EP1386442A2 - Verfahren und vorrichtung zur verschlüsselung von inhalten - Google Patents

Verfahren und vorrichtung zur verschlüsselung von inhalten

Info

Publication number
EP1386442A2
EP1386442A2 EP02723772A EP02723772A EP1386442A2 EP 1386442 A2 EP1386442 A2 EP 1386442A2 EP 02723772 A EP02723772 A EP 02723772A EP 02723772 A EP02723772 A EP 02723772A EP 1386442 A2 EP1386442 A2 EP 1386442A2
Authority
EP
European Patent Office
Prior art keywords
blocks
content
encrypted
block
once
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP02723772A
Other languages
English (en)
French (fr)
Inventor
Steven C. Rhoads
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thomson Licensing SAS
Original Assignee
Thomson Licensing SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thomson Licensing SAS filed Critical Thomson Licensing SAS
Publication of EP1386442A2 publication Critical patent/EP1386442A2/de
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]

Definitions

  • This present invention relates to encrypting techniques for encrypting content.
  • One of the attributes that makes conventional encryption techniques susceptible to cryptanalysis is the fact that typically only one block of the content is encrypted at a time. Typically, the blocks are 32, 64 or 128 bits in length. Even using encryption techniques such as Cipher Block Chaining (CBC) does not prevent pirates from breaking the code using known cryptanalysis techniques.
  • CBC Cipher Block Chaining
  • the present invention is a method for encrypting content, by encrypting a first plurality of separate blocks of content to obtain a second plurality of blocks of once-encrypted content, exchanging at least a portion of the content stored in a first set of blocks of the second plurality of blocks of once-encrypted content with at least a portion of the content stored in a second set of blocks of the second plurality of blocks of once-encrypted content to generate a third plurality of blocks of once-encrypted content, and encrypting the third plurality of blocks of encrypted content to generate a fourth plurality of blocks of twice- encrypted content.
  • the present invention also comprises a computer readable medium having embodied thereon a computer program for processing by a machine.
  • the computer program including a first code segment for encrypting a first plurality of separate blocks of content to obtain a second plurality of blocks of once-encrypted content, a second code segment for exchanging at least a portion of the content stored in a first set of blocks of the second plurality of blocks of once-encrypted content with at least a portion of the content stored in a second set of blocks of the second plurality of blocks of once-encrypted content to generate a third plurality of blocks of once-encrypted content, and a third code segment for encrypting the third plurality of blocks of encrypted content to generate a fourth plurality of blocks of twice-encrypted content.
  • the present invention comprises a computer data signal embodied in a carrier wave including a first code segment for encrypting a first plurality of separate blocks of content to obtain a second plurality of blocks of once-encrypted content, a second code segment for exchanging at least a portion of the content stored in a first set of blocks of the second plurality of blocks of once-encrypted content with at least a portion of the content stored in a second set of blocks of the second plurality of blocks of once-encrypted content to generate a third plurality of blocks of once-encrypted content, and a third code segment for encrypting the third plurality of blocks of encrypted content to generate a fourth plurality of blocks of twice-encrypted content.
  • the present invention also comprises a signal transmission system including a transmitter, said transmitter encrypting a first plurality of separate blocks of content to obtain a second plurality of blocks of once-encrypted content, exchanging at least a portion of the content stored in a first set of blocks of the second plurality of blocks of once-encrypted content with at least a portion of the content stored in a second set of blocks of the second plurality of blocks of once-encrypted content to generate a third plurality of blocks of once-encrypted content, and encrypting the third plurality of blocks of encrypted content to generate a fourth plurality of blocks of twice-encrypted content before transmitting the content, and a receiver for receiving and decrypting the transmitted encrypted content.
  • a signal transmission system including a transmitter, said transmitter encrypting a first plurality of separate blocks of content to obtain a second plurality of blocks of once-encrypted content, exchanging at least a portion of the content stored in a first set of blocks of the second plurality of
  • the present invention comprises a transmitter including a device for encrypting a first plurality of separate blocks of content to obtain a second plurality of blocks of once-encrypted content, exchanging at least a portion of the content stored in a first set of blocks of the second plurality of blocks of once-encrypted content with at least a portion of the content stored in a second set of blocks of the second plurality of blocks of once-encrypted content to generate a third plurality of blocks of once-encrypted content, and encrypting the third plurality of blocks of encrypted content to generate a fourth plurality of blocks of twice- encrypted content.
