In this decision, the European Patent Office did not grant a patent on a method of encrypting/decrypting audio data without adding substantial latency to the audio processing. Here are the practical takeaways of the decision T 2327/17 (Authenticated encryption of audio data/BOSCH) of 21.2.2020 of Technical Board of Appeal 3.5.05:

Key takeaways

Increasing the cryptographic security of an audio data stream is a technical problem.

The invention

This European patent application generally relates to the encryption and decryption of audio data. According to the background explained in the application, digital audio is typically generated on a certain audio sample frequency, and it is common to collect a larger block of data and protect this data block via encryption. After encryption, the data is processed for the second time to add authenticity (integrity) protection, which is essential for avoiding unauthorized manipulation of data.

However, in scenarios such as live music systems, ultra low latency is required to avoid losing the rhythm for the musician. Since any processing, e.g. analog digital conversion, audio processing, transmission of data, will add latency to the audio data, it is important that encryption and decryption latency are as low as possible, e.g. < 0,05 ms.

Fig. 1 of EP 2 553 862
Fig. 1 of EP 2 553 862

Here is how the invention is defined in claim 1:

  • Claim 1 (main request)

Is it technical?

The board of appeal started its assessment from a prior art document which already disclosed the use of AES in Cipher feedback mode to encrypt/decrypt audio data. The board also took it as common general knowledge that in an encryption/decryption scheme in cipher feedback mode, the need for additional synchronisation is removed and that without knowing an initialisation vector from the encryption it takes the number of bits from a cipher-block before the correct data can be decrypted.

Claim 1 therefore differed from the closest prior art in that it comprises the further step of detecting whether a CMAC authenticity check is successful from a single audio sample and that the method is performed on a sample by sample basis with a latency less than 1 mys.

First of all, it was questionable whether the feature “with a latency less than 1 mys” in claim 1 was clear, or amounted merely to a result to be achieved:

With respect to the feature “with a latency less than 1 mys”, the appellant argued that this feature was implied by the choice of a length of 24 bits for the audio sample which resulted in a CMAC authenticity check in less than 1 mys. The length of an audio sample being however not defined in claim 1, the board agrees with the decision under appeal (see point 7.2.8) that defining that the latency is less than 1 mys amounts to merely define a result to be achieved.

Secondly, also the feature “the method is performed on a sample by sample basis” had been objected as vague and unclear in the first instance decision. Here is what the board said:

In respect of interpretation of the vague and broad feature “the method is performed on a sample by sample basis”, the appellant argued that it should be interpreted as meaning that not only the CMAC authenticity check but also the AES decryption in Cipher feedback mode were performed on a sample by sample basis. In its view, obtaining a plain 24-bits audio sample, as shown by reference sign 126 in Figure 2 and described on page 5, lines 22 to 24, was an evidence that the decryption was performed on a sample by sample basis. However, the board notes that the decryption of a 24-bits audio sample at stage n + 1 depends on the decryption of the previous sample at stage n, as shown in Figure 2 and as implied by the use of a Cipher feedback mode. The board thus agrees with the decision under appeal (see point 7) that the decryption in AES Cipher feedback mode cannot be interpreted as being performed on a sample by sample basis so that the feature “the method is performed on a sample by sample basis” has to be interpreted as applying CMAC authenticity check on a sample by sample basis.

Turning to inventive step, the board first identified the effect achieved by the features that distinguished the invention from the prior art:

The technical effect of the above-mentioned distinguishing features is that invalid audio samples are detected without having to wait for the large number of audio samples, such as the whole audio data, to be received and decrypted. The objective technical problem can thus be formulated as how to increase the cryptographic security of the audio data stream.

The question was thus whether it was obvious to come up with the invention as claimed to solve the objective technical problem:

The person skilled in cryptography, trying to improve the reliability of a received encrypted audio stream, would obviously consider to use an authentication scheme to add security to the encryption scheme. The skilled person would consider D7 which discloses to split a Voice over IP stream, i.e. an audio stream, into short packets, or chunks, to encrypt them using a conventional encryption scheme, to accompany each chunk with a Message Authentication Code MAC, and to compare the transmitted MAC with a recalculated MAC at reception (see the paragraph bridging pages 274 and 275). It was moreover well known at the priority date of the present application to use block-cipher-based MAC, i.e. CMAC, as MAC. By applying the teaching of D7 to the disclosure of D5 the skilled person would thus arrive at the subject-matter of claim 1 without the exercise of inventive skills.

Therefore, claim 1 was found to lack an inventive step, and the appeal was dismissed.

More information

You can read the whole decision here: T 2327/17 (Authenticated encryption of audio data/BOSCH) of 21.2.2020

Stay in the loop

Never miss a beat by subscribing to the email newsletter. Please see our Privacy Policy.

Privacy policy *
* = Required field

Please share this article if you enjoyed it!