What is described below as the preferred embodiments of the present invention with reference to the accompanying drawings corresponds to the appended claims as follows: the description of the preferred embodiments basically provides specific examples supporting what is claimed. If any example of the invention described below as a preferred embodiment does not have an exactly corresponding claim, this does not means that the example in question has no relevance to the claims. Conversely, if any example of the invention described hereunder has a specifically corresponding claim, this does not mean that the example in question is limited to that claim or has no relevance to other claims.
One preferred embodiment of the present invention is an information processing apparatus (e.g., encryption apparatus 113 in
Preferably, the conversion unit may encrypt the first signal for conversion into the second signal.
The conversion involving the encryption may preferably be based on the Advanced Encryption Standard known as the AES.
Preferably, the conversion unit may decrypt the first signal for conversion into the second signal.
The conversion involving the decryption may preferably be based on the AES as well.
Preferably, the first signal may be a video signal based on a standard known as HD-SDI which stands for the High Definition Serial Digital Interface.
Preferably, the third signal may be provided in such a manner that the first signal is selected for an area of each of frames constituting an image corresponding to the first signal and that the second signal is selected for another area of each of the frames making up the image.
Another preferred embodiment of the present invention is an information processing method or a program for use respectively with an information processing apparatus or with a computer of the apparatus for converting a first signal furnished as an input baseband video signal into a second signal to be output. The method or the program causing the apparatus or the computer respectively to execute a process or a procedure includes the steps of: converting (e.g., in step S12 of
The preferred embodiments of the present invention will now be described in more detail with reference to the accompanying drawings.
The encryption and decryption system 101 is made up of an image output apparatus ill, a transmission site monitor 112, an encryption apparatus 113, a repeater site monitor 115, a decryption apparatus 117, and a reception site monitor 118. The encryption apparatus 113 and decryption apparatus 117 are connected with each other by way of networks 114 and 116. Also connected via the networks are the transmission site monitor 112 that monitors AV data representative of stream data constituting images in frames (e.g., contents such as movies) for input to the encryption apparatus 113, the repeater site monitor 115 that monitors AV data sent from the network 114 to the network 116, and the reception site monitor 118 that monitors AV data to be output by the decryption apparatus 117.
In other words, the encryption and decryption system 101 is an image repeating system that repeats AV data. The AV data may illustratively be HD-SDI data making up a baseband video signal constituted by data of at least one frame. It is assumed that each frame is formed by AV data Y representing the luminance of each of the pixels constituting the frame in question and by AV data Cb/Cr denoting the color of each of the pixels making up the frame. Although the ensuing description of this embodiment will present the HD-SDI baseband video signal as a representative signal, this is not limitative of the invention. Any other suitable baseband digital video signal may be adopted instead.
The image output apparatus 111 supplies image data such as AV data to the transmission site monitor 112 and encryption apparatus 113.
The transmission site monitor 112 displays on its screen an image corresponding to the AV data fed from the image output apparatus 111. This allows personnel monitoring the transmission site to verify, on the screen of the transmission site monitor 112, the image corresponding to the AV data yet to be encrypted by the encryption apparatus 113. The image displayed on the screen of the transmission site monitor 112 is obviously recognizable by monitoring personnel because the image has yet to be encrypted.
The encryption apparatus 113 encrypts part of the AV data supplied by the image output apparatus 11 illustratively through the use of a common key (called the LE key for this embodiment; it may otherwise be called the AES key) for AV data encryption based on the AES. The partially encrypted AV data is sent over the networks 114 and 116 to the decryption apparatus 117. As will be discussed later in more detail, the encryption apparatus 113 encrypts the AV data not totally but partially, illustratively encrypting only the areas other than a particular area of each of the frames constituting the image of the AV data in question.
The encryption apparatus 113 is connected to the network 114 and the decryption apparatus 117 to the network 116. The repeater site monitor 115 is connected interposingly between the networks 114 and 116. The networks 114 and 116 are constituted by interconnected networks or communication circuits such as the Internet, and they allow the encryption apparatus 113 and decryption apparatus 117 to communicate with each other in keeping with suitable protocols such as TCP/IP (Transmission Control Protocol/Internet Protocol).
