JP2011103518A - Apparatus and method for processing data - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an encryption technology which can reproduce a program stored in a storage device even when an image receiver fails which has received and stored the program. <P>SOLUTION: A broadcast decryption part 14 decrypts data in which first encryption is executed on the basis of the decryption information stored in an IC card 18. An encryption key generation part 22 generates an encryption key on the basis of a card No. stored in the IC card 18. An encryption/decryption part 24 executes second encryption to the decrypted data on the basis of the encryption key. A scramble processing part 52 executes third encryption to the data in which the second encryption is executed on the basis of the storage device ID of the storage device 40. An input/output interface part 28 outputs the data to which the third encryption is executed to the storage device 40. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a data processing technique, and more particularly to a data processing apparatus and a data processing method for encrypting and decrypting data.

  In recent years, terrestrial digital television broadcasting has been implemented. A digital television broadcast receiver (hereinafter referred to as “receiver”) for receiving terrestrial digital television broadcasts has a function for playing back digital television broadcast programs. Furthermore, the image receiving device also has a function for recording and reproducing programs by incorporating a storage device or having a connection terminal of an external storage device. In the ARIB standard, when a digital television broadcast program is stored, the program is required to be encrypted.

  This is for avoiding that the program stored in the predetermined storage device is copied to another storage device and the program is reproduced by the other storage device. To cope with this, the HDD serial number held by the HDD that is the storage device, the secure ID that is held by the secure IC that is fixedly provided in the device, and the card ID that is held by the IC card that is the external device Thus, an encryption key and a decryption key are generated. The encryption key and the decryption key are used for data recording / reproduction with respect to the HDD (see, for example, Patent Document 1).

JP 2005-174388 A

  When the image receiving device and the storage device are connected and a program is stored in the storage device, the image receiving device may break down. When storing a program, if the information unique to the image receiving device is used like the secure ID, the program cannot be reproduced in the above case. Therefore, it is desired to perform encryption so that a program stored in the storage device can be reproduced even when the image receiving device fails.

  The present invention has been made in view of such a situation, and an object of the present invention is to perform encryption that can reproduce a program stored in a storage device even when an image receiving device that receives and stores the program fails. To provide technology.

  In order to solve the above-described problem, a data processing device according to an aspect of the present invention includes a first acquisition unit that acquires data subjected to first encryption, and a first acquisition unit that decrypts data acquired by the first acquisition unit. In the first acquisition unit based on the first information acquired in the second acquisition unit and the second acquisition unit that acquires the first information stored in the first storage medium that is one information and removable Stipulated as information for identifying the first storage medium, which is second information different from the first information, from the decoding unit for decoding the acquired data and the first storage medium storing the first information A first encryption unit that performs second encryption on the data decrypted in the decryption unit based on the second information obtained in the third acquisition unit And data encrypted by the second encryption unit in the first encryption unit. Against, comprising a second encryption unit for performing a third encryption, and an output unit for outputting data to the third encryption has been performed in the second encryption unit to the second storage medium. The second encryption unit performs the third encryption based on the third information defined as information for identifying the second storage medium.

  According to this aspect, since the data is encrypted based on the second information for identifying the first storage medium and the third information for identifying the second storage medium, the program is received. The stored program can be reproduced even if the image receiving apparatus stored in the above-mentioned failure occurs.

  The second encryption unit performs the third encryption such that the period for decrypting the third encrypted data is shorter than the period for decrypting the second encrypted data. May be. In this case, since the decryption period for the third encryption is shorter than the decryption period for the second encryption, even when copying or moving the data stored in the second storage medium, a short processing period is required. realizable.

  The first encryption unit performs block encryption as the second encryption, uses the second information to generate an encryption key for block encryption, and the second encryption unit Scrambling is performed as encryption, and the third information may be used as the initial value of scrambling. In this case, since block encryption is performed as the second encryption and scrambling is performed as the third encryption, the third encryption is performed more than the period for decrypting the data that has been subjected to the second encryption. The period for decoding data can be shortened.

  Another embodiment of the present invention is also a data processing device. The apparatus includes a first acquisition unit that acquires first encrypted data, and first information for decrypting the data acquired by the first acquisition unit, and is attached to a removable first storage medium. The second acquisition unit that acquires the stored first information, the decoding unit that decodes the data acquired in the first acquisition unit based on the first information acquired in the second acquisition unit, and the first information are stored A third acquisition unit that acquires second information that is different from the first information and is defined as information for identifying the first storage medium, from the first storage medium 3 Based on only the second information acquired in the acquisition unit, the generation unit that generates the encryption key, and the second encryption for the data decrypted in the decryption unit based on the encryption key generated in the generation unit And the second encryption is not performed in the encryption unit. The data and an output unit for outputting to the second storage medium. When the encryption unit detects the detachment of the first storage medium, the encryption unit deletes the encryption key.