  • the present invention comprises a method for decrypting content, said method including decrypting a first plurality of blocks of twice-encrypted content to generate a second plurality of blocks of once-encrypted content, exchanging at least a portion of the content stored in a first set of blocks of the second plurality of blocks of once-encrypted content with at least a portion of the content stored in a second set of blocks of the second plurality of blocks of once-encrypted content to generate a third plurality of blocks of once-encrypted content, and decrypting the third plurality of blocks of once-encrypted content to generate a fourth plurality of blocks of unencrypted content.
  • Figure 1 is flow diagram showing a method according to a first exemplary embodiment of the present invention.
  • Figure 2 is a block diagram showing a transmission system according to a first exemplary embodiment of the present invention.
  • the present invention is a method for encrypting content that is less susceptible to cryptanalysis than conventional encryption methods.
  • the present inventors have discovered that it is desirable to encrypt the entire content such that every bit of the encrypted content is dependent upon every bit of the unencrypted content, and vice versa.
  • the present invention is a method for breaking up unencrypted content into a first series of blocks, encrypting the content, 'swapping' respective one of the first series of blocks with one another, and encrypting the content a second time.
  • Cipher Block Chaining (CBC) is one encryption method for making encrypted content dependent on all of the previous unencrypted bits of the content.
  • CBC does not make the encrypted content dependent on future unencrypted bits of the content.
  • unencrypted content blocks Al, Bl and CI which are encrypted using CBC encryption.
  • block Al is encrypted to generate encrypted block A2.
  • this first encrypted block A2 is used in the encryption of all blocks which follow (e.g., Bl, CI).
  • all unencrypted blocks which follow the first block are dependent upon the first block for encryption.
  • none of the unencrypted blocks e.g., Al, Bl, CI
  • This feature of CBC makes cryptanalysis of CBC encrypted content easier. CBC also does not prevent a pirate from breaking the code one block at a time using cryptanalysis techniques.
  • the present invention is embodied in a 'loop through' method for encrypting content.
  • the 'loop through' method causes the encryption to loop through itself causing every bit of the encrypted content to be dependent on every bit of the unencrypted content.
  • a random seed number is placed at a predetermined location, such as at the beginning of the content. This makes the encrypted content different even if the same content is encrypted twice.
  • the content is encrypted using a block cipher (e.g., DES, AES, etc.).
  • the block cipher is preferably operated in the CBC mode.
  • the CBC mode requires that before a block is encrypted it is exclusive ORed with the encrypted content of the previous block. For decryption, after each block is decrypted it is exclusive ORed with the previous encrypted block.
  • the first thirty-two (32) bits of every sixty-four (64) bit block are swapped with each other.
  • the first 32 bits of the first block are swapped with the first 32 bits of the second block.
  • the first 32 bits of each block are swapped with first 32 bits of the block which is the same distance from the middle of the block set.
  • the first 32 bits of the first block are swapped with the first 32 bits of the fourth block, and the first 32 bits of the second block are swapped with the first 32 bits of the third block.
  • the first 32 bits of the first block are swapped with the first 32 bits of the sixth block
  • the first 32 bits of the second block are swapped with the first 32 bits of the fifth block
  • the first 32 bits of the third block are swapped with the first 32 bits of the fourth block.
  • 64 bit blocks may be used for loop through encryption (as opposed to 32 bit blocks).
  • the above process causes the content to be looped through itself, thus making every bit of the encrypted content dependent upon every bit of the original unencrypted content, and vice versa.
  • Figure 1 shows a flow chart for a loop through encryption method 100 for encrypting content.
  • the method begins with a first plurality of blocks 110-113 of unencrypted content, each containing 64-bit blocks.
  • blocks 110-113 of unencrypted content
  • each 64 bit block is comprised of two separate 32 bit blocks.
  • 64-bit block 110 includes two 32-bit blocks designated as P0 and PI
  • 64-bit block 111 includes two 32-bit blocks designated as P2 and P3, etc.
  • there should be sufficient number of blocks to accommodate the entire unencrypted message to be encrypted.
  • these unencrypted blocks 110-113 are encrypted using a CBC mode block cipher.
  • the first unencrypted block e.g., block 110
  • the result of the encryption of the previous block is exclusive ORed (XOR) with the block before encryption.
  • encrypted block 210 including 32 bit encrypted blocks E0, El
  • unencrypted block 110 is XORed with unencrypted block 111 to form an XOR block for encryption.
  • encrypted block 211 including 32 bit encrypted blocks E2, E3 is generated.