The repeater site monitor 115 displays on its screen an image corresponding to AV data which is sent from the encryption apparatus 113 to the decryption apparatus 117 and which is passed from the network 114 on to the network 116. Personnel monitoring the repeater site can thus verify, on the screen of the repeater site monitor 115, the AV data partially encrypted by the encryption apparatus 113 and yet to be decrypted by the decryption apparatus 117. Usually, the image appearing on the screen of the repeater site monitor 115 is encrypted and therefore unrecognizable by monitoring personnel. By contrast, the AV data sent by the encryption apparatus 113 is partially encrypted and thus makes up a partially recognizable image for the monitoring personnel to verify.
Images corresponding to the partially encrypted AV data are described below in more detail with reference to
In the example of
The repeater site monitor 115, although not in possession of the common key (LE key), thus displays (i.e., discloses) that part of the color bar which is left unencrypted by the so-called image half-disclosure technique. In this manner, the repeater site monitor 115 permits monitoring of video characteristics using the monitor-destined image at a site for repeating AV data.
In the example of
Although not in possession of the common key (LE key), the repeater site monitor 115 can thus allow monitoring personnel to recognize video attributes of the repeated image meaningfully representing, say, an unencrypted broadcasting station call sign (“XYZTV”) at an AV data repeater site. The partially disclosed symbol portion is not limited to still images; it may be a moving picture, a bar code, or other diverse data that may be displayed as a recognizable image.
In the example of
Without the common key (LE key), the repeater site monitor 115 can thus enable monitoring personnel to recognize video attributes of the repeated image meaningfully representing, say, unencrypted character shapes (“TV”) at an AV data repeater site. The partially disclosed character shapes are not limited to alphabetic characters shown in
In
Returning to
The reception site monitor 118 displays on its screen the AV data fed from the decryption apparatus 117. This allows personnel monitoring the reception site to verify, on then screen of the reception site monitor 118, the AV data partially encrypted by the encryption apparatus 113 and decrypted by the decryption apparatus 117. Having undergone decryption, the image on the screen of the reception site monitor 118 at this point is recognizable by monitoring personnel.
More specifically, with the AV data decrypted back to the original form, the reception site monitor 118 displays the color bar all over its screen as in the case of the transmission site monitor 112 described above.
In reference to
The setup of
Illustratively, the encryption apparatus 113 converts the AV data input from the image output apparatus 111 in accordance with a suitable encryption method and forwards the encrypted AV data to the decryption apparatus 117 by way of the networks 114 and 116. The encryption apparatus 113 is structured to include a conversion unit 131, a delay unit 132, and a selection unit 133.
The conversion unit 131 converts the AV data coming from the image output apparatus 111 in accordance with the predetermined method and sends the converted AV data to the selection unit 133. More specifically, the conversion unit 131 may encrypt the AV data and supply the encrypted AV data to the selection unit 133. Instead of resorting to encryption, the conversion unit 131 may alternatively convert the AV data through a scrambling process.
The delay unit 132 delays by a suitable time period the AV data coming from the image output apparatus 111 and sends the delayed AV data to the selection unit 133. It takes some time for the conversion unit 131 to convert the input AV data. In view of that converting time, the delay unit 132 delays its own input AV data in such a manner that the AV data output by the conversion unit 131 and the AV data output by this delay unit 132 will enter the selection unit 133 synchronously.
The selection unit 133 admits a key signal 151E in addition to the converted AV data coming from the conversion unit 131 as well as the delayed AV data from the delay unit 132. As will be discussed later in more detail, the key signal 151E is a signal that causes the selection unit 133 to select either of the synchronously input AV data items from the conversion unit 131 and delay unit 132.
The selection unit 133 thus selects either the converted AV data or the unconverted AV data which have been input synchronously, on the basis of the input key signal 151E. The selected AV data is supplied to the decryption apparatus 117. Consequently, the AV data fed to the decryption unit 117 is turned into partially converted data illustratively representing an image in frames, part of each of the frames being left unconverted.
The decryption apparatus 117 converts the partially converted AV data coming from the encryption apparatus 113 over the networks 114 and 116, through the use of a predetermined method paired with the conversion method adopted by the encryption apparatus 113. The AV data thus decrypted is output illustratively to the reception site monitor 118. The decryption apparatus 117 is structured to include a conversion unit 141, a delay unit 142, and a selection unit 143.