  According to this aspect, since the data is encrypted based only on the second information for identifying the first storage medium, the image receiving apparatus that received and stored the program failed. However, the stored program can be reproduced.

  You may further provide the 4th acquisition part which acquires the 3rd information prescribed | regulated as information for identifying a 2nd storage medium from a 2nd storage medium. The generation unit generates fourth information based on the second information and the third information, generates an encryption key based on the fourth information, and the output unit also generates the fourth information generated by the generation unit. You may output to 2 storage media. In this case, since the third information is generated based on the second information and stored in the second storage medium, the third information is used for authentication at the time of data reproduction, and the safety of the data can be improved. .

  Yet another embodiment of the present invention is a data processing method. In this method, first encrypted data is obtained, and first information for decrypting the obtained data is obtained, and first information stored in a removable first storage medium is obtained. A step of decrypting the acquired data based on the acquired first information, a second information different from the first information from the first storage medium storing the first information, And acquiring second information defined as information for identifying the first storage medium, and executing second encryption on the decrypted data based on the acquired second information; The third encryption is performed on the second encrypted data, and the third encrypted data is output to the second storage medium. The step of executing the third encryption executes the third encryption based on the third information defined as information for identifying the second storage medium.

  Yet another embodiment of the present invention is also a data processing method. In this method, first encrypted data is obtained, and first information for decrypting the obtained data is obtained, and first information stored in a removable first storage medium is obtained. A step of decrypting the acquired data based on the acquired first information, a second information different from the first information from the first storage medium storing the first information, And acquiring second information defined as information for identifying the first storage medium, generating an encryption key based only on the acquired second information, and based on the generated encryption key In addition, the method includes performing a second encryption on the decrypted data and outputting the data subjected to the second encryption to the second storage medium. The step of executing the second encryption deletes the encryption key when it is detected that the first storage medium is detached.

  It should be noted that any combination of the above-described constituent elements and a conversion of the expression of the present invention between a method, an apparatus, a system, a recording medium, a computer program, etc. are also effective as an aspect of the present invention.

  According to the present invention, a program stored in a storage device can be reproduced even when the image receiving device that has received and stored the program has failed.

It is a figure which shows the structure of the image receiving apparatus which concerns on Example 1 of this invention. It is a figure which shows the structure of the image receiving apparatus which concerns on Example 2 of this invention. It is a figure which shows the structure of the data memorize | stored in the memory | storage device of FIG. It is a figure which shows the structure of the image receiving apparatus which concerns on Example 3 of this invention. It is a figure which shows the structure of the scramble process part of FIG. It is a figure which shows another structure of the scramble process part of FIG.

Example 1
Before describing the present invention specifically, an outline will be given first. Embodiment 1 of the present invention relates to an image receiving apparatus that receives a terrestrial digital television broadcast and reproduces a program included in the received signal. The image receiving device decrypts the encrypted program, reproduces the decrypted program, encrypts the decrypted program, and stores the encrypted program in the storage device. Here, the storage device is connected to the image receiving device from the outside. Even when the image receiving device fails, in order to generate a program stored in the storage device by connecting the storage device to another image receiving device, the receiving device according to the present embodiment performs the following processing. Execute.

  An IC card is inserted into the image receiving device. The IC card includes information for decoding a program included in the received signal (hereinafter referred to as “decoding information”) and unique information of the IC card (hereinafter referred to as “card No.”). Yes. The receiving device extracts decoding information from the IC card and decodes the program using the decoding information. The receiver receives the card number from the IC card. And the card no. Generate an encryption key based on The receiving apparatus encrypts the decrypted program using the encryption key. The receiving device stores the encrypted program in the storage device. The IC card and the storage device are connected to a reception device different from the reception device during storage. In addition, another receiving apparatus shall be comprised similarly to the receiving apparatus at the time of memory | storage. The receiver receives the card number from the IC card. To generate an encryption key. The receiving device extracts the program from the storage device and decrypts the program using the encryption key.

  FIG. 1 shows a configuration of an image receiving apparatus 100 according to Embodiment 1 of the present invention. The image receiving apparatus 100 includes an antenna 10, a broadcast receiving unit 12, a broadcast decoding unit 14, a card reading unit 16, a card No. A storage unit 20, an encryption key generation unit 22, an encryption / decryption unit 24, an output formatter unit 26, an input / output interface unit 28, an MPEG decoder 30, a display unit 32, and a control unit 34 are included. The image receiving apparatus 100 is connected with an IC card 18 and a storage device 40. 36, a broadcast information memory 38 is included.