  • encrypted block 211 is exclusive ORed with unencrypted block 112 before the block is encrypted to generate encrypted block 212 (including 32 bit encrypted blocks E4, E5)
  • encrypted block 212 is exclusive ORed with unencrypted block 113 before the block is encrypted to generate encrypted block 213 (including 32 bit encrypted blocks E6, E7).
  • the result of the CBC block mode encryption is a second plurality of once-encrypted blocks 210-213 (including 32 bit encrypted blocks E0-E7). It will be noted that each of the once-encrypted blocks 211-213 (E2-E7) are all dependent upon the preceding block due to the exclusive OR function.
  • a 'loop through' of the once-encrypted blocks 210-213 (E0-E7) is performed.
  • 'loop through' it is meant that the first 32 bits (e.g., E0) of each 64 bit once-encrypted block (e.g., 210) are exchanged with the first 32 bits (e.g., E6) of the corresponding 64 bit once- encrypted block (e.g., 213) on the opposite side of the encrypted block array.
  • E0 is exchanged with the 32 bit block E6
  • 32 bit block E2 is exchanged with 32 bit block E4.
  • the 32 bit blocks E0-E7 are 'out of order' so to speak, resulting in a third plurality of blocks 310-313.
  • the once- encrypted and rearranged blocks 310-313 are subjected to the same CBC block cipher as described above with respect to blocks 111-113.
  • the first once- encrypted encrypted block (e.g., block 310) in the sequence is encrypted again to create a first twice-encrypted block 410.
  • the first twice- encrypted block 410 is exclusive ORed with the next (second) once-encrypted block (e.g., block 311) in the sequence before the second encryption process.
  • block 310 is first once-encrypted to generate twice-encrypted block 410 (including 32 bit encrypted blocks F0, FI).
  • twice-encrypted block 410 is exclusive ORed with once-encrypted block 311 before the block is encrypted again to generate twice-encrypted block 411 (including 32 bit encrypted blocks F2, F3).
  • twice-encrypted block 411 is exclusive ORed with once-encrypted block 312 before the block is again encrypted to generate twice- encrypted block 412 (including 32 bit encrypted blocks F4, F5)
  • twice-encrypted block 412 is exclusive ORed with once-encrypted block 313 before the block is encrypted again to generate twice-encrypted block 413 (including 32 bit encrypted blocks F6, F7).
  • the above- described process produces a fourth plurality of blocks 410-413 which are twice-encrypted and once rearranged ('swapped').
  • each of the blocks 410-413 are first unencrypted and then exclusive ORed with the previous block in the sequence to produce the blocks 310-313. Then, the 'loop through' operation is performed in reverse to generate the blocks 210-213. Finally, each of the blocks 210-213 are unencrypted and exclusive ORed with the previous block in the sequence to produce the original unencrypted blocks 110-113.
  • FIG. 2 shows a transmission system 200 according to an exemplary embodiment of the invention.
  • the system 200 includes a transmitter 210 and a receiver 220.
  • the transmitter 210 preferably includes hardware or software for implementing the above-described encryption method.
  • the transmitter 210 also preferably includes hardware or software for transmitting such encrypted content to the receiver 220.
  • the receiver 220 includes hardware or software for receiving and decrypting the content forwarded by the transmitter 210.
  • the receiver 220 may use the above-described decryption process for decrypting the received content.
  • the connection between the transmitter 210 and the receiver 220 is shown in Figure 2 as being a wireless connection, it will be noted by those skilled in the art that wired connections may also be used without departing from the scope of the present invention.
  • the transmission system 200 may comprise many different types of transmission systems.
  • the transmission system 200 may comprise a conditional access (CA) system where the transmitter 210 comprises a satellite or cable transmission station and the receiver 220 comprises a set top box (STB) or other equivalent receiving unit.
  • CA conditional access
  • STB set top box
  • the present invention may be embodied in the form of computer-implemented processes and apparatus for practicing those processes.
  • the present invention may also be embodied in the form of computer program code embodied in tangible media, such as floppy diskettes, read only memories (ROMs), CD-ROMs, hard drives, high density disk, or any other computer-readable storage medium, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention.
  • the present invention may also be embodied in the form of computer program code, for example, whether stored in a storage medium, loaded into and/or executed by a computer, or transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via electromagnetic radiation, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention.
  • computer program code segments configure the processor to create specific logic circuits.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
EP02723772A 2001-04-07 2002-04-03 Verfahren und vorrichtung zur verschlüsselung von inhalten Withdrawn EP1386442A2 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US28205601P 2001-04-07 2001-04-07
US282056P 2001-04-07
PCT/US2002/010691 WO2003010916A2 (en) 2001-04-07 2002-04-03 Method and apparatus for encrypting content