The conversion unit 141 converts the partially converted AV data coming from the encryption apparatus 113 back to the original form by use of the predetermined method. The reconstructed AV data following the conversion is supplied to the selection unit 143. More specifically, the conversion unit 141 may decrypt the partially encrypted AV data and send the decrypted AV data to the selection unit 143. Instead of resorting to decryption, the conversion unit 141 may alternatively convert the AV data through a descrambling process.
The delay unit 142 delays by a suitable time period the AV data coming from the encryption apparatus 113 and sends the delayed AV data to the selection unit 143. As in the case of the encryption apparatus 113, the decryption apparatus 141 thus allows the AV data coming from the conversion unit 141 and the AV data from the delay unit 142 to enter the selection unit 143 synchronously.
The selection unit 143 admits a key signal 151D in addition to the converted AV data coming from the conversion unit 141 as well as the delayed AV data from the delay unit 142. As will be discussed later in more detail, the key signal 151D is a signal which corresponds to the key signal 151E and which causes the selection unit 143 to select either of the synchronously input AV data items from the conversion unit 141 and delay unit 142.
The selection unit 143 thus selects either the synchronously input AV data converted back to the original form or the unconverted AV data (i.e., partially converted AV data) also input synchronously, on the basis of the input key signal 151D. The selected AV data is supplied illustratively to the reception site monitor 118.
By treating the key signal 151D on the same level as the key signal 151E, the selection unit 143 selects the supplied AV data at the same time as the selection unit 133 selects its own supplied AV data. Following the process, the AV data output by the decryption apparatus 117 comes out in two forms: the reconstructed AV data having undergone conversion by the encryption apparatus 113, and the unconverted AV data not undergoing conversion by the encryption apparatus 113.
The key signals 151E and 151D may be placed beforehand in the encryption apparatus 113 and decryption apparatus 117, respectively. Alternatively, an external device may supply the encryption apparatus 113 and decryption apparatus 117 with the key signals 151E and 151D, respectively, issued on the same level.
In the setup of
A more specific case of conversion involving the encryption apparatus 113 and decryption apparatus 117 will now be described. This will be an example in which the encryption and decryption system 101 is explained in more detail, formed by the encryption apparatus 113 that encrypts AV data and by the decryption apparatus 117 that decrypts the encrypted AV data.
In the example of
The AES encryption data generation unit 171 generates data for direct AV data encryption (the generated data will be called the AES encryption data 205 hereunder) using an AES input 202E and a common key 201E for encrypting AV data in accordance with the AES. The AES encryption data 205 thus generated is sent to the P-P conversion unit 172.
The P-P conversion unit 172 is supplied with the AES encryption data 205 from the AES encryption data generation unit 171. From the AES encryption data 205, the P-P conversion unit 172 extracts two forms of data: data for encrypting AV data Y representative of the luminance of each of the pixels constituting each of the frames making up the AV data, and data for encrypting AV data Cb/Cr indicative of the color of each of the pixels involved. The two extracted data streams are fed to the stream conversion units 173a and 173b respectively.
The stream conversion unit 173a converts the AV data Y supplied by the P-P conversion unit 172 by use of the predetermined method and feeds the converted data (called the AES encryption data 205a hereunder) to the luminance data encryption unit 174a. Likewise, the stream conversion unit 173b converts the AV data Cb/Cr using the predetermined method and supplies the converted data (called the AES encryption data 205b) to the color data encryption unit 174b.
In the above setup, the AES encryption data generation unit 171 generates the AES encryption data 205 of 128 bits from 256-bit input data formed by the LE key 201E of 128 bits and by the AES input 202E of 128 bits. The AES encryption data 205 thus generated is supplied to the P-P conversion unit 172. From the 128-bit AES encryption data 205, the P-P conversion unit 172 extracts low-order 120 bits in increments of 10 bits as the data used actually to encrypt AV data. Following the extraction, the P-P conversion unit 172 sends the AES encryption data 205a and 205b to the luminance data encryption unit 174a and color data encryption unit 174b via the stream conversion units 173a and 173b, respectively.