  The broadcast receiving unit 12 receives a terrestrial digital television broadcast signal via the antenna 10. Terrestrial digital television broadcast signals are transmitted from broadcast stations and relay stations (not shown). The broadcast receiving unit 12 performs frequency conversion from a radio frequency to a baseband frequency on the received signal. Note that after the frequency conversion from the radio frequency to the intermediate frequency is performed, the frequency conversion from the intermediate frequency to the baseband frequency may be performed. The broadcast receiving unit 12 converts the time domain signal into the frequency domain signal by performing FFT on the baseband frequency signal.

  Further, the broadcast receiving unit 12 demodulates the frequency domain signal. Hereinafter, the demodulated signal is simply referred to as “signal”. The signal includes program data, and the data is encrypted by a broadcasting station (not shown). As the encryption, for example, block encryption such as MULTI2 is used. Hereinafter, for the sake of convenience, encryption performed at the broadcasting station is referred to as first encryption. Through such processing, the broadcast receiving unit 12 acquires the first encrypted data. The broadcast receiving unit 12 outputs the acquired data to the broadcast decoding unit 14.

  The IC card 18 is configured to be detachable from the image receiving apparatus 100. The IC card 18 is connected to the card reading unit 16 of the image receiving device 100. The IC card 18 has a storage area capable of storing predetermined digital information. Here, the storage area is the card number. Reference numeral 36 denotes a broadcast information memory 38. The broadcast information memory 38 stores decryption information for decrypting the encryption performed on the data. The broadcast information memory 38 also stores information related to whether broadcasts can be received. Card No. 36 is a card number defined as information for identifying the IC card 18. Remember. Here, the decryption information card No. Is different information.

  The card reading unit 16 connects the IC card 18. The card reading unit 16 has a card number of the IC card 18. 36 and the broadcast information memory 38 are accessed to obtain necessary information. Here, the card reading unit 16 obtains decoding information for decoding the data obtained by the broadcast receiving unit 12 by accessing the broadcast information memory 38. The card reading unit 16 outputs the decryption information to the broadcast decryption unit 14. The broadcast decryption unit 14 inputs data from the broadcast reception unit 12 and also inputs decryption information from the card reading unit 16. The broadcast decryption unit 14 decrypts the first encrypted data based on the decryption information. The decoded data corresponds to compressed video / audio information such as a TS (transport stream) signal. The broadcast decryption unit 14 outputs the decrypted data to the MPEG decoder 30 and the encryption / decryption unit 24.

  The MPEG decoder 30 inputs data from the broadcast decoding unit 14. Since the decoded data is generally compressed video, the MPEG decoder 30 performs MPEG decoding on the compressed video to generate a video / audio signal. In addition, since a well-known technique should just be used for MPEG decoding, description is abbreviate | omitted here. The MPEG decoder 30 outputs the video / audio signal to the display unit 32. The display unit 32 is configured by a display or the like, and displays a video of the video / audio signal. The audio of the video / audio signal may be output from a speaker (not shown).

  Card No. The storage unit 20 stores the card number of the IC card 18 via the card reading unit 16. 36, card no. To get. Card No. The storage unit 20 stores the card number. As well as the card number. Is output to the encryption key generation unit 22. The encryption key generation unit 22 has a card No. Card No. from the storage unit 20 is stored. Enter. The encryption key generation unit 22 has a card No. The encryption key used in the encryption / decryption unit 24 is generated based only on the above. The encryption key is used for encryption in the subsequent encryption / decryption unit 24. The encryption key generation unit 22 is, for example, a card No. Is multiplied by a default function or the card no. The encryption key is generated by dividing by a default function. In addition, the encryption key generation unit 22 has a card No. An encryption key may be generated by applying a predetermined hash function to.

  The encryption / decryption unit 24 inputs the data from the broadcast decryption unit 14 and also receives the encryption key from the encryption key generation unit 22. The encryption / decryption unit 24 performs encryption on the data based on the encryption key. The encryption is block encryption different from MULTI2 and is referred to as second encryption for convenience. In addition, since a well-known technique should just be used for encryption, description is abbreviate | omitted here. The encryption / decryption unit 24 outputs the second encrypted data to the output formatter unit 26.

