DATA ENCRYPTIONThe present invention relates to encryption and/or decryption of transmitted data and in particular to transmitted audio and/or video data.
Whenever audio/video data is transmitted from a transmitting station to a receiving station, there is the risk that third parties may also receive the data, and, in the case of data subject to copyright protection, they can prevent copyright owners receiving appropriate renumeration.
In the case of such transmission occurring on the Internet, large numbers of people could receive, and therefore benefit from, such data transmission without paying appropriate royalties. To overcome this problem, it has been proposed to encrypt certain parts of the transmitted data with the aim of enabling reception only by authorised receivers, who are provided with means for decrypting the data.
A preferred format for audio data transmission on theInternet is MPEG, as described in ISO IEC 11172-1,2,3,4,5.
This format uses a data compression technique to enable large amounts of data to be transmitted for a given bandwidth. Such data is transmitted in data files termed "bitstreams" having four separate sections, namely: (1) a header section containing synchronization and stereo/mono state data; (2) an error check data section containing information regarding error detection; (3) an audio data section containing the audio data which may be subject to copyright protection; and (4) an ancillary data section.
It has been suggested that such data files ouija be protected against unauthorised reception and redistribution by encrypting the ancillary data section. However, it is feasible for a user to receive such a data file, remove the header and ancillary data sections and to replace them, thereby circumventing the encryption.
Conventional encryption methods are based on an algorithmic transformation of a group of data bits. Such a process is, however, time-consuming, and this is the reason why the audio/video data is not generally encoded.
It would therefore be desirable to provide a method of encryption and/or decryption which overcomes, or at least mitigates, this problem.
In accordance with a first aspect of the present invention there is provided a method of encrypting data in the form of a first sequence of bits into a second sequence of bits, the method comprising individually transforming each bit of said first sequence into a corresponding bit of said second sequence in dependence on an encryption key.
The method extends to a data transmission method incorporating such an encryption method.
In accordance with a further aspect of the present invention there is provided data decryption apparatus comprising means for receiving a sequence of bits representing encrypted data, means for individually transforming each bit of the sequence into a corresponding bit of a further sequence in dependence on an encryption key.
A preferred embodiment of the present invention will now be described with reference to the accompanying drawing which illustrates a transmission system incorporating data encryption and decryption of the preferred embodiment.
A server stores identity codes UN1, UN2, UN3 ... for all authorised users USER 1, USER 2, USER 3 ... of the system.
The server also stores audio and/or video data X, Y which may be requested by one or more of the users. When a user, e.g. USER 1, requests transmission of audio data X, it transmits to the server its unique identity code UN1, together with a request for audio data X. The server then encrypts a data file X including audio data X using the identity code UN1 as the encryption key and transmits the encrypted data file to USER 1. USER 1 then decrypts the encrypted data using the encryption key UN1 to regenerate the original data file X including the audio data X. Whilst it is possible for other users to receive this data, they will not be able to decrypt it, because their respective decryption keys UN2, UN3 ... are different from UN1.
The method of encryption is as follows. Each data bit within the data file X is logically combined as an exclusiveOR (XOR) function with a corresponding bit from a bit sequence constituting the user identity code, e.g. UN1. An exclusive OR function is a logical combination having the value 0 if both data bits A and B are the same and the value 1 if they are different:A B A XOR B0 0 00 1 11 0 1 1 1 01 1 0 For example, if the audio data X comprises the bit sequence 1001110 ... and the user identity code UN1 comprises the bit sequence 0001101 ..., then the resulting combination would be 1000011When the user receives the encrypted data, a corresponding decryption method is used, again using an exclusive OR function. Such a function has the property that if the exclusive OR combination C, of two bits A and B is itself combined with one of the two bits, e.g. A, the other bit B is generated: A B A XOR B=C C A C XOR A = BA B A XOR B=C C A C XOR A = B 0 0 0 0 0 0 0O O O O O O o 0 1 1 1 0 1 1 1 0 1 1 1 0 0 1 1 0 0 1 1 1 1 1 0 0 1 1 1 Thus, in the above example, when the resulting XOR combination is recombined with the user identity code UN1, the original data file X is retrieved, as follows: Data file X (A) 1001110 ...
Data file X (A) 1001110 ...
User identity code UN1 (B) 0001101XOR combination of A and B (C) 1000011 ...
User identity code UN1 (B) 0001101 ...
XOR combination of B and C 1001110 = Data file X = Data file X The user identity code is typically 32 or 64 bits long, and when the last bit of the code has been used the sequence is repeated until all the audio data has been encrypted.
Initially, a user is registered by supplying credit/debit card details to the server, and, once suitable bank checks have been made, the server generates a unique user identity code which is stored in a user's module. When a user requires a data transmission, the user identity code is read from the module and transmitted, along with the data request, to the server. It will be appreciated that the above-described preferred embodiment of the present invention provides a secure method of transmitting data from a server of a user thus preventing unauthorised reception of copyright-protected data. Various modifications of the preferred embodiment may be made without departing from the scope of the invention, which is defined by the following claims.