The luminance data encryption unit 174a is given a choice between the AV data Y representing the luminance of each of the pixels constituting each of the frames of AV data and the AV data Cb/Cr denoting the color of each of the pixels making up each of the frames. Using the AES encryption data 205a coming from the stream conversion unit 173a in increments of 10 bits, the luminance data encryption unit 174a encrypts the AV data Y and feeds the encrypted AV data Y to the superimposing unit 163. In this case, the luminance data encryption unit 174a encrypts the AV data in increments of frames using a frame reset 203E supplied by the metadata generation unit 162.
The color data encryption unit 174b is also given a choice between the AV data Y and the AV data Cb/Cr making up the AV data. Using the AES encryption data 205b coming from the stream conversion unit 173b in increments of 10 bits, the color data encryption unit 174b encrypts the AV data Cb/Cr denoting the color of each of the pixels, and feeds the encrypted AV data Cb/Cr to the selection unit 133. In this case, as with the luminance data encryption unit 174a, the color data encryption unit 174b encrypts the AV data in increments of frames using the frame reset 203E.
The metadata generation unit 162 and timing generator generate various items of information necessary for encryption by the encryption unit 161 (i.e., information to be eventually necessary by the decryption apparatus 117 for decryption). The generated items of information illustratively include the LE key 201E, AES input 202E, and frame reset 203E among others, as mentioned above. The metadata generation unit 162 adds some of these items of information as supplementary information to the LE key 201E to create data called LEKP (Link Encryption Key Payload). The metadata generation unit 162 proceeds to encrypt the LEKP illustratively in accordance with the RSA (R. Rivest, A. Shamir, L. Adleman) Cryptosystem (trademark; a 2048-bit encryption system) using a public key available on the side of the decryption apparatus 117. The LEKP encrypted by the RSA Cryptosystem is called ELEKP. This is how the metadata generation unit 162 generates ELEKP. In addition to ELEKP, the metadata generation unit 162 generates metadata 204 made up of a component of the AES input 202E and other data, and sends the generated metadata 204 to the superimposing unit 163.
The superimposing unit 163 superimposes the metadata 204 generated by the metadata generation unit 162 onto the encrypted AV data Y from the luminance data encryption unit 174a illustratively in the V blanking period. The resulting data (called the metadata-superimposed encrypted AV data Y) is sent from the superimposing unit 163 to the selection unit 133. At this point, the metadata 204 is superimposed in increments of frames. As mentioned above, the encrypted AV data is composed of the encrypted AV data Y (i.e., metadata-superimposed encrypted AV data Y) and the encrypted AV data Cb/Cr.
Out of the AV data Y and AV data Cb/Cr constituting the input AV data, the delay unit 132a delays by a suitable time period the AV data Y denoting the luminance of each of the pixels involved. The delayed AV data (called the unencrypted AV data Y hereunder) is fed to the selection unit 133. Likewise, the delay unit 132a delays by a suitable time period the AV data Cb/Cr representing the color of each of the pixels (called the unencrypted AV data Cb/Cr hereunder) and supplies the delayed data to the selection unit 133. In the ensuing decryption, the unencrypted AV data Y and the unencrypted AV data Cb/Cr will be referred to generically as the unencrypted AV data.
It takes some time for the conversion unit 131 to convert the input AV data. In view of that converting time, the delay units 132a and 132b delay respectively the AV data Y and the AV data Cb/Cr constituting the input AV data in such a manner that the encrypted AV data Y and AV data Cb/Cr output by the conversion unit 131 and the unencrypted AV data Y and AV data Cb/Cr output by these delay units 132a and 132b will enter the selection unit 133 synchronously. In other words, the encrypted AV data and the unencrypted AV data are input synchronously to the selection unit 133.
The selection unit 133 is given the following input: the metadata-superimposed encrypted AV data Y coming from the superimposing unit 163 as an input signal IN1, the encrypted AV data Cb/Cr also sent as the input signal IN1 from the color data encryption unit 174b, the unencrypted AV data Y sent as an input signal IN2 from the delay unit 132a, the unencrypted AV data Cb/Cr also sent as the input signal IN2 from the delay unit 132b, and the key signal 151E.