  The output formatter unit 26 receives the data from the encryption / decryption unit 24. The output formatter unit 26 forms data into a format for storage in the storage device 40 described later, and outputs the shaped data to the input / output interface unit 28. The input / output interface unit 28 is connected to the storage device 40, and outputs data to the storage device 40 and inputs data from the storage device 40. The connection is made by, for example, USB (Universal Serial Bus). The input / output interface unit 28 stores the data from the output formatter unit 26 in the storage device 40. The storage device 40 is a storage medium such as a hard disk, and receives data from the input / output interface unit 28 and stores the data.

  The control unit 34 controls the operation of the entire image receiving apparatus 100. When detecting the removal of the IC card 18, the control unit 34 notifies the card number. The storage unit 20 and the encryption / decryption unit 24 are notified. Upon receiving the notification, the encryption / decryption unit 24 deletes the encryption key and stores the card number. Upon receipt of the notification, the storage unit 20 receives the card number. Erase.

  Next, processing for reproducing data stored in the storage device 40 in the image receiving device 100 will be described. At this time, the storage device 40 and the IC card 18 may be the same as before, and the image receiving device 100 may be a different device. Since the card reading unit 16 to the encryption key generation unit 22 execute the same processing as before, description thereof is omitted here. The input / output interface unit 28 extracts data stored in the storage device 40. Here, the data is second encrypted. The input / output interface unit 28 outputs the data to the encryption / decryption unit 24.

  The encryption / decryption unit 24 inputs data from the input / output interface unit 28 and also inputs an encryption key from the encryption key generation unit 22. The encryption / decryption unit 24 decrypts the data based on the encryption key. As the decryption process, a process corresponding to the second encryption is performed. However, since a known technique may be used, the description is omitted here. The decoded data is the same as the data decoded in the broadcast decoding unit 14 and corresponds to compressed video / audio information such as a TS signal. The encryption / decryption unit 24 outputs the data to the MPEG decoder 30. Since the MPEG decoder 30 and the display unit 32 execute the same processing as before, description thereof is omitted here.

  This configuration can be realized in terms of hardware by a CPU, memory, or other LSI of any computer, and in terms of software, it can be realized by a program loaded in the memory, but here it is realized by their cooperation. Draw functional blocks. Accordingly, those skilled in the art will understand that these functional blocks can be realized in various forms by hardware only, software only, or a combination thereof.

  The operation of the image receiving apparatus 100 having the above configuration will be described. First, data storage processing will be described. The user attaches the IC card 18 to the image receiving device 100 and connects the storage device 40 to the image receiving device 100. The broadcast decryption unit 14 demodulates the signal received by the broadcast reception unit 12 and obtains the first encrypted data. The broadcast decryption unit 14 decrypts the first encrypted data based on the decryption information stored in the IC card 18. The encryption key generation unit 22 stores the card number stored in the IC card 18. Generate an encryption key based on The encryption / decryption unit 24 performs the second encryption on the decrypted data using the encryption key. The input / output interface unit 28 causes the storage device 40 to store the second encrypted data.

  Next, a process for reproducing stored data will be described. It is assumed that the user uses an image receiving device 100 different from the image receiving device 100 used for storing data. The user attaches the IC card 18 used at the time of storage to another image receiving device 100 and connects the storage device 40 storing data to the image receiving device 100. The encryption key generation unit 22 stores the card number stored in the IC card 18. Generate an encryption key based on The encryption / decryption unit 24 acquires data stored in the storage device 40 via the input / output interface unit 28, and performs decryption on the data using an encryption key. The encryption / decryption unit 24 outputs the decrypted data to the MPEG decoder 30, and the MPEG decoder 30 and the display unit 32 reproduce the data.

  According to the embodiment of the present invention, the card No. for identifying the IC card is used. Since the encryption is performed on the data based only on the data, the stored program can be reproduced even when the image receiving apparatus that has received and stored the program fails. Card No. Since the same encryption key is generated from the same IC card no matter which image receiving device is inserted into the image receiving device, even if the image receiving device is broken, the other image receiving device can be used for recording. By installing the IC card, the stored program can be reproduced. When the IC card is removed from the receiving device, the encryption key stored in the receiving device, the card number. Is erased, so inappropriate storage can be avoided.

  Also, broadcast information is stored in the IC card, and only contracted broadcast records can be recorded with the same encryption key, so that reproduction of recorded information of uncontracted broadcasts can be prevented. In addition, since the stored program can be stored in another storage device, the program stored in another storage device can be reproduced even if the storage device fails. In addition, although there are a plurality of copied programs, only one image receiving device with the same number of IC cards inserted reproduces the programs, so that illegal distribution of copy content can be prevented.

