Electrical computers and digital processing systems: support – Data processing protection using cryptography – Tamper resistant
Reexamination Certificate
2000-03-14
2004-09-14
Wright, Norman M. (Department: 2134)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
Tamper resistant
C713S193000, C713S191000, C713S181000, C713S180000, C713S179000
Reexamination Certificate
active
06792539
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a data processing method and apparatus for encrypting and decrypting digital data comprised of one or more related modules (e.g., an audio track comprising a sequence of songs) for transfer to and from a data processing apparatus and a storage device.
2. Description of the Related Art
In order to prevent illicit use, data files which contain copyrighted material can be encrypted prior to storage. For example, it is sometimes necessary for storage and/or editing to divide an audio track corresponding to a sequence of songs into related data modules (or parts) whose smaller size is more conducive to various storage mediums. Because the various parts of a track may not be stored sequentially, each track must contain information defining the parts of which it is comprised. Otherwise, parts may become lost during transfers or editing. Therefore, any changes to the parts must be recognized at the track level. In addition, each part is comprised of a sequence of data blocks (clusters). Such audio tracks are often encrypted to prevent unauthorized use and copying of the music.
In order to make unauthorized use of the data more difficult, the encryption process assigns a content key to each track and a part key to each part (module). The content keys and part keys are then processed into block keys for encrypting the data at the block level.
When data encrypted in this manner is edited, encrypted parts may end up belonging to a new track which was encrypted with different block keys. Because the block keys depend on the track keys and part keys, any changes in the content of a track requires the data be first decrypted using the old track and part keys, then re-encrypted with the new track and part keys. Otherwise, tracks encrypted with a mix of keys will result and parts could become lost. This would make subsequent use of the data impossible.
This requirement that the previously encrypted track data be decrypted and then re-encrypted whenever editing is performed creates a tremendous processing burden. Currently, this burden results in processing times that make such encryption impractical.
OBJECTS OF THE INVENTION
It is an object of the present invention to alleviate the related art's above discussed processing problem by providing a data processing method and apparatus capable of shortening the processing time required when editing or the like is performed.
It is another object of the present invention that different encryption key data be assigned to track data which has already been encrypted without requiring it to be decrypted first.
Still other objects and advantages of the invention will in part be obvious and will in part be apparent from the specification and the drawings.
SUMMARY OF THE INVENTION
In order to solve the aforementioned problem and achieve the above objects, an aspect of the present invention is a data processing method for encrypting/decrypting digital data for transfer from a data processing apparatus to a storage device. The data processing method encrypts a content key generated in the data processing apparatus by a session key. The session encrypted content key is transmitted from the data processing apparatus to the storage device where it is decrypted back into the content key by the session key. The content key is then storage encrypted by a storage use key and transmitted to the data processing apparatus. The digital data is then encrypted in the data processing apparatus on the basis of the storage encrypted content key. The encrypted digital data is then transmitted along with the storage encrypted content key from the data processing apparatus to the storage device for storage.
In this aspect of the present invention, even in the case where the content key is changed, the encryption processing is designed so as not to require decryption and reencryption of the encrypted track data.
The invention also contemplates a data processing method wherein the data track is comprised of one or more related modules. Each data track has a corresponding content key and each related module has a corresponding part key.
As another aspect of the present invention, the data encryption is further comprised of calculating a temporary key corresponding to each related module of each data track on the basis of the corresponding part key and the corresponding content key. The corresponding part key is designed such that the temporary key remains the same when the corresponding content key is changed. Each related module in the data processing apparatus is then encrypted on the basis of its corresponding temporary key.
As a further aspect, the related modules are comprised of one or more sub-modules. A block seed is assigned to each sub-module. A block key is then calculated for each sub-module on the basis of the temporary key and the block seed. Each sub-module is then encrypted using the corresponding block key.
According to the invention, digital data is encrypted/decrypted for transfer from a storage device to a data processing apparatus. Encrypted digital data is transmitted along with a storage encrypted content key from the storage device to the data processing apparatus. The storage encrypted content key is extracted from the encrypted digital data using a session key and transmitted to the storage device. The storage encrypted content key is decrypted back into the content key using a storage use key. The content key is then re-encrypted into a session encrypted content key by the session key. The session encrypted content key is then transmitted to the data processing apparatus where it is decrypted back into the content key by the session key. Then the encrypted data is decrypted by the content key for expansion and output to a speaker.
Apparatus in accordance with this invention comprises an encryption means for encrypting a content key by a session key; interface means for outputting the content key encrypted by the session key to a storage device and for inputting the content key encrypted by a storage use key of the storage device; the encryption means encrypts the digital data based on the content key encrypted by the storage use key; and the interface means outputting the encrypted digital data along with the content key encrypted by the storage use key to the storage device.
A data storage device according to the invention comprises a decryption means for decrypting a content key by a session key encryption means for encrypting the decrypted content key by a storage use key; interface means for inputting the content key encrypted by the session key from a data processing apparatus, for outputting the content key encrypted by the storage use key, and for inputting the encrypted digital data along with the content key encrypted by the storage use from the data processing apparatus; and memory means for storing the encrypted digital data and the content key input from the data processing apparatus.
Another aspect of the present invention contemplates a data processing system for inputting and outputting digital data between a data processing apparatus and a storage device. The data processing apparatus comprises a first encryption means for encrypting a content key by a session key; a first interface means for outputting the content key encrypted by the session key to a storage device and inputting the content key encrypted by a storage use key of the storage device; the first encryption means encrypts the digital data being based on the content key encrypted by the storage use key, and the interface means outputting the encrypted digital data along with the content key encrypted by the storage use key to the storage device. The storage device comprises decryption means for decrypting a content key from the data processing apparatus by the session key, second encryption means for encrypting the decrypted content key by the storage use key, second interface means for inputting the content key encrypted by the session key from a data processing apparatus, for outputt
Ishiguro Ryuji
Kihara Nobuyuki
Oishi Tateo
Okaue Takumi
Yokota Teppei
Frommer William S.
Frommer & Lawrence & Haug LLP
Simon Darren M.
Sony Corporation
Wright Norman M.
LandOfFree
Processing method and apparatus for encrypted data transfer does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Processing method and apparatus for encrypted data transfer, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Processing method and apparatus for encrypted data transfer will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3249465