as the user is watching a program that can be viewed with the same license The key Kw is not changed.

[Configuration of Receiving Device 4]
FIG. 2 is a diagram illustrating a detailed configuration of hardware of the receiving device 4.
As shown in the figure, a CPU 401 is connected to a CPU 401 via a system bus 402, a ROM (Read Only Memory) 403, a RAM (Random Access Memory) 404, an input operation unit 405, an AV interface 406, a display unit 407, and a network connection. A storage unit 412 including a unit 408, a decoding unit 409, a broadcast receiving unit 411, a hard disk drive (HDD), a media interface unit 413, a flash ROM 414, an optical communication unit 415, an encryption / decryption processor unit 420, and the like are connected. . The encryption / decryption processor unit 420 may be included in the CPU 401.

  The ROM 403 and the flash ROM 414 store programs executed by the CPU 401 and various data. The flash ROM 414 can store various data. The RAM 404 is used as a temporary work area for the CPU 401 and an area for temporarily storing data.

  The input operation unit 405 includes various keys and processes commands input for various operations from the user. A command input from the input operation unit 405 is sent to the CPU 401 through the system bus 402.

  The optical communication unit 415 is an interface that performs communication with the remote controller 105. Similar to the input operation unit 405, the remote controller 105 includes various keys and the like, processes input of commands for various operations from the user, converts them into optical signals, and transmits them. The optical communication unit 415 receives the optical signal transmitted from the remote controller 105, converts it into an electrical signal, and outputs it to the CPU 401 through the system bus 402.

  The display unit 407 includes, for example, a display device such as an LCD (Liquid Crystal Display) and a display control circuit that drives the display device. For example, the display unit 407 displays commands and data input from the user, various statuses, and the like. .

  The network connection unit 408 is an interface that processes connection with the network 101 such as the Internet or a home network connected to the Internet via a router.

  The AV interface 406 processes input / output of video signals and audio signals to / from an external AV device 104 such as a television connected to the receiving device 4.

  The broadcast receiving unit 411 receives broadcast waves from the broadcast station 200 such as terrestrial analog television broadcast, terrestrial digital television broadcast, CS digital broadcast, BS digital broadcast, and terrestrial digital television broadcast for portable devices, and receives video signals and Demodulate the audio signal.

  The decoding unit 409 decodes program data compressed and encoded for transmission and recording. Video data, audio data, and the like restored by the decoding by the decoding unit 409 are output to the external AV device 104 such as a television through the AV interface 406.

  The storage unit 412 is made of, for example, an HDD, and stores broadcast data encrypted by a predetermined encryption method distributed from the broadcast server 2 and data such as the license 6 distributed from the ECM 5 or the license server 3.

  For example, a removable medium 102 such as a DVD (Digital Versatile Disc), a Blu-ray (registered trademark) disk, or a flash memory can be attached to and detached from the media interface unit 413. The media interface unit 413 is an interface that can write and read program data to and from the attached removable medium 102. The media interface unit 413 corresponds to the disc reading unit 10, for example.

[Configuration of Cryptographic Processing System of Receiving Device 4]
FIG. 3 is a diagram showing the configuration of the cryptographic processing system 4 ′ of the receiving device 4.
As shown in the figure, the cryptographic processing system 4 ′ of the receiving device 4 includes a CPU 401, a storage unit 412, and an encryption / decryption processor unit 420. The encryption / decryption processor unit 420 includes a plurality of encryption / decryption processors (descramblers) 421, 422,... 42N having different functions. The CPU 401 is connected via the system bus 12 to encryption / decryption processors (descramblers) 421, 422,.

  The encryption / decryption processor (descrambler) 421 and the like execute a decryption process for decrypting broadcast data encrypted by a predetermined encryption method. Specifically, the encryption / decryption processor 421 decrypts broadcast data encrypted by a predetermined encryption method using the content key Ks. The content key Ks is a key for decrypting the encrypted broadcast data received from the broadcast server 2.

  The encryption / decryption processor 422 uses the work key Kw to decrypt the ECM 5 in which the content key Ks and the like are encrypted by a predetermined encryption method. The work key Kw is a key for decrypting the encrypted content key Ks included in the ECM 5.