(Example 2)
The second embodiment of the present invention relates to an image receiving apparatus that performs encryption after decrypting data included in a received signal, similarly to the image receiving apparatus of the first embodiment. In the first embodiment, when the data stored in the storage device is reproduced, the card number of the IC card. An encryption key is generated based on the above. That is, whether the data is valid or not is determined by the card number. Confirmed based on The image receiving apparatus according to the second embodiment aims to improve accuracy of checking whether the data is valid data, that is, to improve security, as compared with the image receiving apparatus according to the first embodiment.

  FIG. 2 shows a configuration of the image receiving apparatus 100 according to the second embodiment of the present invention. The image receiving apparatus 100 shown in FIG. 2 further includes an information generation unit 42 and an authentication unit 44 in the image receiving apparatus 100 shown in FIG. Here, the difference will be mainly described. Card No. The storage unit 20 stores the card number. As well as the card number. Is output to the encryption key generation unit 22 and the information generation unit 42. The information generation unit 42 has a card no. Card No. from the storage unit 20 is stored. Enter. The information generation unit 42 has a card no. Identification information is generated from Here, the generation method of the identification information may be any method, but it is required to be predetermined. That is, even if the image receiving apparatus 100 changes, the same card No. The same identification information is generated. Such identification information includes the card number. However, since it is stored in the storage device 40 as will be described later, the card No. This is information for identifying the storage device 40 related to. The information generation unit 42 outputs the identification information to the input / output interface unit 28.

  The input / output interface unit 28 also inputs identification information from the information generation unit 42. The input / output interface unit 28 outputs identification information to the storage device 40 in addition to the second encrypted data. The storage device 40 stores identification information and data. FIG. 3 shows the configuration of data stored in the storage device 40. The identification information 200 is stored, and the first content data 202a to the Zth content data 202z are stored. The content data 202 generically including the first content data 202a to the Zth content data 202z corresponds to the second encrypted data. Returning to FIG.

  Next, processing for reproducing data stored in the storage device 40 in the image receiving device 100 will be described. As described above, the information generation unit 42 uses the card number. Identification information is generated from The information generation unit 42 outputs the identification information to the authentication unit 44. The authentication unit 44 inputs the identification information from the information generation unit 42. The authentication unit 44 also inputs identification information stored in the storage device 40 via the input / output interface unit 28. The authentication unit 44 confirms whether the two pieces of identification information match. If they match, the authentication unit 44 instructs the encryption key generation unit 22 to generate an encryption key. Following this, the encryption key generator 22 and the like execute the same processing as in the first embodiment. On the other hand, if they do not match, the authentication unit 44 determines to stop the reproduction process.

  The operation of the image receiving apparatus 100 having the above configuration will be described. First, data storage processing will be described. The user attaches the IC card 18 to the image receiving device 100 and connects the storage device 40 to the image receiving device 100. The broadcast decryption unit 14 demodulates the signal received by the broadcast reception unit 12 and obtains the first encrypted data. The broadcast decryption unit 14 decrypts the first encrypted data based on the decryption information stored in the IC card 18. The encryption key generation unit 22 stores the card number stored in the IC card 18. Generate an encryption key based on The encryption / decryption unit 24 performs the second encryption on the decrypted data using the encryption key. The information generation unit 42 stores the card No. stored in the IC card 18. The identification information is generated based on the above. The input / output interface unit 28 causes the storage device 40 to store the identification information and the second encrypted data.

  Next, a process for reproducing stored data will be described. It is assumed that the user uses an image receiving device 100 different from the image receiving device 100 used for storing data. The user attaches the IC card 18 used at the time of storage to another image receiving device 100 and connects the storage device 40 storing data to the image receiving device 100. The information generation unit 42 stores the card No. stored in the IC card 18. The identification information is generated based on the above. The authentication unit 44 compares the identification information generated by the information generation unit 42 with the identification information stored in the storage device 40. If they match, the authentication unit 44 instructs the encryption key generation unit 22 to generate an encryption key. The encryption key generation unit 22 stores the card number stored in the IC card 18. Generate an encryption key based on The encryption / decryption unit 24 acquires data stored in the storage device 40 via the input / output interface unit 28, and performs decryption on the data using an encryption key. The encryption / decryption unit 24 outputs the decrypted data to the MPEG decoder 30, and the MPEG decoder 30 and the display unit 32 reproduce the data.

  According to the embodiment of the present invention, the card No. Since the identification information is generated based on the ID and stored in the storage device, the identification information can be used for authentication during data reproduction. In addition, since the identification information is used for authentication when reproducing the data, the safety of the data can be improved. The encryption key and the identification information are both the card number. Because it is generated from, processing can be simplified.