On the basis of the key signal 151E, the selection unit 133 selects either the metadata-superimposed encrypted AV data Y (input signal IN1) or the unencrypted AV data Y (input signal IN2) as the AV data Y representing the luminance of each of the pixels, and selects either the encrypted AV data Cb/Cr (input signal IN1) or the unencrypted AV data Cb/Cr (input signal IN2) as the AV data Cb/Cr indicating the color of each of the pixels. The selection unit 133 proceeds to supply the selected AV data Y (called the partially encrypted AV data Y hereunder) and AV data Cb/Cr (called the partially encrypted AV data Cb/Cr hereunder) to the decryption apparatus 117. In the ensuing description, the partially encrypted AV data Y and the partially encrypted AV data Cb/Cr will be referred to generically as the partially encrypted AV data (output signal OUT).
The selection unit 133 will now be described in more detail with reference to
As described above, the selection unit 133 selects either the input signal IN1 or the input signal IN2 based on the key signal 151E and forwards the selected input signal to the decryption apparatus 117 as the output signal OUT. The selection unit 133 is structured to include a delay unit 221, a comparator 222, and switches S1 and S2.
The key signal 151E is input to the delay unit 221. Illustratively, the delay unit 221 delays a Y signal constituting a luminance component of the key signal 151E in such a manner that the delayed signal component will enter the comparator 222 in synchronism with the input signals IN1 and IN2.
As shown in
The key signals 151a through 151f each make up white (shown blank) and black (shown shaded) areas. The white areas represent areas that are left unencrypted, and the blank areas denote areas that are encrypted.
Individually, the key signal 151a is furnished as a signal that leaves a band-shaped blank strip unencrypted while encrypting the remaining shaded areas as illustrated. When the AV data is encrypted by the encryption apparatus 113 based on the key signal 151a, the repeater site monitor 115 displays on its screen an image such as the one shown on the right-hand side of
Likewise, the key signal 151b is furnished as a signal that leaves a rectangular area in the top right corner unencrypted while encrypting the remaining areas as illustrated. When the key signal 151b is utilized, the repeater site monitor 115 displays on its screen an image such as the one shown on the right-hand side of
The unencrypted white areas can take divers shapes including the above-described band-shaped strip, rectangular shape in the top right corner, and character-shaped areas (“TV”). The unencrypted white areas can also be an ellipse and a lozenge designated by the key signal 151d, a left-hand half screen area designated by the key signal 151e, or an entire display screen except for a rectangle at the screen bottom as designated by the key signal 151f as illustrated, or other suitable shapes.
The display areas to be encrypted can be varied as desired by suitably modifying the key signal 151E. This makes it possible to keep in balance the confidentiality of a given image and the tolerable degree of its disclosure on the screen of the repeater site monitor 115.
The comparator 222 receives a predetermined threshold value in addition to the key signal 151E coming from the delay unit 221. The comparator 222 compares the key signal 151E with the threshold value, and supplies the switches S1 and S2 with a control signal reflecting the result of the comparison. The switches S1 and S2 perform their switching actions in accordance with the control signal supplied by the comparator 222.
If the Y signal as the luminance component of the key signal 151E is equal to or lower than the threshold value, as shown in the second row of the table in
If the Y signal as the luminance component of the key signal 151E is higher than the threshold value, as shown in the third row of the table in
In the foregoing description, the delay unit 221 was shown to let the Y signal constituting the luminance component of the key signal 151E enter the comparator 222. Alternatively, the delay unit 221 may allow a chroma signal (Cb/Cr signal) representing a color difference component of the key signal 115E to be input. In this case, the comparator 222 compares the predetermined threshold value with the Cb/Cr signal and supplies the switches S1 and S2 with a control signal reflecting the result of the comparison. As another alternative, the threshold value entering the comparator 222 may have its level not fixed but changed dynamically.
Returning to
In the example of
The metadata extraction unit 181 extracts the metadata 204 and other information from the metadata-superimposed encrypted AV data Y in the partially encrypted AV data offered by the encryption apparatus 113. Given the extracted information, the metadata extraction unit 181 generates an LE key 201D and an AES input 202D from the metadata 204, and a frame reset 203D from the timing signal. These generated items of information are supplied to the decryption unit 182. It should be noted that the LE KEY 201D, AES input 202D, and frame reset 203D are reconstructed respectively from the LE key 201E, AES input 202E, and frame reset 203E used by the encryption apparatus 113 for generating the encrypted AV data. For this reason, it may also be said that the metadata extraction unit 181 and the timing generator work to restore the LE key 201E, AES input 202E, and frame reset 203E before feeding them to the decryption unit 182.