FIG. 4 is a diagram showing a configuration of the encryption / decryption processor 422 shown in FIG.
The encryption / decryption processor 422 includes a key storage register 431 as a key storage unit, an encrypted data memory 432, and an encryption processing function unit 433, as shown in FIG.

  The encryption / decryption processor 422 sets (stores) the work key Kw in the license 6 distributed from the license server 3 in the key storage register 431 at a predetermined cycle (for example, one month). The encryption / decryption processor 422 sequentially sets (stores) the ECM 5 distributed from the broadcast server 2 in the encryption data memory 432 at a predetermined cycle (for example, 10 seconds). When the work key Kw is set in the key storage register 431 and the ECM 5 is set in the encryption data memory 432, the encryption / decryption processor 422 converts the work key Kw into the actual encryption / decryption (for example, AES) Etc.) to the extended key format used. In this way, the cryptographic processing function unit 433 generates the content key Ks.

[Data structure of ECM5]
FIG. 5 shows the data structure of the ECM 5 shown in FIG.
As shown in the figure, the ECM 5 as the second control information includes “work key ID”, “content key (odd / even) Ks”, “tier bit (viewable program) TB”, “current time”, Information such as “output control information” and “enterprise ID” is included. The ECM 5 includes, for example, “work ID”, “content key (odd / even) Ks”, “tier bit (viewable program) TB”, “current time”, “output control information”, which are different for each program (content). It includes information such as “business ID”.

  The “work key ID” is an identification ID (identification information) for identifying the work key Kw. The “content key Ks”, “tier bit TB”, “current time”, “output control information”, “enterprise ID”, and the like are encrypted with the work key Kw.

  The “content key Ks” includes two types of keys, “content key Ks (odd)” and “content key Ks (even)”. For example, the “content key Ks (odd)” is a key for decrypting the current encrypted video or audio stream (the video or audio stream of the program that the user is currently viewing). The “content key Ks (even)” is a key for decoding the next video or audio stream (the video or audio stream of the program that the user wants to view next). By alternately using these keys, the key for encrypting and decrypting the content can be changed.

  The “tier bit TB” includes information indicating whether or not the program (data) included in the broadcast data received by the receiving device 4 is viewable. “Current time” is information of the current time. “Output control information” includes information for controlling the output of a program (data). The “operator ID” is an identification ID for identifying the broadcaster.

[License data structure]
FIG. 6 is a diagram showing a data structure of the license 6 shown in FIG.
As shown in the figure, the license 6 as the first control information includes “work key ID”, “work key Kw”, “tier bit TB (viewable program)”, “expiration date”, “update control information”. ”And“ operator ID ”are included for each different“ work key ID ”.

  The “work key ID” is an ID that associates the ECM 5 shown in FIG. 5 with the license 6 shown in FIG. 6 for each program (content). Specifically, the “work key ID” is “1” to “N”.

  The “work key Kw” is a key for encrypting / decrypting the content key Ks. Specifically, when the “work key ID” is “1”, the “work key Kw” includes two types of keys: “work key Kw1 (odd)” and “work key Kw1 (even)”. The “work key Kw1 (odd)” is a key for decrypting the current ECM 5 (for example, the ECM related to the program that the user is currently viewing). The “work key Kw1 (even)” is a key for decrypting the next ECM (for example, the ECM related to the program that the user intends to view next). By alternately using these keys, the key for encrypting and decrypting the ECM can be changed. Similarly, when the “work key ID” is “N”, the “work key Kw” includes two types of keys, “work key KwN (odd)” and “work key KwN (even)”. “Work key KwN (odd)” is a key for decrypting the current ECM 5, and “Work key KwN (even)” is a key for decrypting the next ECM.

  The “expiration date” is information indicating the expiration date of the “work key ID”. Specifically, when the “work key ID” is “1”, the “expiration date” is “January 25, 2008”, and when the “work key ID” is “N”, the “expiration date”. Is “February 25, 2010”.

  “Update control information” is information relating to copy control for a program. “Update control information” includes, for example, information indicating whether a program is not copyable or copyable (the number of times that copying is possible). Specifically, when the “work key ID” is “1”, the “update control information” is “not copyable”, and when the “work key ID” is “N”, the “update control information” is “One copy allowed”. “No copy” indicates that the program cannot be copied to the storage unit, and “one copy allowed” indicates that the program can be copied once to the storage unit. The “update control information” includes “copy not allowed” and “copy once possible” as well as “copy n times allowed” (n: integer of 2 or more).