(Example 3)
The third embodiment of the present invention relates to an image receiving apparatus that performs encryption after decrypting data included in a received signal, as in the previous embodiments. The third embodiment also uses a storage device ID (hereinafter referred to as “unique information”) for encryption in order to improve security. At that time, the card No. An encryption key for block encryption can be generated based on the unique information. However, when data stored in the storage device is dubbed or moved, after the data is decrypted based on the encryption key generated from the unique information of the dubbing source storage device, the dubbing destination storage device Data is encrypted based on the encryption key generated from the unique information. Therefore, complicated processing is required. The third embodiment aims to simplify data dubbing and move processing while using unique information for encryption.

  FIG. 4 shows a configuration of the image receiving device 100 according to the third embodiment of the present invention. The image receiving apparatus 100 includes an antenna 10, a broadcast receiving unit 12, a broadcast decoding unit 14, a card reading unit 16, a card No. A storage unit 20, an MPEG decoder 30, a display unit 32, a block encryption processing unit 50, a scramble processing unit 52, an input / output interface unit 28, and a control unit 34 are included. The block encryption processing unit 50 includes an encryption key generation unit 22 and an encryption / decryption unit 24. The image receiving apparatus 100 is connected with an IC card 18 and a storage device 40. 36, a broadcast information memory 38 is included. Here, the description will focus on differences from the image receiving apparatus 100 shown in FIG.

  The encryption / decryption unit 24 generates the second encrypted data as in the first embodiment. The encryption / decryption unit 24 outputs the data to the scramble processing unit 52. The scramble processing unit 52 inputs data from the encryption / decryption unit 24. The scramble processing unit 52 also inputs the storage device ID from the storage device 40 via the input / output interface unit 28. The storage device ID is information defined as information for identifying the storage device 40 and is uniquely given to the storage device 40 in advance. The scramble processing unit 52 performs encryption on the data based on the storage device ID. In order to distinguish from the conventional encryption, the encryption performed in the scramble processing unit 52 is called third encryption.

  The scramble processing unit 52 executes scramble as the third encryption. Further, the storage device ID is used as the initial value of scramble. As described above, the encryption / decryption unit 24 uses block encryption as the second encryption, and the scramble processing unit 52 uses scramble as the third encryption. For this reason, the scramble processing unit 52 uses the third encryption such that the period for decrypting the third encrypted data is shorter than the period for decrypting the second encrypted data. Has been.

  FIG. 5 shows a configuration of the scramble processing unit 52. The scramble processing unit 52 includes a storage device ID storage unit 60, a linear shift register unit 62, an exclusive OR unit 64, and an output formatter unit 66. The storage device ID storage unit 60 inputs a storage device ID from an input / output interface unit 28 (not shown) and stores the storage device ID. The linear shift register unit 62 inputs the storage device ID from the storage device ID storage unit 60 and drives the linear shift register using the storage device ID as an initial value. Since a known technique may be used as the linear shift register, the description is omitted here. The exclusive OR unit 64 inputs the output information from the linear shift register unit 62 and also receives data from the encryption / decryption unit 24 (not shown). The exclusive OR unit 64 calculates an exclusive OR between the data and the output information bit by bit. The exclusive OR unit 64 outputs the calculation result as the third encrypted data. The output formatter unit 66 performs the same processing as the output formatter unit 26 of FIG. Returning to FIG.

  The input / output interface unit 28 outputs the data encrypted by the third encryption in the scramble processing unit 52 to the storage device 40. The storage device 40 stores the data that has been subjected to the third encryption. Next, processing for reproducing data stored in the storage device 40 in the image receiving device 100 will be described. The input / output interface unit 28 extracts the storage device ID from the storage device 40 and also extracts the data stored in the storage device 40. The input / output interface unit 28 outputs the storage device ID and data to the scramble processing unit 52. The scramble processing unit 52 performs descrambling on the data based on the storage device ID. As a result, the scramble processing unit 52 decodes the data. Since the processing of the scramble processing unit 52 is as described above, the description thereof is omitted here. Note that data from the input / output interface unit 28 is input to the exclusive OR unit 64 of FIG. 5 instead of the data from the encryption / decryption unit 24. The scramble processing unit 52 outputs the data to the encryption / decryption unit 24.

  The encryption / decryption unit 24 inputs the data from the scramble processing unit 52 and also receives the encryption key from the encryption key generation unit 22. The encryption / decryption unit 24 decrypts the data based on the encryption key. The decoded data is the same as the data decoded in the broadcast decoding unit 14 and corresponds to compressed video / audio information such as a TS signal. The encryption / decryption unit 24 outputs the data to the MPEG decoder 30. Since the MPEG decoder 30 and the display unit 32 execute the same processing as before, description thereof is omitted here.