In the example of
The AES decryption data generation unit 191 generates data (called the AES decryption data 206 hereunder) for directly decrypting the partially encrypted AV data (encrypted according to the AES) through the use of the LE key 201D and AES input 202D coming from the metadata extraction unit 181. The AES decryption data 206 thus generated is sent to the P-P conversion unit 192. That is, the AES decryption data 206 is data that is used to decrypt the ASE encryption data 205.
The P-P conversion unit 192 is supplied with the AES decryption data 206 from the AES decryption data generation unit 191. From the AES decryption data generation unit 191, the P-P conversion unit 192 acquires two kinds of data: data for decrypting the partially encrypted AV data Y representing the luminance of each of the pixels constituting each of the frames of AV data, and data for decrypting the partially encrypted AV data Cb/Cr denoting the color of each of the pixels involved. The P-P conversion unit 192 forwards the two kinds of data thus acquired to the stream conversion units 193a and 193b respectively.
The stream conversion unit 193a converts by a predetermined method the data for decrypting the partially encrypted AV data Y coming from the P-P conversion unit 192, and supplies the converted data (called the AES decryption data 206a hereunder) to the luminance data decryption unit 194a. Likewise, the stream conversion unit 193b converts by the predetermined method the data for decrypting the partially encrypted AV data Cb/Cr, and supplies the converted data (called the AES decryption data 206b hereunder) to the color data decryption unit 194b.
Using the AES decryption data 206a fed by the stream conversion unit 193a, the luminance data decryption unit 194a decrypts the metadata-superimposed encrypted AV data Y out of the partially encrypted AV data Y, and supplies the resulting AV data Y (called the decrypted AV data Y hereunder) to the selection unit 143. At this point, the luminance data decryption unit 194a decrypts the partially encrypted AV data Y in increments of frames using the frame reset 203D provided by the metadata extraction unit 181.
Using the AES decryption data 206b fed by the stream conversion unit 193b, the color data decryption unit 194b decrypts the encrypted AV data Cb/Cr out of the partially encrypted AV data Cb/Cr, and supplies the resulting AV data Cb/Cr (called the decrypted AV data Cb/Cr hereunder) to the selection unit 143. At this point, like the luminance data decryption unit 194a, the color data decryption unit 194b decrypts the encrypted AV data Cb/Cr in increments of frames using the frame reset 203D. In the ensuing decryption, the decrypted AV data Y and the decrypted AV data Cb/Cr will be referred to generically as the decrypted AV data.
The delay unit 142a delays by a suitable time period the partially encrypted AV data Y representing the luminance of each of the pixels involved out of the partially encrypted AV data supplied by the encryption apparatus 113, and forwards the delayed partially encrypted AV data Y (called the undecrypted AV data Y hereunder) to the selection unit 143. Likewise, the delay unit 142b delays by a suitable time period the partially encrypted AV data Cb/Cr denoting the color of each of the pixels involved out of the partially encrypted AV, and forwards the delayed partially encrypted AV data Cb/Cr (called the undecrypted AV data Cb/Cr hereunder) to the selection unit 143. In the ensuing description, the undecrypted AV data Y and the undecrypted AV data Cb/Cr will be referred to generically as the undecrypted AV data.
In the setup described above, the selection unit 143 admits four kinds of data synchronously: the decrypted AV data Y and the decrypted AV data Cb/Cr coming from the conversion unit 141, and the undecrypted AV data Y and the undecrypted AV data Cb/Cr output by the delay units 142a and 142b respectively. In other words, the decrypted AV data and the undecrypted AV data are input synchronously to the selection unit 143.
The selection unit 143 is given the key signal 151D in addition to the input signal IN1 constituted by the decrypted AV data Y coming from the luminance data decryption unit 194a and by the decrypted AV data Cb/Cr from the color data decryption unit 194b, and the input signal IN2 formed by the undecrypted AV data Y from the delay unit 142a and by the undecrypted AV data Cb/Cr from the delay unit 142b.