  The “business operator ID” is an identification ID for identifying a business operator that distributes broadcast data. Specifically, when the “work key ID” is “1”, the “provider ID” is “0001”, and when the “work key ID” is “N”, the “provider ID” is “ 000N ".

  The “tier bit TB (viewable program)” is 32-bit information indicating whether or not a program (data) included in the broadcast data received by the receiving device 4 is viewable. In FIG. 6, 10 bits out of 32 bits are illustrated for easy understanding. Specifically, when the “work key ID” is “1”, the “tier bit TB” is “11110101101”, and when the “work key ID” is “N”, the “tier bit TB” is “1110101010”. Is.

FIG. 7 is a diagram for explaining the tier bit TB shown in FIG. 6 in detail.
Each bit of “tier bit TB” indicates “viewability information” indicating whether the programs “program 1” to “program 10” are viewable. Specifically, the rightmost bit in the bit string of “tier bit TB” corresponds to “viewability information” of “program 10”, and the leftmost bit in the bit string of “program 1” is “viewability information”. ". In the present embodiment, the rightmost bit in the bit string of the tier bit TB is associated with “program 10” and the leftmost bit is associated with “program 1”, but conversely, the program is associated. May be.

  In FIG. 7, when the “work key ID” is “1”, the “tier bit TB” is “11110101101”, and when the “work key ID” is “N”, the “tier bit TB” is “1110101010”. Is. When the “work key ID” is “1”, the bit corresponding to “program 1” is “1”, which indicates that “program 1 is viewable”. When the bit corresponding to “program 1” is “0”, it indicates that “program 1 is not viewable”. The same applies to the other bits.

  In FIG. 7, “program 1” to “program 3” are both viewed with “tier bit TB” having “work key ID” “1” and “tier bit TB” having “work key ID” “N”. Indicates that it is possible. Further, “tier bit TB” having “work key ID” “1” indicates that “program 4” can be viewed, and “tier bit TB” having “work key ID” “N” is “program 4”. "Indicates that viewing is not possible.

[Program selection (start)-viewing]
Next, a decoding operation of the receiving device 4 when a program is selected by a user using a remote controller (not shown) and viewing of the selected program is started will be described.

FIG. 8 is a flowchart showing a decoding operation at the start of program viewing in the receiving device 4.
CPU 401 acquires the above-described program table distributed from broadcast server 2 and stores it in storage unit 412 (ST801). The program table is acquired together with the broadcast data and the ECM 5 and stored in the storage unit 412.

  CPU 401 extracts the PID related to ECM 5 from this program table (ST802).

  CPU 401 extracts ECM 5 shown in FIG. 5 based on PID relating to ECM 5 and stores it in storage section 412 (ST803).

  The CPU 401 extracts the “work key ID” from the ECM 5 shown in FIG. 5 and stores it in the storage unit 412 (ST804).

  The CPU 401 compares the “work key ID” extracted in ST804 with the “work key ID” shown in FIG. 6, and the “work key Kw” included in the license corresponding to the program with the matching “work key ID” and “Tearbit TB (viewable program)” is extracted (ST805). Specifically, when the “work key ID” shown in FIG. 5 is “1”, this “1” is compared with the “work key ID” shown in FIG. The “work key Kw” (“Kw1 (odd / even)”) and “tier bit TB (viewable program)” (“11110101101”) included in the corresponding license are extracted. The license 6 is distributed from the license server 3 to the receiving device 4 on a regular basis (every month) and stored in the storage unit 412, for example.

  CPU 401 stores “work key ID” and “tier bit TB” extracted in ST805 in storage unit 412 (ST806).

  CPU 401 (encryption / decryption processor (descrambler) 422) sets (stores) “work key Kw” in key storage register 431 in encryption / decryption processor 422 shown in FIG. 4 (ST807). Note that ST806 and ST807 may be performed in reverse.

  The CPU 401 (encryption / decryption processor 422) sets (stores) the ECM 5 in the encrypted data memory 432 of the encryption / decryption processor 422. As a result, the cryptographic processing function unit 433 converts the work key Kw into the expanded key format and generates the content key Ks. Using the content key Ks, the encryption / decryption processor 421 decrypts broadcast data (encrypted stream such as video and audio) (ST808).