  Below, the process at the time of dubbing and moving the data memorize | stored in the memory | storage device 40 is demonstrated. Two storage devices 40 are connected to the image receiving device 100 of FIG. Here, the storage device 40 that is the dubbing source is the first storage device, and the storage device 40 that is the dubbing destination is the second storage device. FIG. 6 shows another configuration of the scramble processing unit 52. The scramble processing unit 52 includes a first storage device ID storage unit 70, a first linear shift register unit 72, a second storage device ID storage unit 74, a second linear shift register unit 76, an exclusive OR unit 64, and an output formatter unit 66. including.

  The first storage device ID storage unit 70 inputs the first storage device ID of the first storage device from the input / output interface unit 28 (not shown), and stores the first storage device ID. The second storage device ID storage unit 74 receives the second storage device ID of the second storage device from the input / output interface unit 28 (not shown) and stores the second storage device ID. The first linear shift register unit 72 inputs the first storage device ID from the first storage device ID storage unit 70, and drives the linear shift register with the first storage device ID as an initial value. The second linear shift register unit 76 inputs the second storage device ID from the second storage device ID storage unit 74, and drives the linear shift register using the second storage device ID as an initial value.

  The exclusive OR unit 64 inputs the output information from the first linear shift register unit 72 and also receives data from the encryption / decryption unit 24 (not shown). The exclusive OR unit 64 calculates an exclusive OR between the data and the output information bit by bit. The calculation result corresponds to the decryption of the third encryption. The exclusive OR unit 64 also receives output information from the second linear shift register unit 76, and performs exclusive OR operation on a bit basis between the operation result and the output information from the second linear shift register unit 76. Calculate. This is a new scramble process and can be said to be a new third encryption. The newly third-encrypted data is output to the second storage device via the input / output interface unit 28 (not shown). The second storage device stores data.

  The operation of the image receiving apparatus 100 having the above configuration will be described. First, data storage processing will be described. The user attaches the IC card 18 to the image receiving device 100 and connects the storage device 40 to the image receiving device 100. The broadcast decryption unit 14 demodulates the signal received by the broadcast reception unit 12 and obtains the first encrypted data. The broadcast decryption unit 14 decrypts the first encrypted data based on the decryption information stored in the IC card 18. The encryption key generation unit 22 stores the card number stored in the IC card 18. Generate an encryption key based on The encryption / decryption unit 24 performs the second encryption on the decrypted data using the encryption key. The scramble processing unit 52 performs the third encryption on the second encrypted data with the storage device ID of the storage device 40 as an initial value. The input / output interface unit 28 causes the storage device 40 to store the third encrypted data.

  Next, a process for reproducing stored data will be described. It is assumed that the user uses an image receiving device 100 different from the image receiving device 100 used for storing data. The user attaches the IC card 18 used at the time of storage to another image receiving device 100 and connects the storage device 40 storing data to the image receiving device 100. The scramble processing unit 52 acquires the data and the storage device ID stored in the storage device 40 via the input / output interface unit 28, and executes decoding on the data using the storage device ID as an initial value. The encryption key generation unit 22 stores the card number stored in the IC card 18. Generate an encryption key based on The encryption / decryption unit 24 decrypts the data decrypted by the scramble processing unit 52 while using the encryption key. The encryption / decryption unit 24 outputs the decrypted data to the MPEG decoder 30, and the MPEG decoder 30 and the display unit 32 reproduce the data.

  According to the embodiment of the present invention, the card No. for identifying the IC card is used. And the storage device ID for identifying the storage device, the data is encrypted, so even if the image receiving device that received and stored the program failed, the data was stored. Can play programs. Further, since block encryption is performed as the second encryption and scrambling is performed as the third encryption, the data that has been subjected to the third encryption is longer than the period for decrypting the data that has been subjected to the second encryption. The period for decoding can be shortened.

  In addition, when the scramble process is executed after the block encryption is executed and the decryption period for the scramble process is shorter than the decryption period for the block encryption, copy or move is executed for the stored data. However, a short processing period can be realized. In addition, high-speed dubbing and moving can be realized while suppressing a decrease in safety. In addition, when performing dubbing or moving, high-speed processing at the operating frequency of the shift register can be realized without requiring processing with a large processing amount such as DES and AES.

  In the above, this invention was demonstrated based on the Example. This embodiment is an exemplification, and it will be understood by those skilled in the art that various modifications can be made to the combination of each component and each processing process, and such modifications are also within the scope of the present invention. .