Publications (1)

Publication Number Publication Date
EP1386442A2 true EP1386442A2 (de) 2004-02-04

Family

ID=23079918

Family Applications (1)

Application Number Title Priority Date Filing Date
EP02723772A Withdrawn EP1386442A2 (de) 2001-04-07 2002-04-03 Verfahren und vorrichtung zur verschlüsselung von inhalten

Country Status (6)

Country Link
EP (1) EP1386442A2 (de)
JP (1) JP2004537072A (de)
KR (1) KR20030085097A (de)
CN (1) CN1531799A (de)
MX (1) MXPA03008892A (de)
WO (1) WO2003010916A2 (de)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2013011702A (ja) * 2011-06-28 2013-01-17 Dainippon Printing Co Ltd 暗号化方法、暗号化プログラム、暗号化装置、復号方法、復号プログラム、復号装置
WO2016153457A1 (en) * 2015-03-20 2016-09-29 Hewlett Packard Enterprise Development Lp Datastream block encryption

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3905667A1 (de) * 1989-02-24 1990-08-30 Ant Nachrichtentech Verfahren zum ver- und entschluesseln eines nachrichtenstromes

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO03010916A2 *

Also Published As

Publication number Publication date
JP2004537072A (ja) 2004-12-09
MXPA03008892A (es) 2003-12-08
WO2003010916A2 (en) 2003-02-06
WO2003010916A3 (en) 2003-10-02
CN1531799A (zh) 2004-09-22
KR20030085097A (ko) 2003-11-01

Similar Documents

Publication Publication Date Title
CN100592683C (zh) 来自数字权利管理加密解密器的受保护的返回路径
US5438622A (en) Method and apparatus for improving the security of an electronic codebook encryption scheme utilizing an offset in the pseudorandom sequence
US5345508A (en) Method and apparatus for variable-overhead cached encryption
US8170204B2 (en) Method and system for extending advanced encryption standard (AES) operations for enhanced security
US8542822B2 (en) Method and module for renewing the code of a cryptographic algorithm, method and module for generating a seed, security processor and recording carrier for these methods
KR20100069610A (ko) 연쇄화된 암호화 모드를 위한 방법 및 디바이스
KR102397579B1 (ko) 부채널 분석 방지를 위한 화이트박스 암호 방법 및 장치
JP4650267B2 (ja) 送信装置および方法、受信装置および方法、ならびに、データ伝送システムおよびデータ伝送方法
CN106571911A (zh) 基于设备和数据认证的数据加密和解密
WO2004092956A1 (en) Cascading key encryption
JPH0224694A (ja) キーセキュリティシステムおよびデスクランブル装置
JPH1075240A (ja) データ送信を保護する方法およびデータを暗号化または解読化する装置
CN1337624A (zh) 保护计算机系统内版权数据的装置、方法
US20080123848A1 (en) System and method for data security, encryption apparatus and decryption apparatus
US20040141614A1 (en) Data encryption apparatus and method
US20040131181A1 (en) Method and apparatus for encrypting content
US8229115B2 (en) Use of copyright text in key derivation function
JPWO2005010850A1 (ja) 暗号/復号装置及び方法
JP4596256B2 (ja) 送受信システムおよび方法、送信装置および方法、受信装置および方法、並びにプログラム
Kanjanarin et al. Scrambling and key distribution scheme for digital television
EP2326043A1 (de) Verhinderung des Klonens von Empfängern verschlüsselter Nachrichten
US8577022B2 (en) Data processing apparatus
KR20150064042A (ko) 디지털 데이터 블록 암호화 및 해독화 방법
JP2005244534A (ja) 暗号通信装置および暗号通信方法
CN103250372B (zh) 获得控制字以揭示客户端设备标识

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20031003

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: THOMSON LICENSING

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20081101