  Next, after ST808, a process when the program to be viewed by the user is not changed and the same program is continuously viewed by the user (continuous viewing for a predetermined period (for example, 10 seconds)) will be described.

  At this time, the CPU 401 determines that the program is a viewable program based on the tier bit TB stored in ST806, and the encryption / decryption processor 422 does not extract or set the work key Kw (ST804 to ST807). . Then, the encryption / decryption processor 422 generates the content key Ks by decrypting the ECM 5 using the work key Kw already stored in ST807 in the key storage register 431, and encrypts using the content key Ks. Decode the stream of video and audio that is being performed.

[Action etc.]
Thus, as long as the user is watching the same program or the user is watching a program that can be viewed with the same license, the ECM 5 distributed to the receiving device 4 is decoded at a predetermined period (for example, 10 seconds). The work key Kw for doing this is not changed. In this case, the encryption / decryption processor unit 420 decodes the work key Kw every time the ECM5 is decrypted by the encryption / decryption processor 422 at a predetermined cycle (10 seconds) in order to decrypt a stream such as video and audio. Extraction and setting (ST804 to ST807) can be prevented. As a result, it is possible to efficiently use the encryption / decryption processor 422, reduce the load on the encryption / decryption processor 422, and efficiently decrypt the encrypted broadcast data. As a result, the time required for the decoding process can be shortened.

[Select (change) program]
FIG. 9 is a flowchart showing a decoding operation at the time of program change in the receiving device 4.
When the viewing program is changed by the user while the user is viewing the program, CPU 401 reads tier bit TB from storage unit 412 (ST901).

  CPU 401 determines whether or not the program changed by the user is set to be viewable in the tier bit TB read in ST 901 (ST 902).

  When the program selected by the user is not set to be viewable by the tier bit TB read in ST901 (NO in ST902), the CPU 401 newly extracts the work key Kw in ST903 to ST906, and the encryption / decryption processor 422 Reset the key storage register 431.

  That is, CPU 401 extracts the “work key ID” from the ECM of the program selected by the user and stores it in storage unit 412 (ST903). Next, the CPU 401 compares the “work key ID” extracted in ST 903 with the “work key ID” shown in FIG. 6, and the “work key Kw” included in the license corresponding to the program that matches the “work key Kw”. ”And“ Tearbit TB (viewable program) ”are extracted (ST904). Specifically, when the “work key ID” shown in FIG. 5 is “1”, the “1” is compared with the “work key ID” shown in FIG. The “work key Kw” (“Kw1 (odd / even)”) and “tier bit TB (viewable program)” (“11110101101”) included in the corresponding license are extracted. Next, CPU 401 stores “tier bit TB” in storage unit 412 (ST905). Then, the CPU 401 resets (stores) this “work key Kw” in the key storage register 431 in the encryption / decryption processor 422 shown in FIG. 4 (ST906).

  On the other hand, CPU 401 will be described when the program selected by the user is set to be viewable in the tier bit TB read in ST901 (YES in ST902). At this time, the CPU 401 does not set a new work key Kw in ST903 to ST906. That is, the CPU 401 uses the work key Kw already set in the encryption / decryption processor 422 to generate the content key Ks by the encryption / decryption processor 422 and decrypts the broadcast data using the content key Ks ( ST907).

[Action etc.]
When the program changed by the user is set to be viewable in the tier bit TB read in ST901 (YES in ST902), the work key Kw already set in the encryption / decryption processor 422 is encrypted. Used to decrypt the content key Ks. Therefore, the extraction and setting of the work key Kw (ST903 to ST906) can be omitted every time the ECM5 is decrypted by the encryption / decryption processor 422 at a predetermined cycle. As a result, the load on the encryption / decryption processor 422 can be reduced and the processing time can be shortened.

[Change work key Kw while watching program]
Next, a case will be described in which license update is performed in the license server 3 while a program is being viewed, and the work key Kw that is a license key is changed.

  FIG. 10 is a flowchart showing an operation at the time of detecting a decryption error using the work key Kw in the receiving device 4.