  In Embodiments 1 to 3 of the present invention, the image receiving device 100 receives a terrestrial digital television broadcast. However, the present invention is not limited to this. For example, the image receiving apparatus 100 may process other than terrestrial digital television broadcasts. Specifically, broadcasts other than terrestrial digital television broadcasts, such as satellite broadcasts and cable television broadcasts, may be processed, and media such as DVDs (Digital Versatile Discs) are processed. May be. In the latter case, an optical pickup or the like is provided instead of the antenna 10 and the broadcast receiving unit 12. According to this modification, the present invention can be applied to various systems.

  In the first to third embodiments of the present invention, the encryption / decryption unit 24 performs block encryption. However, the present invention is not limited to this. For example, the encryption / decryption unit 24 may execute DES (Data Encryption Standard) or AES (Advanced Encryption Standard). According to this modification, various encryption methods can be applied.

  10 antenna, 12 broadcast receiving unit, 14 broadcast decoding unit, 16 card reading unit, 18 IC card, 20 card no. Storage unit, 22 encryption key generation unit, 24 encryption / decryption unit, 26 output formatter unit, 28 input / output interface unit, 30 MPEG decoder, 32 display unit, 34 control unit, 36 card No. 38 Broadcast information memory, 40 storage device, 50 block encryption processing unit, 52 scramble processing unit, 100 image receiving device.

Claims (7)

A first acquisition unit for acquiring data subjected to the first encryption;
A second acquisition unit that acquires first information stored in a removable first storage medium that is first information for decoding the data acquired in the first acquisition unit;
A decoding unit that decodes the data acquired in the first acquisition unit based on the first information acquired in the second acquisition unit;
A second information that is second information different from the first information and that is defined as information for identifying the first storage medium is obtained from the first storage medium storing the first information. An acquisition unit;
A first encryption unit that performs second encryption on the data decrypted by the decryption unit based on the second information obtained by the third acquisition unit;
A second encryption unit that performs a third encryption on the data that has been subjected to the second encryption in the first encryption unit;
An output unit that outputs the third encrypted data in the second encryption unit to a second storage medium;
The data processing apparatus, wherein the second encryption unit performs third encryption based on third information defined as information for identifying a second storage medium.   The second encryption unit performs the third encryption such that the period for decrypting the third encrypted data is shorter than the period for decrypting the second encrypted data. The data processing apparatus according to claim 1, wherein: The first encryption unit performs block encryption as second encryption, uses the second information to generate an encryption key for block encryption,
The data processing apparatus according to claim 2, wherein the second encryption unit executes scrambling as third encryption, and uses the third information as an initial value of scrambling. A first acquisition unit for acquiring data subjected to the first encryption;
A second acquisition unit that acquires first information stored in a removable first storage medium that is first information for decoding the data acquired in the first acquisition unit;
A decoding unit that decodes the data acquired in the first acquisition unit based on the first information acquired in the second acquisition unit;
A second information that is second information different from the first information and that is defined as information for identifying the first storage medium is obtained from the first storage medium storing the first information. An acquisition unit;
A generating unit that generates an encryption key based only on the second information acquired by the third acquiring unit;
An encryption unit that performs second encryption on the data decrypted in the decryption unit based on the encryption key generated in the generation unit;
An output unit that outputs the second encrypted data to the second storage medium in the encryption unit;
The data processing apparatus according to claim 1, wherein the encryption unit deletes the encryption key when detecting the detachment of the first storage medium. An information generator for generating third information for identifying the second storage medium related to the second information from the second information;
The data processing apparatus according to claim 4, wherein the output unit outputs the third information generated by the information generation unit to the second storage medium. Obtaining the first encrypted data;
Obtaining first information stored in a detachable first storage medium, which is first information for decrypting the obtained data;
Decrypting the acquired data based on the acquired first information;
Obtaining from the first storage medium storing the first information second information different from the first information and defined as information for identifying the first storage medium; ,
Performing second encryption on the decrypted data based on the acquired second information;
Performing a third encryption on the second encrypted data;
Outputting the third encrypted data to the second storage medium,
The data processing method characterized in that the step of executing the third encryption executes the third encryption based on third information defined as information for identifying the second storage medium. Obtaining the first encrypted data;
Obtaining first information stored in a detachable first storage medium, which is first information for decrypting the obtained data;
Decrypting the acquired data based on the acquired first information;
Obtaining from the first storage medium storing the first information second information different from the first information and defined as information for identifying the first storage medium; ,
Generating an encryption key based only on the acquired second information;
Performing a second encryption on the decrypted data based on the generated encryption key;
Outputting the second encrypted data to the second storage medium,
The step of executing the second encryption comprises erasing the encryption key when the removal of the first storage medium is detected.

Images