On the basis of the key signal 151D, the selection unit 143 selects either the decrypted data Y (input signal IN1) or the undecrypted AV data Y (input signal IN2) as the AV data Y representing the luminance of each of the pixels involved, and chooses either the decrypted data Cb/Cr (input signal IN1) or the undecrypted AV data Cb/Cr (input signal IN2) as the AV data Cb/Cr denoting the color of each of the pixels. The selection unit 143 then sends illustratively to the reception site monitor 118 an output signal OUT constituted by the selected AV data Y (called the partially decrypted AV data Y hereunder) and by the selected AV data Cb/Cr (called the partially decrypted AV data Cb/Cr hereunder). In the ensuing description, the partially decrypted AV data Y and the partially decrypted AV data Cb/Cr will be referred to generically as the partially decrypted AV data (output signal OUT).
The selecting operations of the selection unit 143 are the same as those of the above-described conversion unit 133 and thus will not be discussed further in detail. It should be noted, however, that the key signal 151D input to the selection unit 143 corresponds to the key signal 151E, e.g., one of the key signals 151a through 151f shown in
The operations of the encryption apparatus 113 and decryption apparatus 117 in the encryption and decryption system 101 will now be explained.
The first to be described in reference to the flowchart of
In step S11, the conversion unit 131 checks to determine whether AV data is input from the image output apparatus 111.
If no AV data is found input from the image output apparatus 111 in step S11, then step S11 is repeated. For example, step S11 is repeated until the image output apparatus 11 outputs AV data which is then found to be input to the encryption apparatus 113.
If in step S11 AV data is found input from the image output apparatus 111, step S12 is reached. In step S12, the conversion unit 131 encrypts the input AV data by use of the AES and sends the encrypted AV data to the selection unit 133.
In step S13, the delay unit 132 delays the AV data coming from the image output apparatus 111 in such a manner as to ensure synchronism with the encrypted AV data being output by the conversion unit 131, and feeds the delayed unencrypted AV data to the selection unit 133.
In step S14, the selection unit 133 selects either the encrypted AV data coming from the conversion unit 131 or the unencrypted AV data from the delay unit 132 on the basis of the key signal 151E that has been input, the encrypted and the unencrypted AV data being admitted synchronously. More specifically, if the key signal 151a (in
In step S15, the selection unit 133 sends the partially encrypted AV data formed by the encrypted and the unencrypted AV data following the selection to the decryption apparatus 117 over the networks 114 and 116.
In step S16, the conversion unit 131 checks to determine whether the AV data input from the image output apparatus 111 is terminated.
If in step S16 the input AV data is not found to be terminated, then step S12 is reached again and steps S12 through S16 are repeated. That is, steps S12 through S16 are repeated until the AV data input from the image output apparatus 111 is found terminated in step S16.
If in step S16 the AV data coming from the image output apparatus 111 is found to have ended, then the encryption apparatus 113 terminates its partial encryption process; there is no more AV data out of the image output apparatus 111 that needs to be partially encrypted.
As described, the encryption apparatus 113 partially encrypts the AV data coming from the image output apparatus 111 and outputs the partially encrypted AV data.
When the AV data from the image output apparatus 111 is encrypted using the key signal 151a as in the above example, the repeater site monitor 115 illustratively displays on its screen a band-like color bar such as one shown in the right-hand side picture of
Described next in reference to the flowchart of
In step S31, the conversion unit 141 checks to determine whether partially encrypted AV data is input from the encryption unit 113 by way of the networks 114 and 116.
If in step S31 no partially encrypted AV data is found input from the encryption unit 113, then step S31 is reached again and the check is repeated. Illustratively, step S31 is repeated until the encryption apparatus 113 outputs partially encrypted AV data to the decryption apparatus 117 which thereupon determines that the partially encrypted AV data has indeed been input.
If in step S31 partially encrypted AV data is found input from the encryption apparatus 113, then step S32 is reached. In step S32, the conversion unit 141 decrypts the partially encrypted AV data using the AES and sends the decrypted AV data to the selection unit 143.