  The encryption processing function unit 433 of the encryption / decryption processor 422 decrypts the ECM 5 set (stored) in the encryption data memory 432 using the work key Kw set (stored) in the key storage register 431 shown in FIG. (ST1001). Thereby, the content key Ks is generated.

  CPU 401 determines in encryption / decryption processor 422 whether or not the decryption of ECM 5 using content key Kw (generation of content key Ks) has ended normally (ST1002).

  When the decryption of the ECM 5 using the work key Kw is normally completed (YES in ST1002), the encryption / decryption processor 421 uses the content key Ks obtained by decrypting the ECM 5 to encrypt video and audio. Etc. are decoded (ST1007).

  On the other hand, when the decryption of ECM 5 using the work key Kw (generation of the content key Ks) does not end normally (NO in ST1002), the CPU 401 determines the “work key ID included in the ECM of the program selected by the user. Is extracted and stored in the storage unit 412 (ST1003).

  Next, the CPU 401 compares the “work key ID” extracted in ST 1003 with the “work key ID” shown in FIG. 6, and the “work key Kw” included in the license corresponding to the program whose “work key ID” matches. ”And“ Tearbit TB (viewable program) ”are extracted (ST1004). Specifically, when the “work key ID” shown in FIG. 5 is “1”, this “1” is compared with the “work key ID” shown in FIG. The “work key Kw” (“Kw1 (odd / even)”) and “tier bit TB (viewable program)” (“11110101101”) included in the corresponding license are acquired.

  Next, the CPU 401 stores this “tier bit TB” in the storage unit 412 (ST1005).

  Then, CPU 401 resets (stores) this “work key Kw” in key storage register 431 in encryption / decryption processor 422 shown in FIG. 4 (ST1006).

  Next, the encryption / decryption processor 421 uses the content key Ks obtained by decrypting the ECM 5 to decrypt the encrypted video or audio stream (ST1007). As a result, data such as video and audio is output to the external AV device 104 via the AV interface 406 shown in FIG. 2, and viewing of the program starts (ST1008).

[Action etc.]
In this way, there is a possibility that the license is updated in the license server 3 or the like while viewing the program, and the work key Kw is changed. If the license is updated, an ECM5 decryption error may occur (NO in ST1002). However, when the decryption of ECM 5 using the work key Kw (generation of the content key Ks) does not end normally (NO in ST1002), the encryption / decryption processor 422 uses the work key Kw as shown in ST1003 to ST1006. The key storage register 431 can be reset. Therefore, even when the license 6 (work key K) is updated, the encryption / decryption processors 421 and 422 can reliably decrypt encrypted video and audio streams.

  When the ECM5 is normally decrypted by the encryption / decryption processor (descrambler) (YES in ST1002), the work key Kw already set in the encryption / decryption processor 422 is used as the encrypted content key. Used for decoding Ks. As a result, the load on the encryption / decryption processor 422 can be reduced and the processing time can be shortened.

  The present invention is not limited to the embodiment described above, and various modifications can be made within the scope of the technical idea of the present invention.

  In the above embodiment, “work key ID” and “tier bit TB” are stored in the storage unit 412 as shown in FIG. 8 (ST806), and the tier bit TB is stored in ST901 in ST901 as shown in FIG. An example of reading from is shown. However, the present invention is not limited to this. For example, in ST806, only “work key ID” is stored without storing “tier bit TB”, and in ST901, “tier bit TB associated with this“ work key ID ”is stored. May be read. Even in this case, it is possible to reduce the load on the encryption / decryption processor 422 and the like when the user selects a program.

It is a figure which shows the structure of the receiving system which concerns on one Embodiment of this invention. It is a figure which shows the detailed structure of the hardware of a receiver. It is a figure which shows the structure of the encryption processing system 'of a receiver. It is a figure which shows the structure of the encryption / decryption processor shown in FIG. It is a figure which shows the data structure of ECM shown in FIG. It is a figure which shows the data structure of the license shown in FIG. FIG. 7 is a diagram for explaining in detail the tier bit shown in FIG. 6. It is a flowchart which shows the decoding operation | movement at the time of the program viewing start in a receiver. It is a flowchart which shows the decoding operation | movement at the time of the program change in a receiver. It is a flowchart which shows the operation | movement at the time of the decoding error detection using a work key.

Explanation of symbols

Ks Content key Kw, Kw1, KwN Work key TB Tier bit 1 Receiving system 2 Broadcast server 3 License server 4 Receiving device 5 ECM
6 license 401 CPU
412 Storage unit 420 Encryption / decryption processor unit 421, 422 Encryption / decryption processor 431 Key storage register 432 Encryption data memory 433 Encryption processing function unit

Claims (5)

For each encrypted content distributed from the first server, a second key for decrypting the encrypted first key in which the first key for decrypting the content is encrypted, and the second key First acquisition means for acquiring, through a network, first control information including identification information for identifying the key and the content viewing permission / inhibition information;
A first storage unit for storing first control information acquired by the first acquisition unit;
Second acquisition means for acquiring the encrypted content from the first server through the network;
A second storage unit for storing the acquired content;
An encrypted first key obtained by encrypting a first key for decrypting the acquired content, and identification information for identifying a second key for decrypting the encrypted first key. Third acquisition means for acquiring second control information including the second control information from the second server through the network in a second period shorter than the first period;
A third storage unit for storing the acquired second control information;
Corresponding to the content whose identification information matches by comparing the first control information for each content stored in the first storage unit with the second control information stored in the third storage unit Means for extracting the second key and the viewing permission / inhibition information included in the first control information;
A key storage unit for storing the extracted second key;
A fourth storage unit for storing the retrieved viewing availability information;
Each time the second control information is acquired by the third acquisition unit, the content stored in the second storage unit can be viewed based on the viewing availability information stored in the fourth storage unit. A judging means for judging whether or not,
When it is determined by the determination means that viewing is possible, the encrypted first key is decrypted using the second key stored in the key storage unit, and the decrypted first key is used to decrypt the encrypted first key. A receiving device comprising: decrypting means for decrypting the encrypted content. The receiving device according to claim 1,
The receiving device determines whether or not the other content can be viewed when another content different from the content is selected by a user. The receiving device according to claim 2,
Further comprising second determination means for determining whether or not the encrypted first key has been successfully decrypted by the decryption means;
A receiving device that, when the encrypted first key is not normally decrypted, extracts a new key different from the second key by the extracting unit and stores it in the key storage unit. For each encrypted content distributed from the first server, a second key for decrypting the encrypted first key in which the first key for decrypting the content is encrypted, and the second key First control information including identification information for identifying the key and the content viewing permission / inhibition information is acquired through a network in a first period;
Storing the acquired first control information;
Obtaining the encrypted content from the first server through the network;
Storing the acquired content;
An encrypted first key obtained by encrypting a first key for decrypting the acquired content, and identification information for identifying a second key for decrypting the encrypted first key. Including second control information including a second period shorter than the first period from the second server through the network;
Storing the acquired second control information;
The first control information for each of the stored contents is compared with the stored second control information, and the first control information included in the first control information corresponding to the content with the matching identification information is included. 2 key and the viewing availability information,
Storing the retrieved second key;
Storing the retrieved viewing availability information;
Each time the second control information is acquired, it is determined whether the stored content is viewable based on the stored viewability information.
When it is determined that the content can be viewed, the encrypted first key is decrypted using the stored second key, and the encrypted content is decrypted with the decrypted first key. Decrypt the receiving method. For each encrypted content distributed from the first server, a second key for decrypting the encrypted first key in which the first key for decrypting the content is encrypted, and the second key First control information including identification information for identifying the key and the content viewing permission / inhibition information is acquired through the network in a first period,
Storing the acquired first control information;
Obtaining the encrypted content from the first server through the network;
Storing the acquired content;
An encrypted first key obtained by encrypting a first key for decrypting the acquired content, and identification information for identifying a second key for decrypting the encrypted first key. Including the second control information including the second control information from the second server through the network in a second period shorter than the first period,
Storing the acquired second control information;
The first control information for each of the stored contents is compared with the stored second control information, and the first control information included in the first control information corresponding to the content with the matching identification information is included. 2 key and the viewing availability information are taken out,
Storing the retrieved second key;
Storing the retrieved viewing availability information;
Each time the second control information is acquired, based on the stored viewability information, it is determined whether the stored content is viewable.
When it is determined that the content can be viewed, the encrypted content is decrypted using the stored second key, and the encrypted content is decrypted using the decrypted first key. A program that causes a computer to operate.

Images