In step S33, the delay unit 142 delays the partially encrypted AV data coming from the encryption apparatus 113 in such a manner as to ensure synchronism with the decrypted AV data output from the conversion unit 141, and supplies the delayed undecrypted AV data to the selection unit 143.
In step S34, the selection unit 143 selects either the decrypted AV data coming from the conversion unit 141 or the undecrypted AV data from the delay unit 142 on the basis of the key signal 151D that has been input, the decrypted and the undecrypted AV data been admitted synchronously. More specifically, if the key signal 151a (in
In step S35, the selection unit 143 sends the partially decrypted AV data formed by the decrypted and the undecrypted AV data following the selection to the reception site monitor 118.
In step S36, the conversion unit 141 checks to determine whether the partially encrypted AV data input from the encryption apparatus 113 is terminated.
If in step S36 the partially encrypted AV data coming from the encryption apparatus 113 is not found to be terminated, then step S32 is reached again and steps S32 through S36 are repeated. That is, steps S32 through S36 are repeated until the partially encrypted AV data input from the encryption apparatus 113 is found terminated in step S36.
If in step S36 the partially encrypted AV data coming from the encryption apparatus 113 is found to have ended, then the decryption apparatus 117 terminates its partial decryption process; there is no more partially encrypted AV data out of the encryption apparatus 113 that needs to be partially decrypted.
As described, the decryption apparatus 117 partially decrypts the partially encrypted AV data coming from the encryption apparatus 113 and outputs the partially decrypted AV data.
In the above example, the encryption apparatus 113 was shown to encrypt AV data from the image output apparatus 111 using the key signal 151a, and the decryption apparatus 117 was shown to decrypt the partially encrypted AV data from the encryption apparatus 113 using the same key signal 151a. As a result, the reception site monitor 118 illustratively displays an entire color bar all over its screen as indicated in the left-hand side picture of
The encryption and decryption system 101 thus encrypts and decrypts only those image areas of the baseband digital video signal which are designated by the key signal 151. This enables the repeater site monitor 115 without the decryption key to display part of the unencrypted image on its screen.
When an image that is partially disclosed so that its outline can be recognizable is used as a specimen prior to full-fledged distribution, the partially encrypted part may later be decrypted by use of a subsequently distributed decryption key and the key signal 151. Where an HD-SDI signal is partially encrypted to maintain its confidentiality, it is possible to keep in balance the confidentiality of the image based on that HD-SDI signal and the tolerable degree of its disclosure, as opposed to the case where the entire image is encrypted just to ensure confidentiality.
The series of steps and processes described above may be executed either by hardware or by software. For the software-based processing to take place, the programs constituting the software may be either incorporated beforehand in dedicated hardware of a computer for program execution or installed upon use into a general-purpose personal computer or like equipment capable of executing diverse functions based on the installed programs.
The CPU 311 is also connected with an input/output interface 315 via the bus 314. The input/output interface 315 is connected with an input device 316 made of microphones and with an output device 317 composed of a display and speakers. In operation, the CPU 311 carries out diverse processes in response to commands that are input through the input device 316. The result of the processing is output from the CPU 311 to the output device 317.
The recording device 318 connected to the input/output interface 315 is illustratively constituted by a hard disk drive that records the programs and data performed and operated on by the CPU 311. A communication device 319 communicates with external equipment via the network such as the Internet or a local area network.
Alternatively, programs may be acquired through the communication device 319 and recorded to the recording device 318.
A drive 320 connected to the input/output interface 315 is loaded with removable media 321 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory. When thus loaded with any of these removable media 321, the drive 321 drives the loaded medium and retrieves programs or data therefrom. The programs and data thus acquired are transferred as necessary to the recording device 318 for storage.
As shown in
In this specification, the steps stored on the program recording medium represent not only the processes that are to be carried out in the depicted sequence (i.e., on a time series basis) but also processes that may be performed parallelly or individually and not chronologically.
In this specification, the term “system” refers to an entire configuration made up of a plurality of component devices.
It should be understood by those skilled in the art that various modifications, combinations, sub-combinations, and alterations may occur depending on design requirements and other factor in so far as they are within the scope of the appended claims or the equivalents thereof.
Number | Date | Country | Kind |
---|---|---|---|
2006-127662 | May 2006 | JP | national |